Skip to main

Woburn, MA – May 19, 2022 — According to a Kaspersky survey conducted among senior non-IT management and business owners, 77% of firms in the U.S. can’t handle a ransomware attack alone or with the help of regular IT service providers despite 75% of respondents agreeing there is a high possibility of these attacks on their organization. To offer in-house cybersecurity teams and InfoSec professionals an opportunity to expand their analytical skills in the incident response domain, Kaspersky has designed a new Windows Incident Response training course.

Over recent years the lack of skilled technical staff who can detect and respond to complex incidents, along with a lack of visibility across infrastructure and consistent management, have been the biggest challenges for businesses in dealing with complicated cyber threats.

Research shows it is likely that companies who have never experienced a ransomware attack overestimate the skills of their regular security providers and in-house IT teams. The statistics show that organizations that have previously been exposed to such threats rely less on their existing resources.

For companies looking to improve the expertise of their in-house digital forensics and incident response teams, as well as for IT security practitioners looking to upgrade relevant skills, Kaspersky has expanded its online expert training portfolio. The Windows Incident Response training was developed by experts from the company’s Global Emergency Response Team (GERT) with more than 12 years’ experience in the field.

During the course, which is heavily focused on practical skills, Ayman Shaaban, digital forensics and incident response manager and Kai Schuricht, senior incident response specialist, take students through incident detection using the example of a real-life REvil ransomware case.

By the end of the course, IT security practitioners will know how to identify and respond to a cyber-incident and will be able to differentiate APTs from other threats. In addition, they will also be able to study various attack techniques including a targeted attack anatomy through the Cyber Kill Chain. Participants will master evidence acquisition, all phases of incident detection, log file analysis, network analysis and the creation of IoCs, and also get introduced to memory forensics.

Students will be granted access to a simulated virtual working environment with all the necessary tools, including ELK stack, PowerShell, Suricata, YARA, and more to practice IR techniques.

Incident Response capabilities require specialized skills to verify and handle threats in a timely manner, as well as to minimize the damage from an incident,” said Kai Schuricht, senior incident response specialist at Kaspersky. “Since no one is immune to a cyberattack, and it becomes increasingly more difficult to prevent a security perimeter penetration, remediation and the knowledge and experience of how to respond are more in demand than ever before.”

Responding to complex incidents and uncovering attack steps is a huge challenge for InfoSec experts,” adds Ayman Shaaban, Digital Forensic and Incident Response Manager at Kaspersky. “Within this new course we’ve concentrated GERT knowledge gained from handling security incidents for Kaspersky customers around the globe. Our aim is not only to provide extensive theory around the subject, but to provide real applied skills through end-to-end ransomware case investigation.”

The self-guided training course includes 40 video lessons and 100 hours of virtual lab time for hands-on learning. The estimated training duration is 15 hours, but participants will have six months of access to the platform to finish the training.

More information about the Windows Incident Response course is available via this link.

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at

Media Contact:

Cassandra Faro



Kaspersky launches online Incident Response training course to improve skills for responding to cyberattacks

Kaspersky Logo