FOR608: Enterprise-Class Incident Response & Threat Hunting focuses on identifying and responding to incidents too large to focus on individual machines. By using example tools built to operate at enterprise-class scale, students learn the techniques to collect focused data for incident response and threat hunting, and dig into analysis methodologies to learn multiple approaches to understand attacker movement and activity across hosts of varying functions and operating systems by using an array of analysis techniques.
FOR608.1: Proactive Detection and Response
FOR608.2: Scaling Response and Analysis
FOR608.3: Modern Attacks against Windows and Linux DFIR
FOR608.4: Analyzing macOS and Docker Containers
FOR608.5: Cloud Attacks and Response
FOR608.6: Capstone: Enterprise-Class IR Challenge