SEC455 serves as an important primer to those who are unfamiliar with the architecture of an Elastic-based SIEM. Students that have taken or plan to take additional cyber defense courses may find SEC455 to be a helpful supplement to the advanced concepts they will encounter in courses such as SEC555.
If you are worried about leading or supporting a major cyber incident, then this is the course for you. We look at all the common and major cyber incident types and explain what the key issues are and how plan a recovery. This cyber incident management training course focuses on the challenges facing leaders and incident commanders as they work to bring enterprise networks back online and get business moving again. Whilst you may have a full team of technical staff standing-by to find, understand and remove the attackers, they need information, tasking, managing, supporting, and listening to so you can maximize their utilization and effectiveness. We focus on building a team to remediate the incident, on managing that team, on distilling the critical data for briefing, and how to run that briefing. We look at communication at all levels from the hands-on team to the executives and Board, investigative journalists, and even the attackers.
MGT535.1: Understanding and Communicating About the Incident
MGT535.2: Scoping the Damage, Planning the Remediation, and Executing the Plan
MGT535.3: Training, Leveraging Cyber Threat Intelligence, Bug Bounties
MGT535.4: Cloud Incidents, Business Email Compromise, Credential Theft Attacks and Incident Metrics
MGT535.5: AI for Incidents, Attacker Extortion, Ransomware, and Capstone Exercise
Security leaders need both technical knowledge and leadership skills to gain the respect of technical team members, understand what technical staff are actually doing, and appropriately plan and manage security projects and initiatives. This security managers training course will teach leaders about the key elements of any modern security program. Learn to quickly grasp critical cybersecurity issues and terminology, with a focus on security frameworks, security architecture, security engineering, computer/network security, vulnerability management, cryptography, data protection, security awareness, application security, DevSecOps, cloud security, and security operations. This is more than security training. You will learn how to lead security teams and manage programs by playing through twenty-three Cyber42 activities throughout the class, approximately 60-80 minutes daily.
MGT512.1: Building Your Security Program
MGT512.2: Technical Security Architecture
MGT512.3: Security Engineering
MGT512.4: Security Management & Leadership
MGT512.5: Detecting and Responding to Attacks
FOR585 is continuously updated to keep up with the latest malware, smartphone operating systems, third-party applications, acquisition shortfalls, extraction techniques (jailbreaks and roots) and encryption. It offers the most unique and current instruction to arm you with mobile device forensic knowledge you can immediately apply to cases you’re working on the day you get back to work.
Memory Forensics In-Depth provides the critical skills necessary for digital forensics examiners and incident responders to successfully perform live system memory triage and analyze captured memory images. The course uses the most effective freeware and opensource tools in the industry today and provides an in-depth understanding of how these tools work. FOR526 is a critical course for any serious DFIR investigator who wants to tackle advanced forensics, trusted insider, and incident response cases.
FOR526.1: Foundations in Memory Analysis and Acquisition
FOR526.2: Unstructured Analysis and Process Exploration
FOR526.3: Investigating the User via Memory Artifacts
FOR526.4: Internal Memory Structures
FOR526.5: Memory Analysis on Platforms Other than Windows
FOR526.6: Memory Analysis Challenge
FOR526: Advanced Memory Forensics & Threat Detection
