Incident Response
Digital Forensics Notebook Lab
Chain-of-custody habits, hash discipline, and notebook structure for analysts who touch evidence lightly.
Duration: 18 hours across three evenings
Format: Remote
Skill focus: Foundations
Listed fee: ₩720,000 (informational; no checkout on this site)
Request informationOutline
Participants work notebook-first through disk artifacts and benign network captures. The lab stresses defensible notes that external reviewers can follow without asking for a verbal appendix.
Included practices
- Notebook templates with hash and time stamp blocks
- Two guided cases with deliberate ambiguity
- Mentor markup on clarity, not “gotcha” grading
- Export tips for internal knowledge bases
- Discussion on when to escalate to dedicated forensics
Outcomes
- Produce a notebook another analyst can continue cold
- List three uncertainty statements honestly
- Decide escalation versus local handling with rationale
Lead mentor
Yuki Taneda
Threat researcher publishing quarterly pattern notes for cohorts.
Participant notes
-
“Notebook Lab changed how I write handoffs. Mentors cared about readable uncertainty, not polished conclusions.”
-
“Short course, dense feedback. I would have liked one more ambiguous artifact, but what we got was sharp.”