ＨｉｄｅＺｅｒｏＯｎｅ

This skill will teach you a basic understanding and applicability of Zero Trust Architecture (ZTA). The intention of this skill is to help you understand the foundational concepts of Zero Trust Architecture (ZTA), when and how to employ it, as well as understanding the resource implications and related decisions that need to be made. We also cover determining the deployment scenarios and use cases for ZTA, as well as migrating to and maturing associated programs.

Syllabus

Zero Trust Architecture (ZTA): Getting Started

Zero Trust Architecture (ZTA): Strategize and Establish

Zero Trust Architecture (ZTA): Use Case Identification and Implementation

Zero Trust Architecture (ZTA): Migration, Review and Maturation

Pluralsight: Zero Trust Architecture (ZTA)

Syllabus

Getting Started with Nmap 7

Testing Security Controls and Detecting Vulnerabilities with Nmap 7

Maximizing Nmap 7 for Security Auditing

Scanning for Vulnerabilities with Nmap 7 Scripting Engine (NSE)

Pluralsight: Information Security Testing and Auditing with Nmap

NIST defines an Intrusion Detection System (IDS) as software that looks for suspicious activity and alerts administrators. In the NIST Special Publication 800-62 it goes on to say that it is a security service that monitors and analyzes network or system events for the purpose of finding, and providing real-time or near real-time warning of, attempts to access system resources in an unauthorized manner. NIST Special Publication 800-161 states that an Intrusion Prevention System (IPS) is software that has all the capabilities of an intrusion detection system and can also attempt to stop possible incidents. Such systems are key in enterprise network security monitoring. This skills path is designed for anyone looking to learn and utilize the most popular open source IDS/IPS tools; Snort, Suricata and Zeek (formally Bro). The learner can study the tool that best fits their needs and environment or review all three. For each tool you will gain an understanding of the fundamentals of each tool in the getting started courses. You’ll then discover scripting and rule sets, before looking at extensions, frameworks and integrations. The final course will be utilizing the tools in an enterprise environment or for distributed operations. 

Syllabus

1. Enterprise Security Monitoring with Snort
2. Enterprise Security Monitoring with Suricata
3. Enterprise Security Monitoring with Zeek (formerly Bro)

Pluralsight: Enterprise Security Monitoring with Open Source Network IDS & IPS

Regular expressions are universally embedded in the world of information technology. They are a part of many programming languages, databases, search engines, and command-line tools. As an information security professional, you are continuously analyzing textual data for indicators of compromise, juicy data morsels to exfiltrate, forensic artifacts, supporting evidence in threat hunting, and so much more. Familiarity with regular expressions is a skill, a very life-enhancing essence if you like, to take your information security analysis capabilities from “just ok” to “wizard level.” They are applicable in so many places that you really cannot afford to not have this knowledge.Join me for a four-hour session that takes you on a journey through regular expression POSIX, BRE, ERE, and PCRE syntax and explores various tools that you probably use daily through the lens of regular expressions. Your life will be forever changed when you can apply the power of regular expressions to your professional duties.

Antisyphon: Regular Expressions, Your New Lifestyle w/ Joff Thyer

MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. With the addition of MITRE Shield, you now have a 360 degree view of attack scenarios and the data and capabilities needed to stop them.

Syllabus

Introduction
Network Analysis
OS Analysis
Infrastructure Analysis
File Analysis
Application Analysis
Incident Management
Threat Intelligence

Pluralsight: Blue Team Tools

The Windows system-level APIs provides a rich infrastructure for building Windows applications, whether client, server, and anything in between. This course guides the learner through the intricacies of the Windows API, while getting a deeper understanding of Windows mechanisms. The course deals with the most important parts of the Windows OS, such as processes, threads, memory management, I/O, services, security and more. Lab exercises help put the theoretical material into practical use.

Syllabus

Foundations

Objects and Handles

Processes

Jobs

Threads

Thread Synchronization

File and Device I/O

Memory Management

Dynamic Link Libraries

Security

Windowing

ScorpioSoftware: Windows System Programming