Including Memory Dump and Software Trace Analysis Audit, Seminars, Certification and Training

We are now distributors of Volume 1 of Memory Dump Analysis Anthology in PDF format:

Complete 6 volume set in PDF format is also available with a discount.

Software Narratology, the science of software stories, found its successful application in software diagnostics of abnormal software behavior especially in the pattern-driven and pattern-based analysis of software logs from complex systems with millions of events, thousands of threads, hundreds of processes and modules. Join this Webinar to learn about its new application to malware analysis.

Title: Malware Narratives: Applied Software Narratology Date: 25th of March, 2013 Time: 19:00 GMT Duration: 60 minutes Space is limited. Reserve your Webinar seat now at: https://www3.gotomeeting.com/register/426684222

New! The second edition now contains 42 pages of Q&A section with more than 100 questions and answers. Complete memory dump analysis exercises are updated for the latest WinDbg version from Windows 8 SDK.

The full transcript of Memory Dump Analysis Services Training with 23 step-by-step exercises, notes, source code of specially created modeling applications and selected Q&A. Covers more than 50 crash dump analysis patterns from process, kernel and complete memory dumps.

• Title: Accelerated Windows Memory Dump Analysis: Training Course Transcript and WinDbg Practice Exercises with Notes, Second Edition
• Authors: Dmitry Vostokov, Software Diagnostics Services
• Publisher: OpenTask (March 2013)
• Language: English
• Product Dimensions: 28.0 x 21.6
• Paperback: 422 pages
• ISBN-13: 978-1908043450

Table of Contents

When you purchase the PDF book you additionally get 6 volumes of Memory Dump Analysis Anthology in PDF format (retail price $120) and free Software Diagnostics Library membership with access to 200 cross-referenced patterns of memory dump analysis, their classification and more than 70 case studies.

At the beginning it was the thread.

A thread is the basic unit of execution. Most of the time memory dump analysis starts with listing all threads and searching for patterns of abnormal behavior. To help with such pattern-driven analysis we plan to include a tool called Thread Explorer in our forthcoming Software Diagnostics Workbench. The tool allows an engineer to import debugger traces and logs and visually and comparatively explore threads from different processes, services, and systems against the database of known patterns of abnormal software behavior.

Learn how to analyze application, service and system crashes and freezes, navigate through memory dump space and diagnose heap corruption, memory leaks, CPU spikes, blocked threads, deadlocks, wait chains, and much more. We use a unique and innovative pattern-driven analysis approach to speed up the learning curve. The training consists of more than 20 practical step-by-step exercises using WinDbg highlighting more than 50 patterns diagnosed in 32-bit and 64-bit process, kernel and complete memory dumps.

Public preview (selected slides) of the previous training

If you are registered you are allowed to optionally submit your memory dumps before the training. This will allow us in addition to the carefully constructed problems tailor extra examples to the needs of the attendees. The training consists of 4 two-hour sessions (2 hours every day). When you finish the training you additionally get: A full transcript in PDF format with more than 100 questions and answers (retail price $300) 6 volumes of Memory Dump Analysis Anthology in PDF format (retail price $120) A personalized attendance certificate with unique CID (PDF format) Free Software Diagnostics Library membership with access to 200 cross-referenced patterns of memory dump analysis, their classification and more than 70 case studies Prerequisites: Basic Windows troubleshooting Audience: Software technical support and escalation engineers, system administrators, security professionals, software developers and quality assurance engineers. Session 1: July 24, 2013 4:00 PM - 6:00 PM BST Session 2: July 25, 2013 4:00 PM - 6:00 PM BST Session 3: July 26, 2013 4:00 PM - 6:00 PM BST Session 4: July 29, 2013 4:00 PM - 6:00 PM BST Price: 300 USD

Space is limited.
Reserve your remote training seat now at:
https://student.gototraining.com/r/8304463239218972672

If scheduled dates or time are not suitable for you we offer the same training in a book format with $50 discount.

Training testimonials:

I would like to thank you and recommend your training. I think that the “Accelerated Windows Memory Dump Analysis” training is a pin-point, well taught training. I think it’s the leading training in the dump analysis area and I’ve enjoyed it, the books and materials are very detailed and well written and Dmitry answered all of the needed question. In addition after the training Dmitry sent a PDF with written answers and more information about the questions that were asked. I will give this training 5/5. Thank you Dmitry. --Yaniv Miron, Security Researcher, IL.Hack

If you are mainly interested in .NET memory dump analysis there is another course available:

Accelerated .NET Memory Dump Analysis

If you are mainly interested in Mac OS X core dump analysis there is another course available:

Accelerated Mac OS X Core Dump Analysis