دسته: دوره ها

SEC450 provides students with technical knowledge and key concepts essential for security operation center (SOC) analysts and new cyber defense team members. By providing a detailed explanation of the mission and mindset of a modern cyber defense operation, this course will jumpstart and empower those on their way to becoming the next generation of blue team members.

Syllabus

SEC450.1: Security Operations Teams, Tools, And Mission Overview
SEC450.2: Network Traffic Analysis
SEC450.3: Endpoint Defense, Security Logging, and Malware Identification Overview
SEC450.4: Efficient Alert Triage and Email Analysis
SEC450.5: Continuous Improvement, Analytics, and Automation
SEC450.6: Capstone: Defend the Flag

SEC450: Blue Team Fundamentals: Security Operations and Analysis

ادامه مطلب

FOR710: Reverse-Engineering Malware – Advanced Code Analysis prepares malware specialists to dissect sophisticated Windows executables, such as those that dominate the headlines and preoccupy incident response teams across the globe. This course not only includes the necessary background and instructor-led walk throughs, but also provides students with numerous opportunities to tackle real-world reverse engineering scenarios during class.

Syllabus

FOR710.1: Code Deobfuscation and Execution
FOR710.2: Encryption in Malware
FOR710.3: Automating Malware Analysis
FOR710.4: Automating Malware Analysis (Continued)
FOR710.5: Advanced Malware Analysis Tournament (Extended Access)
ادامه مطلب

Learn to turn malware inside out! This popular course explores malware analysis tools and techniques in depth. FOR610 training has helped forensic investigators, incident responders, security engineers, and IT administrators acquire the practical skills to examine malicious programs that target and infect Windows systems.

Syllabus

FOR610.1: Malware Analysis Fundamentals
FOR610.2: Reversing Malicious Code
FOR610.3: Analyzing Malicious Documents and Scripts
FOR610.4: In-Depth Malware Analysis
FOR610.5: Examining Self-Defending Malware
FOR610.6: Malware Analysis Tournament

FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques

ادامه مطلب

Cyber threat intelligence represents a force multiplier for organizations looking to update their response and detection programs to deal with increasingly sophisticated advanced persistent threats. Malware is an adversary’s tool but the real threat is the human one, and cyber threat intelligence focuses on countering those flexible and persistent human threats with empowered and trained human defenders. During a targeted attack, an organization needs a top-notch and cutting-edge threat hunting or incident response team armed with the threat intelligence necessary to understand how adversaries operate and to counter the threat. FOR578: Cyber Threat Intelligence will train you and your team in the tactical, operational, and strategic level cyber threat intelligence skills and tradecraft required to make security teams better, threat hunting more accurate, incident response more effective, and organizations more aware of the evolving threat landscape.

Syllabus

FOR578.1: Cyber Threat Intelligence and Requirements
FOR578.2: The Fundamental Skillset: Intrusion Analysis
FOR578.3: Collection Sources
FOR578.4: Analysis and Production of Intelligence
FOR578.5: Dissemination and Attribution
FOR578.6: Capstone

FOR578: Cyber Threat Intelligence

ادامه مطلب


CyberChef for Security Analysts will teach you how to use CyberChef to perform common data manipulation, transformation, deobfuscation, and extraction techniques using real security data*. This isn’t just a simple tutorial, you’ll work through diverse exercises using real-world security data to build a toolkit of techniques.Simply put, CyberChef for Security Analysts is an example-driven master class on dealing with the most common types of data you’ll encounter in common blue team roles like SOC analysts, malware reverse engineering, forensic investigations, threat hunting, and threat intelligence.

Syllabus

  • CyberChef Basics
  • Character Encoding and Encryption
  • Data Formatting, Parsing, and other Manipulation
  • Defeating Malware Obfuscation
  • Log File and Forensic Analysis Techniques
  • Image Manipulation
  • HTTP Requests and JSON Data

CyberChef for Security Analysts

ادامه مطلب

Whether you handle an intrusion incident, data theft case, employee misuse scenario, or are engaged in proactive adversary discovery, the network often provides an unparalleled view of the incident. SANS FOR572 covers the tools, technology, and processes required to integrate network evidence sources into your investigations to provide better findings, and to get the job done faster.

Syllabus

FOR572.1: Off the Disk and Onto the Wire
FOR572.2: Core Protocols & Log Aggregation/Analysis
FOR572.3: NetFlow and File Access Protocols
FOR572.4: Commercial Tools, Wireless, and Full-Packet Hunting
FOR572.5: Encryption, Protocol Reversing, OPSEC, and Intel
FOR572.6: Network Forensics Capstone Challenge

FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response

ادامه مطلب