برچسب: Threat Hunting

Threat Modeling aims to improve security through the practice of identifying threats, attacks vulnerabilities for the purpose of defining countermeasures to prevent or mitigate loss, damage or destruction of an application, system or data.

Syllabus

Threat Modeling Fundamentals

Performing Threat Modeling with the Microsoft Threat Modeling Methodology

Performing Threat Modeling with the OCTAVE Methodology

Performing Threat Modeling with the PASTA Methodology

Threat Modeling with the Microsoft Threat Modeling Tool

Building and Leading an Effective Threat Modeling Program

Pluralsight: Threat Modeling

ادامه مطلب

A structured system to ensure you’re never at a loss for places and methods to start hunting for evil. Practical Threat Hunting is a foundational course that will teach you how to approach threat hunting using a proven, structured, repeatable framework. Practical Threat Hunting is the course that will teach you to hunt in a way that will never leave you at a shortage of places to start or techniques to manipulate data to spot anomalies. You’ll build skills through a series of expert-led lectures, scenario-based demonstrations, and hands-on lab exercises. Through a combination of theory and application, you’ll learn the basics of threat hunting and apply them to your network immediately.

Syllabus

  • Two hunting frameworks: Attack-Based Hunting (ABH) and Data-Based Hunting (DBH)
  • Techniques for leveraging threat intelligence and the MITRE ATT&CK framework for hunting input
  • The 9 most common types of anomalies you’ll encounter when reviewing evidence.
  • The 4 ways threat hunters most commonly transform data to spot anomalies
  • Typical staffing models for hunting capabilities in organizations of all sizes along with pros/cons
  • 5 metrics that support and enable threat hunting operations
  • My two-step system for effective note taking while hunting (and how to transition those notes to longer-term storage for easy searching)
  • An ideal design for a hunter’s wiki/knowledgebase
  • A 5-step framework for dissecting and simulating attacks to prepare for hunting expeditions

Applied Network Defense | Practical Threat Hunting

ادامه مطلب

Suricata is the foundation for effective intrusion detection and prevention. With cyber attacks on the rise it’s more crucial than ever for businesses, enterprises or cybersecurity consultancies to have a comprehensive security strategy in place. And that’s where Suricata rules come to the rescue. The “Suricata for Incident Response and Threat Hunting” course from Kaspersky xTraining is the ultimate training program taught by Kaspersky’s leading security researcher who has spent years on the front lines of cyber defense, Tatyana Shishkova. She will share unique insights and sophisticated tips and tricks, giving you an unparalleled understanding of the IDS/IPS within the Suricata rules framework. The course is created for companies aiming to power up their security policy and individual learners, looking to advance their career in cyber security. Whether you’re a beginner specialist or a seasoned professional in security or SOC analysis, security administration, malware research or incident response, it will give you the knowledge and skills to stay ahead of the ever-evolving threat landscape. Learn how to write and implement Suricata rules to detect and block even the most advanced threats. Gain a deep understanding of how the framework works, and how to use it for identifying and responding to attacks in real-time. Get practical experience to enhance your network security with hands-on exercises and various real-life scenarios.

Syllabus

Suricata Basics
Rule writing basics
Writing rules for HTTP protocol
Writing rules for DNS,TSP and SSL/TLS protocol
Advance Suricata features
Detecting typical attacks
Problem solving

Suricata for Incident Response and Threat Hunting

ادامه مطلب

Interested in establishing a proactive defense mentality and learning how to proactively hunt for threats in an organization’s network? Through expert-led instruction and risk-free lab environments, you can do all of that and more with the eLearnSecurity Certified Threat Hunting Professional (eCTHPv2) certification. This certification includes a practical exam in which you can conduct a threat hunt on a corporate network and propose defense strategies to be graded by INE’s expert cyber security instructors. With this certification, you can showcase your threat hunting talents to current and future employers.

eCTHPv2

ادامه مطلب