ＨｉｄｅＺｅｒｏＯｎｅ

FOR608: Enterprise-Class Incident Response & Threat Hunting focuses on identifying and responding to incidents too large to focus on individual machines. By using example tools built to operate at enterprise-class scale, students learn the techniques to collect focused data for incident response and threat hunting, and dig into analysis methodologies to learn multiple approaches to understand attacker movement and activity across hosts of varying functions and operating systems by using an array of analysis techniques.

FOR608.1: Proactive Detection and Response
FOR608.2: Scaling Response and Analysis
FOR608.3: Modern Attacks against Windows and Linux DFIR
FOR608.4: Analyzing macOS and Docker Containers
FOR608.5: Cloud Attacks and Response
FOR608.6: Capstone: Enterprise-Class IR Challenge

FOR608: Enterprise-Class Incident Response & Threat Hunting

SEC642 will teach you the advanced skills and techniques required to test modern web applications and next-generation technologies. In this course, you will learn through a combination of lectures, real-world experiences, and hands-on exercises that will teach you the techniques to test the security of tried-and-true internal enterprise web technologies, as well as cutting-edge Internet-facing applications. On the final day of the course, you will apply the knowledge you have acquired in a Capture-the-Flag competition, a fun environment based on real-world technologies.

Syllabus

SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques

SEC564 will provide students with the skills to plan and manage Red Team Exercises. Students will understand the tactics, techniques, and procedures (TTPs) used by the adversary to create an adversary emulation plan leveraging MITRE ATT&CK (Adversary Tactics, Techniques, and Common Knowledge). Students will emulate an adversary

Syllabus

 SEC564: Red Team Operations and Threat Emulation

SEC460 will help you build your technical vulnerability assessment skills and techniques using time-tested, practical approaches to ensure true value across the enterprise. Throughout the course you will use real industry-standard security tools for vulnerability assessment, management, and mitigation; learn a holistic vulnerability assessment methodology while focusing on challenges faced in a large enterprise; and practice on a full-scale enterprise range chock-full of target machines representative of an enterprise environment, leveraging production-ready tools and a proven testing methodology. SEC460 takes you beyond the checklist and gives you a tour of attackers’ perspectives that is crucial to discovering where they will strike.

Syllabus

SEC460.1: Vulnerability Management and Assessment

SEC460.2: Network and Cloud Asset Discovery and Classification

SEC460.3: Enterprise and Cloud Vulnerability Scanning

SEC460.4: Vulnerability Validation, Triage, and Mass Data Management

SEC460.5: Remediation and Reporting

SEC460.6: Vulnerability Assessment Hands-on Challenge

SEC460: Enterprise and Cloud | Threat and Vulnerability Assessment

SEC583 is a one-day, lab-heavy course designed to teach the powerful skill of how to craft and manipulate packets through the use of many hands-on activities. This skill can be used to test policies, behaviors, and configurations and will also provide deeper understanding of TCP/IP and application protocols.

Syllabus

SEC583.1: Crafting packets

SEC583: Crafting Packets