ＨｉｄｅＺｅｒｏＯｎｅ

MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. With the addition of MITRE Shield, you now have a 360 degree view of attack scenarios and the data and capabilities needed to stop them.

Syllabus

Introduction
Network Analysis
OS Analysis
Infrastructure Analysis
File Analysis
Application Analysis
Incident Management
Threat Intelligence

Pluralsight: Blue Team Tools

The Windows system-level APIs provides a rich infrastructure for building Windows applications, whether client, server, and anything in between. This course guides the learner through the intricacies of the Windows API, while getting a deeper understanding of Windows mechanisms. The course deals with the most important parts of the Windows OS, such as processes, threads, memory management, I/O, services, security and more. Lab exercises help put the theoretical material into practical use.

Syllabus

Foundations

Objects and Handles

Processes

Jobs

Threads

Thread Synchronization

File and Device I/O

Memory Management

Dynamic Link Libraries

Security

Windowing

ScorpioSoftware: Windows System Programming

The Windows OS exposes many advanced services to system programmers through the Windows API, and to device driver writers through the Kernel API. The .NET framework wraps these services and runs on top of the Windows API and the Kernel. Good knowledge of what’s going on under the hood of the OS, which services are available and how to best utilize them helps in building better and more efficient software for Windows. Those working in the Cyber security space can greatly benefit from the course as it looks at all major Windows mechanisms. Lab exercises are used to reinforce the theoretical material.

Syllabus

System Architecture

Processes & Jobs

Threads

Memory Management

I/O System

Security

ScorpioSoftware: Windows Internals

If you are an application security enthusiast, we are sure that you must have wondered what it takes to find security issues in android apps. These android apps handles a huge amount of sensitive user data, perform critical functions and are a big part of day to day life. The security of these apps should be of utmost importance.

This course is designed to teach the skills required for testing android apps for security issues like insecure data storage, insecure communication, deep link exploitation and a lot more. The training apps are provided in the course to practice the learned skills. All the attendees will also be given access to a private slack channel to discuss about any issues, topics etc.

Syllabus

Introduction

Enciphers – Android Application Security

Designing and building an effective security operation center requires security managers and leaders to fit capabilities to both an organization’s culture and business requirements. Learn the distinct functional areas that every SOC should have. These areas allow organizations to create an architecture for the high-level components of security operations: command center; network security monitoring functionality; threat intelligence; incident response; forensic analysis; and ongoing self-assessment of the attack surface of the organization. With these functional areas in place and aligned with the business, you will be better positioned to thwart modern, motivated threats to your information assets. Content is based on the new SANS MGT517 course entitled “Managing Security Operations: Detection, Response, and Intelligence.” The course covers the design, build, and operation of security operations centers with a deep dive into managing incident response.

MGT517: Designing and Building a SOC