دوره SEC699: Advanced Purple Teaming – Adversary Emulation & Detection Engineering

  • SANS
  • 3,366 بازدید
  • 0 نظر

SEC699 is SANS’s advanced purple team offering, with a key focus on adversary emulation for data breach prevention and detection. Throughout this course, students will learn how real-life threat actors can be emulated in a realistic enterprise environment, including multiple AD forests. In true purple fashion, the goal of the course is to educate students on how adversarial techniques can be emulated (manual and automated) and detected (use cases / rules and anomaly-based detection). A natural follow-up to SEC599, this is an advanced SANS course offering, with 60 percent of class time spent in 29 hands-on labs!

Syllabus

SEC699.1: Introduction & Key Tools
SEC699.2: Initial Intrusion Strategies Emulation & Detection
SEC699.3: Privilege Escalation & Lateral Movement Emulation & Detection
SEC699.4: Persistence Emulation & Detection
SEC699.5: Emulation Plans (Extended Access To CTF Range)

SEC699: Advanced Purple Teaming – Adversary Emulation & Detection Engineering