Live Training and Events
This class is being taught at Wild West Hackin’ Fest – Deadwood 2026.
Virtual Ticket: $725
In-Person Ticket: $1850
2 Days · Virtual OR In-person · hosted by antisyphon training
Immerse yourself in two days of hands-on advanced Digital Forensics and Incident Response (DFIR) training built around real-world adversary tradecraft and commonly observed enterprise attack scenarios. With over 16 hours of instruction, you’ll investigate enterprise attacks end to end using the same processes, tools, and reasoning applied in active incident response engagements.
Learn how to:
* Investigate a full ransomware incident from initial access to impact
* Perform hands-on DFIR analysis using industry-standard tools
* Analyze advanced post-exploitation activity in APT-style intrusions
* Develop strong investigative reasoning and analyst confidence
All learning is delivered through hands-on labs designed to mirror real DFIR investigations, not simplified demos or theoretical walkthroughs.
By the end of the course, you will be able to confidently investigate enterprise-scale ransomware and APT intrusions, understand attacker behavior in depth, and apply high-fidelity DFIR techniques directly to your own incident response work.
Class Dates + Times:
* Tuesday, Oct. 6, 2026 | 8:30am-5pm MT
* Wednesday, Oct. 7, 2026 | 8:30am-5pm MT
December 27, 2025
9:00 AM – 4:00 PM ET
(3 days)
Enterprise discounts available for teams of 5 or more. Contact us to learn more.
3 Full Days · Virtual · Live with Blue Cape Security
This 3-day advanced workshop takes your digital forensics and incident response (DFIR) skills to the next level. Building on the core “learn” experience of our first two days, you’ll investigate enterprise-scale Ransomware incident that reflect real-world complexity — from lateral movement and credential abuse to advanced persistence and data exfiltration techniques.
The third day is dedicated entirely to an immersive, full-day hands-on lab drawn from our IR300 series. You’ll apply advanced DFIR methodologies to investigate a multi-stage intrusion, analyze attacker tradecraft, and reconstruct the full attack timeline using real evidence from compromised systems.
👉 View Workshop Syllabus & Agenda
What You’ll Learn
Participants will master advanced investigation techniques across large-scale enterprise environments, gain deeper insights into attacker tactics, techniques, and procedures (TTPs), and strengthen their ability to detect, respond to, and contain sophisticated intrusions. You’ll leave with practical experience and confidence to handle real enterprise incidents from start to finish.
9:00 AM – 4:00 PM ET (3 days)
Enrollment is now closed.
Reach out here to be notified if a seat becomes available.
$1397
(PWFA) 3-Day Bootcamp
3 Full Days · Virtual · Live with Blue Cape Security
This immersive 3-day live virtual bootcamp covers all core components of the Analyst I: Practical Windows Forensic Analyst (PWFA) training track. Participants will gain a complete, hands-on understanding of Windows forensic analysis, investigation workflows, and exam-readiness skills through focused sessions that include topics from:
Whether you’re preparing for the PWFA certification or looking to strengthen your Windows forensics expertise, this bootcamp delivers the essential knowledge and practical experience you need to confidently tackle real-world cases.
👉 View Workshop Syllabus & Agenda
What You’ll Learn
Participants will build a strong foundation in practical Windows forensics, develop a repeatable investigation process, using industry-standard tools and practice with real-world inspired Windows forensic investigation scenarios, which ultimately prepares them for the PWFA certification exam. You’ll leave ready to perform comprehensive forensic investigations — and confident in your readiness to achieve certification success.
⚠️ Note: Bootcamp registration does not include on-demand courses or the PWFA exam. To sit for the certification, enrollment in the full Analyst I track is required.
9:00 AM – 4:00 PM ET (3 days)
$1397
Coupon Code: FALL25
(PWFA) 3-Day Bootcamp
3 Full Days · Virtual · Live with Blue Cape Security
This immersive 3-day live virtual bootcamp covers all core components of the Analyst I: Practical Windows Forensic Analyst (PWFA) training track. Participants will gain a complete, hands-on understanding of Windows forensic analysis, investigation workflows, and exam-readiness skills through focused sessions that include topics from:
Whether you’re preparing for the PWFA certification or looking to strengthen your Windows forensics expertise, this bootcamp delivers the essential knowledge and practical experience you need to confidently tackle real-world cases.
👉 View Workshop Syllabus & Agenda
What You’ll Learn
Participants will build a strong foundation in practical Windows forensics, develop a repeatable investigation process, using industry-standard tools and practice with real-world inspired Windows forensic investigation scenarios, which ultimately prepares them for the PWFA certification exam. You’ll leave ready to perform comprehensive forensic investigations — and confident in your readiness to achieve certification success.
⚠️ Note: Bootcamp registration does not include on-demand courses or the PWFA exam. To sit for the certification, enrollment in the full Analyst I track is required.
Looking to train your team in a more focused setting?
Choose from our most popular offerings:
- 101 – Enterprise Security Fundamentals
- 201 – Practical Windows Forensics
- 301 – Enterprise DFIR
- 200 – Windows Forensic Investigations
- 300 – DFIR Investigations
- Ransomware Attack Simulation & Investigation
** Trainings can be combined into 4-day and 5-day trainings sessions. Discounts available for groups of 10 or more.
Want Hands-On Live Threat Hunting or Incident Response?
Includes live attack simulations, investigation challenges, and cloud-hosted lab infrastructure to our cyber defense range.
Perfect for red/blue teams, SOC analysts, or DFIR units looking for immersive, practical training.
Request a Private Workshop or Cyber Range Session
Fill out the form to schedule your workshop session. Let us know what you’re looking for, and we’ll follow up with details, pricing, and availability.
Ransomware Attack Simulation and Investigation
for Blue Teamers
Instructor: Markus Schober
As a cyber security defender and investigator, understanding ransomware attacks is crucial for effective response.
In this workshop, participants will learn how attackers operate, set up a C2 infrastructure with Empire, and execute a simulated attack, step-by-step, from initial access all the way throughout post-exploitation phases, each student in their own Active Directory enabled lab environment.
Following, we will perform a full investigation of the scenario at hand, covering log and endpoint analysis at scale as well as data collection and digital forensics concepts. For this, the tools we are going to use are Splunk, Velociraptor and several industry-established digital forensic utilities.
Upon completion of the training, participants will have a better understanding of the steps ransomware threat actors take to achieve their objectives, as well as the best practices for detecting and ultimately preventing ransomware attacks.
Upcoming dates:
October 7 – 8, 2025
Wild West Hackin’ Fest
Virtual + In-Person
@ Deadwood, South Dakota, USA
Enterprise Security Fundamentals
Selected topics from the 101 Enterprise Security Fundamentals course
2-day live training with hands-on labs
$1500 per seat
5 student minimum
16 CEU Hours
Practical Windows Forensics
Selected topics from the 201 Practical Windows Forensics course
2-day live training with hands-on labs
$1500 per seat
5 student minimum
16 CEU Hours
Enterprise
Digital Forensics and Incident Response
Selected topics from the 301 Practical Windows Forensics course
2-day live training with hands-on labs
$1500 per seat
5 student minimum
16 CEU Hours
Ransomware Attack and Investigation
Execution and analysis of a realistic Ransomware attack scenario
2-day live training with hands-on labs
$1500 per seat
5 student minimum
16 CEU Hours