دسته: دوره ها

Enterprises have been working tirelessly to improve their security postures through defense-in-depth approaches. Offensive teams have also been putting in long hours of research into bypassing the latest EDR’s and defensive products that keep them on their toes. Long gone “hopefully” are the days of hurdling an HTA file laced with a download cradle at a mature organization with a “Free iPad” ruse and watching your screen fill with incoming agents. An offense-in-depth approach may be applied to offensive practitioner’s looking for success against organizations well-versed in defending a large enterprise. Today’s organizations have assets in multiple geo regions, networks, cloud services, border hosts, and many of them are tied to the internal network in some way. This course aims to help offensive practitioners successfully exercise their client environments from a multi-faceted approach using the latest TTPs blended with esoteric practices to gain the upper hand on your assessments.

Antisyphon: Enterprise Attack Initial Access w/ Steve Borosh

ادامه مطلب

SEC455 serves as an important primer to those who are unfamiliar with the architecture of an Elastic-based SIEM. Students that have taken or plan to take additional cyber defense courses may find SEC455 to be a helpful supplement to the advanced concepts they will encounter in courses such as SEC555.

Syllabus

SEC455.1: Distributed Search and Visualization
SEC455.2: Enriching and Managing Logs
ادامه مطلب

If you are worried about leading or supporting a major cyber incident, then this is the course for you. We look at all the common and major cyber incident types and explain what the key issues are and how plan a recovery. This cyber incident management training course focuses on the challenges facing leaders and incident commanders as they work to bring enterprise networks back online and get business moving again. Whilst you may have a full team of technical staff standing-by to find, understand and remove the attackers, they need information, tasking, managing, supporting, and listening to so you can maximize their utilization and effectiveness. We focus on building a team to remediate the incident, on managing that team, on distilling the critical data for briefing, and how to run that briefing. We look at communication at all levels from the hands-on team to the executives and Board, investigative journalists, and even the attackers.

Syllabus

MGT535.1: Understanding and Communicating About the Incident
MGT535.2: Scoping the Damage, Planning the Remediation, and Executing the Plan
MGT535.3: Training, Leveraging Cyber Threat Intelligence, Bug Bounties
MGT535.4: Cloud Incidents, Business Email Compromise, Credential Theft Attacks and Incident Metrics
MGT535.5: AI for Incidents, Attacker Extortion, Ransomware, and Capstone Exercise

ادامه مطلب

Security leaders need both technical knowledge and leadership skills to gain the respect of technical team members, understand what technical staff are actually doing, and appropriately plan and manage security projects and initiatives. This security managers training course will teach leaders about the key elements of any modern security program. Learn to quickly grasp critical cybersecurity issues and terminology, with a focus on security frameworks, security architecture, security engineering, computer/network security, vulnerability management, cryptography, data protection, security awareness, application security, DevSecOps, cloud security, and security operations. This is more than security training. You will learn how to lead security teams and manage programs by playing through twenty-three Cyber42 activities throughout the class, approximately 60-80 minutes daily.

Syllabus

MGT512.1: Building Your Security Program
MGT512.2: Technical Security Architecture
MGT512.3: Security Engineering
MGT512.4: Security Management & Leadership
MGT512.5: Detecting and Responding to Attacks

MGT512: Security Leadership Essentials for Managers

ادامه مطلب

FOR585 is continuously updated to keep up with the latest malware, smartphone operating systems, third-party applications, acquisition shortfalls, extraction techniques (jailbreaks and roots) and encryption. It offers the most unique and current instruction to arm you with mobile device forensic knowledge you can immediately apply to cases you’re working on the day you get back to work.

ادامه مطلب

Memory Forensics In-Depth provides the critical skills necessary for digital forensics examiners and incident responders to successfully perform live system memory triage and analyze captured memory images. The course uses the most effective freeware and opensource tools in the industry today and provides an in-depth understanding of how these tools work. FOR526 is a critical course for any serious DFIR investigator who wants to tackle advanced forensics, trusted insider, and incident response cases.

Syllabus 

FOR526.1: Foundations in Memory Analysis and Acquisition

FOR526.2: Unstructured Analysis and Process Exploration

FOR526.3: Investigating the User via Memory Artifacts

FOR526.4: Internal Memory Structures

FOR526.5: Memory Analysis on Platforms Other than Windows

FOR526.6: Memory Analysis Challenge

FOR526: Advanced Memory Forensics & Threat Detection

ادامه مطلب