ＨｉｄｅＺｅｒｏＯｎｅ

SEC201 provides students that have no or minimal prior knowledge, or those in need of a refresher, with an understanding of the architecture of modern computers and topics spanning how a CPU works, the addressing of memory and the hardware relationship with operating systems. SEC201 includes an introduction to both Windows and Linux, providing students with plenty of hands-on exercises to build their familiarity with the command line and move their knowledge beyond being a power user to actually understanding the underlying facets of a modern OS. SEC201 teaches logic, programming and scripting and introduces how each of these can lead to errors that allow security experts or cyber criminals to find faults and exploit them. SEC201 provides the perfect balance of hands-on labs and theory in order to ensure that students can study security effectively and put their hands on the keyboard, rather than just understanding theory.

Syllabus

1. Computing Fundamentals
2. Linux Fundamentals
3. Windows Fundamentals
4. Programming Fundamentals
5. Security Fundamentals

 SANS SEC201: Computing & Technology Essentials

Many publications exist documenting ways to attack Wi-Fi networks. Still, the gap between old methods that have become obsolete and the current state and outdated tools can be frustrating for someone who wants to learn or even update his knowledge in this field. This course aims to learn the modern ways of assessing the security of Wi-Fi networks and how to apply these attacks against organizations during a Red Team engagement. Indeed, during this course, we will be able to start from the very beginning by talking about old, current, and new attacks and opportunities to allow attendees to fulfill their pentest or Red Team engagements in the future based on our recent experiences.

Syllabus

Introduction

Network introspection

Attacks and risks

Completion

Hackademy: Red Team Wi-Fi

This course is geared for those interested in seeing how Security Onion is used practically to triage alerts, hunt for threats, as well as build new detections. This course consists of three case studies that briefly cover the 3 most common workflows used in Security Onion:

Case Study 1: Alert Triage & Case Creation – This case study walks through how to triage alerts within the alerts interface including escalation to TheHive.
Case Study 2: Threat Hunting – This case study focuses on threat hunting within Security Onion using the Hunt interface, targeting SSL & Sysmon logs.
Case Study 3: Detection Engineering – This case study covers ingesting Google Workspace audit logs into Security Onion and writing Sigma rules within Playbook targeting these new logs.

Practical Analysis with Security Onion 2.3

This course is geared for those wanting to understand how to build a Detection Playbook with Security Onion 2.3. Students will gain both a theoretical and practical understanding of building detections in Security Onion, reinforced with real-life examples from network and host datasources.

Syllabus

Course Welcome & Introduction to Security Onion
Security Onion Installation

tDetection Engineering
tKey Components of a Play
Operationalizing Plays with Sigma

Getting Started with Playbook
Creating New Plays

Developing Your Detection Playbook with Security Onion 2.3

This course is geared for administrators of Security Onion 2.3. Students will gain a foundational understanding of the platform – how to architect, deploy, manage and tune their Security Onion 2.3 grid.

Syllabus

Preview Course Welcome & Introduction to Security Onion

Overall Architecture
Installation – Manager Node
Installation – Search Node
Installation – Forward Node

Grid Management with Salt
Grid User Management
Grid Firewall Management
Grid Updates
Grid Hardening

Security Onion 2.3 in Production