EC10 - Forensics

From digital evidence to operational defence in real-world security environments.

Empty space, drag to resize

Start Date

... September 2026

  Credits

7.5 ECTS

  Semester

2 semester

  Delivery

Distance Learning

  Duration

13 Weeks

  Language

English

About This Course

This is a second-semester course in the MBA in Cybersecurity and Cyber Insurance Business Management
This course introduces students to digital forensics and modern Security Operations Centre practices as they are applied in real-world environments. It focuses on evidence acquisition and analysis, disk and memory forensics, incident response, SIEM operations, threat intelligence, and detection engineering. Through hands-on exercises and realistic scenarios, students learn how to investigate cyber incidents, support active defence operations, and communicate findings clearly and responsibly.
Write your awesome label here.

What You Will Learn


Digital Forensics Foundations

  • Principles of digital evidence collection and analysis
  • Disk, memory, and file system forensics
  • Role of forensics in cyber investigations


SOC Operations & Threat Detection

  • Structure and workflows of Security Operations Centers (SOC)
  • SIEM platforms and detection engineering
  • Threat intelligence frameworks such as MITRE ATT&CK


Advanced Investigation & AI in Security

  • Incident response lifecycle and threat hunting

  • AI and automation in cyber defence

  • Real-world forensic and SOC scenarios

Skills You Will Gain

Digital Forensic Investigation

  • Acquiring and analysing digital evidence
  • Performing memory and disk forensic analysis
  • Maintaining chain-of-custody and legal compliance

Detection & Threat Hunting

  • Developing detection rules (Sigma, YARA)
  • Using SIEM tools for deep investigations
  • Automating workflows with scripting and SOAR

Incident Response Leadership

  • Leading investigations and response operations
  • Coordinating with legal and law enforcement
  • Producing professional forensic reports
Empty space, drag to resize

Your 13-Week Journey

Here’s how your learning unfolds

Week 1 – Digital Forensics Foundations

Core principles of digital forensics, evidence lifecycle, and chain of custody.

Week 2 – Data Acquisition and File Analysis

Disk imaging, filesystem structures, metadata, artefacts, and hashing techniques.

Week 3 – Windows Native Artifacts I

Key Windows artefacts including Registry, Event Logs, and Prefetch files.

Week 4 – Windows Native Artifacts II

Advanced analysis of Windows artefacts such as LNK files and Jump Lists.

Week 5 – Web Browser Forensics

Analysis of Chrome and Firefox history, downloads, and user activity.

Week 6 – Advanced Forensic Domains

Forensic challenges in cloud, mobile, IoT, and emerging environments.

Week 7 – Security Operations Centre Fundamentals

SOC structure, analyst roles, workflows, and core security tooling.

Week 8 – SIEM Operations and Alert Handling

Log ingestion, alert triage, and investigation using SIEM platforms.

Week 9 – Incident Response Lifecycle

Incident handling processes and forensic triage image analysis.

Week 10 – Memory Forensics and Malware Analysis

Memory acquisition and analysis for detecting malicious activity.

Week 11 – Threat Intelligence and CTI

Threat intelligence lifecycles, platforms, and adversary profiling.

Week 12 – Threat Hunting and Detection Engineering

Hypothesis-driven hunting, ATT&CK mapping, and detection rule creation.

Week 13 – AI and SOC Automation

Applying AI and automation to alert triage, phishing detection, and SOC workflows.


Week 1 — Systems in Transition

See the world in systems.
Learn to rethink linear vs circular economies and explore planetary boundaries.

Week 2 — The Digital–Circular Nexus

Discover how tech enables sustainability.
Explore how AI, IoT, and data power circular innovation.

Week 3 — Policy as Infrastructure

Understand Europe’s circular blueprint.
Dive into the EU Green Deal, CEAP, and Digital Europe frameworks.

Week 4 — Designing for Re-entry

Design for durability, reuse, and remanufacturing.
Learn how digital twins and simulation tools extend product lifecycles.

Week 5 — Tracking Resources Through Data

Follow materials in motion.
Understand how IoT and data infrastructures create transparency in supply chains.

Week 6 — Blockchain for Accountability

Trust through transparency.
Explore blockchain’s potential for tracking, verification, and ethical assurance.

Week 7 — Learning Loops with AI

Let data drive regeneration.
See how AI and machine learning enable adaptive circular decision-making.

Week 8 — Cognitive Factories

Meet the new industrial symbiosis.
Examine how robotics and smart manufacturing create circular production systems.

Week 9 — Reverse Intelligence

Close the loop through recovery.
Explore reverse logistics, digital disassembly, and resource recovery networks.

Week 10 — Measuring Circularity

Turn data into progress.
Use metrics, KPIs, and dashboards to track circular performance.

Week 11 — Financing the Regenerative Future

Empower innovation.
Discover how deep-tech, investment, and valuation models support circular ventures.

Week 12 — Ethics and Mindsets

Lead with responsibility.
Reflect on ethics, human–machine collaboration, and the competences for circular leadership.

Week 13 — 2040 and Beyond

Imagine the future you want to build.
Learn to rethink linear vs circular economies and explore planetary boundaries.

Learn With Us

This course is co-created with academic and industry partners supporting circular innovation.
Giorgos Demetriou
Associate Dean of Research and Innovation
Giorgos Demetriou
Associate Dean of Research and Innovation
Giorgos Demetriou
Associate Dean of Research and Innovation
Giorgos Demetriou
Associate Dean of Research and Innovation
Giorgos Demetriou
Associate Dean of Research and Innovation

Co-Created for Change

Continue Your Journey