Including Crash and Hang Analysis Audit, Training and Seminars

Learn how to navigate through memory dump space and Windows data structures to troubleshoot and debug complex software incidents. We use a unique and innovative pattern-driven analysis approach to speed up the learning curve. The training consists of practical step-by-step exercises using WinDbg to diagnose structural and behavioral patterns in 64-bit kernel and complete memory dumps. Additional topics include memory search, kernel linked list navigation, practical WinDbg scripting, registry, system variables and objects, device drivers and I/O.

Public preview (selected slides) of the previous training

If you are registered you are allowed to optionally submit your memory dumps before the training. This will allow us in addition to the carefully constructed problems tailor extra examples to the needs of the attendees. The training consists of 2 two-hour sessions and additional homework exercises. When you finish the training you additionally get: A full transcript in PDF format (retail price $200) 5 volumes of Memory Dump Analysis Anthology in PDF format (retail price $100) A personalized attendance certificate with unique CID (PDF format) Free Dump Analysis World Network membership including updates to full PDF transcript Q&A section Prerequisites: Basic and intermediate level Windows memory dump analysis: ability to list processors, processes, threads, modules, apply symbols, walk through stack traces and raw stack data, diagnose patterns such as heap corruption, CPU spike, memory and handle leaks, access violation, stack overflow, critical section and resource wait chains and deadlocks. If you don't feel comfortable with prerequisites then Accelerated Windows Memory Dump Analysis training is recommended to take (or purchase a corresponding book) before attending this course. Audience: Software developers, software technical support and escalation engineers. Session 1: July 20, 2012 4:00 PM - 6:00 PM BST Session 2: July 23, 2012 4:00 PM - 6:00 PM BST Price: 210 USD

Space is limited.
Reserve your remote training seat now at:
https://student.gototraining.com/r/9202117719453636096

If scheduled dates or time are not suitable for you we offer the same training in a book format.

Note: 40% discount is available for those who previously booked Accelerated Windows or .NET Memory Dump Analysis training or purchased one of their books. Please use the contact form if you would like to register for the training with a discount.

Learn how to analyze application, service and system crashes and freezes, navigate through memory dump space and diagnose heap corruption, memory leaks, CPU spikes, blocked threads, deadlocks, wait chains, and much more. We use a unique and innovative pattern-driven analysis approach to speed up the learning curve. The training consists of more than 20 practical step-by-step exercises using WinDbg highlighting more than 50 patterns diagnosed in 32-bit and 64-bit process, kernel and complete memory dumps.

Public preview (selected slides) of the previous training

If you are registered you are allowed to optionally submit your memory dumps before the training. This will allow us in addition to the carefully constructed problems tailor extra examples to the needs of the attendees. The training consists of 4 two-hour sessions (2 hours every day). When you finish the training you additionally get: A full transcript in PDF format (retail price $200) 5 volumes of Memory Dump Analysis Anthology in PDF format (retail price $100) A personalized attendance certificate with unique CID (PDF format) Free Dump Analysis World Network membership including updates to full PDF transcript Q&A section Prerequisites: Basic Windows troubleshooting Audience: Software technical support and escalation engineers, system administrators, software developers and quality assurance engineers. Session 1: July 11, 2012 4:00 PM - 6:00 PM BST Session 2: July 12, 2012 4:00 PM - 6:00 PM BST Session 3: July 13, 2012 4:00 PM - 6:00 PM BST Session 4: July 16, 2012 4:00 PM - 6:00 PM BST Price: 210 USD

Space is limited.
Reserve your remote training seat now at:
https://student.gototraining.com/r/517556957642208512

If scheduled dates or time are not suitable for you we offer the same training in a book format.

Training testimonials:

I would like to thank you and recommend your training. I think that the “Accelerated Windows Memory Dump Analysis” training is a pin-point, well taught training. I think it’s the leading training in the dump analysis area and I’ve enjoyed it, the books and materials are very detailed and well written and Dmitry answered all of the needed question. In addition after the training Dmitry sent a PDF with written answers and more information about the questions that were asked. I will give this training 5/5. Thank you Dmitry. --Yaniv Miron, Security Researcher, IL.Hack

If you are mainly interested in .NET memory dump analysis there is another course available:

Accelerated .NET Memory Dump Analysis

If you are mainly interested in Mac OS X core dump analysis there is another course available:

Accelerated Mac OS X Core Dump Analysis

Learn how to use different pattern categories for effective and efficient abnormal software behaviour diagnostics: the foundation of scalable and cost-effective pattern-driven software support. With examples for Windows, Mac OS X and Linux.

Date: 22nd of June, 2012 Time: 17:00 (BST) 12:00 (EST) 09:00 (PST) Duration: 60 minutes Space is limited. Reserve your Webinar seat now at: https://www3.gotomeeting.com/register/172771078

Making Software A Better World

To make this goal possible it is important to understand internal workings of operating system implementation languages such as C and C++. Effective software construction, debugging, memory dump analysis, reverse engineering and malware research are not possible without the deep knowledge of programming languages. This training is available during the 2nd half of 2012. Please indicate your earlier interest using the contact form.

We offer 3 training books in PDF format with more than 26% discount:

• Accelerated Windows Memory Dump Analysis
• Accelerated .NET Memory Dump Analysis
• Advanced Windows Memory Dump Analysis with Data Structures

The offer also includes 5 volumes of Memory Dump Analysis Anthology in PDF format and DAWN subscription.

Following last year success of memory dump analysis audit Classic and Virtuoso SLA packages we are excited to introduce monthly subscription rates based on requests from our customers. The following Performance SLA monthly subscription package is available from the 1st of March, 2012:

Price for USA/Canada customers: USD 1,500 / month (with NDA: USD 3,000 / month)
Price for EMEA customers: Euro 1,300 / month (with NDA: Euro 2,000 / month)
3 incidents per month with response time 3 working days + 1 incident per month with response time 1 working day
Minimum contract length: 3 months
Subscription is automatically renewed unless notified 30 days in advance

Discounts are possible for longer contracts. Please ask for a quote.

If there are more incidents during any month then standard one-off Performance or Virtuoso SLA rates apply (depend on incident severity level).

You can indicate your interest in this service using the contact form.

Learn how to efficiently and effectively analyze software traces and logs from complex software environments. Covered popular software logs and trace formats from Microsoft and Citrix products and tools including Event Tracing for Windows (ETW) and Citrix Common Diagnostics Format (CDF). Learn how to use pioneering and innovative pattern-driven software problem behavior analysis to troubleshoot and debug software incidents.

If you are registered you are allowed to optionally submit your software traces and logs before the training. This will allow us in addition to the carefully constructed problems tailor additional examples to the needs of the attendees. The training consists of 2 two-hour sessions and additional homework exercises. When you finish the training you additionally get: A full transcript in PDF format (retail price $200) 6 volumes of Memory Dump Analysis Anthology in PDF format (retail price $120) A personalized attendance certificate with unique CID (PDF format) Free Dump Analysis World Network membership including updates to full PDF transcript Q&A section Prerequisites: Basic Windows troubleshooting. Audience: Software technical support and escalation engineers, software maintenance engineers, system administrators. Session 1: October 12, 2012 4:00 PM - 6:00 PM BST Session 2: October 15, 2012 4:00 PM - 6:00 PM BST Price: 210 USD

Space is limited.
Reserve your remote training seat now at:
https://student.gototraining.com/r/5287623225237732608

Basic and Intermediate Memory Dump Analysis (Windows track)

This is a practical examination where you are given 2 memory dumps and you provide your analysis and a log file. The goal is to demonstrate the usage of WinDbg commands and the ability to diagnose various abnormal software behavior patterns.

The beta phase is to collect analysis and logs from program participants and make a common baseline for the final certification exam. This program was extended until December 31, 2011. Please send your participation request using the contact form on this site and provide your name and email. In response you will get further instructions and a download link to the typical exam memory dumps. If you reply with your memory analysis before January 10 then in February we provide you with an assessment of your analysis.

Thank you for your participation,
Memory Dump Analysis Services

The full transcript of Memory Dump Analysis Services Training with 7 step-by-step exercises, notes, source code of specially created modeling applications and selected Q&A. Covers 20 .NET memory dump analysis patterns plus additional unmanaged patterns.

• Title: Accelerated .NET Memory Dump Analysis: Training Course Transcript and WinDbg Practice Exercises with Notes
• Authors: Dmitry Vostokov, Memory Dump Analysis Services
• Publisher: OpenTask (November 2011)
• Language: English
• Product Dimensions: 28.0 x 21.6
• Paperback: 204 pages
• ISBN-13: 978-1908043320

Table of Contents

When you purchase the book you additionally get 5 volumes of Memory Dump Analysis Anthology in PDF format (retail price $100).

Note: 40% discount is available for those who previously booked Accelerated or Advanced Windows Memory Dump Analysis training or purchased one of their books. Please use the contact form if you would like to buy the book with a discount.