ＨｉｄｅＺｅｒｏＯｎｅ

Detection Engineering for Beginners teaches core concepts and skills to start thinking and working as a Detection Engineer!

This course will first teach the theory behind security operations and detection engineering. We’ll then start building out our home lab using VirtualBox and Elastic’s security offering. Then we’ll run through three different attack scenarios, each more complex than the one prior. We’ll make detections off of our attacks, and learn how to document our detections. Next we’ll dive more into coding and Python by writing validation scripts and learning out to interact with Elastic through their API. Wrapping everything up, we’ll host all our detections on GitHub and sync with Elastic through our own GitHub Action automations. As a cherry on top, we’ll have a final section on how to write scripts to gather important metrics and visualizations.

This course aims to equip students with all of the fundamental security operations knowledge and practical skills needed in order to achieve and excel in a T1 or T2 SOC Analyst position. By covering topics such as phishing analysis, incident response procedures, threat detection techniques, log analysis, SIEM management, and security tool utilization, students will gain the essential competencies required to effectively monitor, analyze, and respond to security incidents within a SOC environment.

Students will be able to actively engage with the course material through bite-sized video demonstrations, written materials and references, quizzes to assess comprehension, and practical exercises that simulate real-world scenarios.

EC Council Disaster Recovery Professional (EDRP) is a compressive professional course that teaches students how to develop enterprise-wide business continuity and disaster recovery plans.

It teaches professionals various methods of identifying vulnerabilities and taking countermeasures against the said vulnerabilities. The professionals will learn how to secure their data by putting policies and procedures in place, and how to recover and restore their organization’s critical data in the aftermath of a disaster.

EC-Council’s Certified Chief Information Security Officer Program has empowered information security professionals to achieve their professional goals across the globe. It is a program developed and delivered by seasoned security executives. It equips future executives with business and technical knowledge so they can succeed at the highest levels of the security industry. The Program is designed by seasoned CISOs to help train professionals in the business of security. The Certified CISO Program is a global community of security leadership focused on delivering security capabilities aligned to the business.

Many organizations deploy private registry servers in their internal/external application development/deployment environment. Unfortunately, most often, these servers are not securely deployed. In this entirely lab based course, we will look at various configurational vulnerabilities in docker registry servers. In these labs we have used common deployment architectures of a registry server and shown how an attacker can get valuable information out of images stored on the server.

Today, all enterprises, large and small depend on VoIP to provide voice communication both internally and externally to the company. Most organizations even have dedicated Voice VLANs and/or physical ports to carry VoIP traffic. Hence, it is important to understand VoIP traffic, security concerns and its encryption/decryption for network forensics and Red-Blue teaming purposes. This course does exactly that!