Welcome to SUMURI
Our Sumuri Team has taught thousands of government, law enforcement and corporate investigators worldwide for more than a decade! Experience how different training can be when a company is not driven by money but instead by our dedication to serve our students. We understand that investigators are being asked to do more with less and this is built into our training. We are here to support you before, during and after your training because we understand the importance of what you do.
Our Services
- Cellebrite Official Certification and Training
- Macintosh Forensic Training (MFSC)
- Official Perlustro Forensic Training
- Macintosh and iOS Device Forensics
- Cellular and Mobile Phone Forensics
- Tablet and Android Device Forensics
- Computer Forensic Consultation
- eDiscovery Forensics and Consultation
Let's get social
Macintosh Forensic Survivial Course - Level 2
New! - Each student will receive their own IPOD TOUCH for training!
As each quarter passes, Apple’s success has been nothing but amazing. In addition to desktop and mobile computers, Apple® produces a variety of unique and innovative devices and applications which can be found in just about every modern society home and business. As more and more Apple® devices enter the marketplace exponentially, the need for Macintosh Forensic Training is quite apparent. Sumuri’s five-day Macintosh Forensic Survival Course - Level 2 (MFSC-II) was designed to provide unparalleled instruction in advanced topics relating to the forensic use and analysis of Apple® hardware, technologies and applications. As in all of Sumuri’s courses, the training is designed for the participant to learn in a team work environment, and is taught by instructors who maintain a “no one left behind” attitude. In addition, complicated topics are made easy to understand through instructor led exercises and real-life scenarios— supported by a quality student manual to be utilized as a supplemental resource at the completion of the course.
TOPICS COVERED:
Advanced File System Analysis
An in-depth analysis of the Mac OS X file system beyond the basics. The participant will learn about the common formats used to store data in the Mac OS X environment, critical storage locations and how to extract that data to be included in final reports.
Advanced Spotlight
Participants will learn how to create and develop advanced searches to find evidence using Mac OS X’s incredible indexing engine known as “Spotlight.” Participants will also learn how to save these custom-built searches for future use, modify existing searches, and how to share these queries with colleagues to eliminate workflow redundancy.
Advanced Command-line Techniques
Underneath the Mac OS X designer interface and desktop beats the heart of Unix, including a terminal interface that gives a user seemingly endless power and control from the command-line. Participants will learn advanced tips and techniques using the command-line to assist in their forensic examination.
AppleScript® and Automator®
Included with Mac OS X are two applications that allow the user to develop custom applications and automate virtually any task. Participants will learn how to create their own AppleScript® and Automator® applications to simplify their forensic examination.
Virtual Machines and Mac OSX
After the switch to the Intel processor, a variety of Virtual Machine applications were developed for the Mac OS X platform allowing a user to run just about any other non- Mac OS application from the desktop. Participants will learn how to identify the use of a “VM” within Mac OS X, and the steps necessary to analyze them. In addition, the participant will learn how to use a “VM” to assist in forensic examinations from within the Mac environment.
Mac OS X Server Forensics
Participants will learn about the basics of Mac OS X server technology, including the services and the different user account and security levels. A “best practice” solution will be provided to demonstrate the proper procedures to safely acquire data from live systems, as well as responding to incidents on compromised systems. Participants will also learn about common attacks used against the Mac OS X server.
RAID and Xsan Technology
Participants will learn about Apple’s RAID and Xsan technologies and the best practices and solutions for safely recovering data.
Unique Apple Technology
In addition to computers, Apple® has created a variety of devices that utilize unique technologies. Participants will learn how to forensically acquire and analyze solid-state hard disks (found in newer MacBooks), “Time Capsule®,” “Time Machine®” hard disks and Apple TV®.
Apple Device and iOS Forensics
Forensically analyzing Apple’s iPhone®, iPod Touch® and iPad® has caused issues for many forensic examiners and investigators. Participants in this course will learn the best practices for acquiring and analyzing Apple devices that are either locked or “jailbroken”. Solutions for both methods of analysis will be provided so the that examiner can make educated decisions before acquisition or analysis.
Forensic Analysis of Apple iOS Applications
Mobile applications are the future of forensic investigations. In many countries mobile phones outnumber the population of the country and more than half of those are smartphones capable of running hundred's of thousands of applications. These applications keep track of every aspect of a user's life and even their whereabouts all in real-time! Participants will learn how to deconstruct and analyze iOS applications for items of interest and evidentiary value.
ALL STUDENTS RECEIVE:
• Course Manual
• PALADIN Acquisition & Preview Disc
• iPod Touch
Registration for upcoming training courses can be found here.
Law Enforcement, Government and Higher Education tuition is $2295.00 USD.
Corporate tuition is $2595.00 USD.