ＨｉｄｅＺｅｒｏＯｎｅ

FOR572 is an advanced course designed for cybersecurity professionals seeking to master network forensics, threat hunting, and incident response. The course focuses on deep packet analysis, intrusion detection, and uncovering adversary activity within large-scale enterprise environments. Participants will learn how to analyze network traffic, identify anomalies, and reconstruct cyber attacks using tools such as Zeek (Bro), Suricata, Wireshark, and Security Information and Event Management (SIEM) solutions.

SEC541 is an advanced course that focuses on understanding and defending against attacker techniques in cloud environments. Participants will learn how adversaries exploit misconfigurations, abuse cloud-native services, and bypass security controls across AWS, Azure, and Google Cloud. The course covers threat detection, cloud monitoring, and incident response strategies to counter real-world cloud threats.

SEC504 is a foundational course that provides a comprehensive understanding of the tools and techniques used by attackers, as well as strategies for detecting and responding to cyber incidents. The course teaches participants to think like an attacker while strengthening their defensive skills. Key topics include reconnaissance, scanning, exploitation, post-exploitation tactics, and malware analysis.

SEC401 is a comprehensive cybersecurity fundamentals course designed to equip professionals with the essential skills needed to secure networks, endpoints, and cloud environments. The course covers key security concepts, including risk management, cryptography, access controls, incident response, and security operations. Participants will learn how to identify vulnerabilities, defend against cyber threats, and implement security best practices across modern IT infrastructures.

SEC275 is an entry-level course designed to provide a fundamental understanding of computing, technology, and cybersecurity concepts. It is ideal for individuals new to cybersecurity or those looking to build a strong technical foundation. The course covers essential topics such as computer hardware and software, networking basics, operating systems, and cybersecurity principles.

It’s time to master your data. This course will teach you how to use the Elasticsearch, Logstash, and Kibana (ELK) to build your own IDS console, investigation platform, or security analysis lab. You must master your data If you want to catch bad guys and find evil. But, how can you do that? That’s where the ELK stack comes in. ELK is Elasticsearch, Logstash, and Kibana and together they provide a framework for collecting, storing, and investigating network security data. In this course, you’ll learn how to use this powerful trio to perform security analysis. This isn’t just an ELK course, it’s a course on how to use ELK specifically for incident responders, network security monitoring analysts, and other security blue teamers.

Syllabus

• Elasticsearch: How data is stored and indexed. Working with JSON documents.
• Logstash: How to collect and manipulate structured and unstructured data.
• Kibana: Techniques for searching data and building useful visualizations and dashboards.
• Beats: Use the agent to ship data from endpoints and servers to your ELK systems.
• HTTP Proxy Logs
• File-Based Logs (Unix, auth, and application logs)
• Windows Events & Sysmon Data
• NetFlow Data
• IDS Alerts
• Dealing with any CSV file you’re handed
• Parsing unstructured logs, no matter how weird they are

Applied Network Defense | ELK for Security Analysis