S
spamtrash
(wiecie ze leniwy jestem, nie? to CtrlC + CtrlV):
CO:
“Introduction to Incident Response” from 3th of May to 13th of May.
It’s 3 hours a day, from 5pm to 8pm Eastern time, but will be recorded for you to watch it whenever you like. On day 6 you’ll learn to write YARA rules and use THOR Lite to search for evidence on compromised machines.
Gdzie:
Co dostajemy:
Our planned agenda is:
Za ile:
Cena podstawowa to:
Pay 100 USD
CA$121.02incl. CA$7.10 Feeincl. CA$13.92 HST
Sales end on May 1, 2021
Lab access included for 90 days Lab includes a network accessible over VPN with SOC tools, EPP/EDR tools, Threat Hunting tools and more
Znizka 30% z kodem: NextronThorLite
CO:
“Introduction to Incident Response” from 3th of May to 13th of May.
It’s 3 hours a day, from 5pm to 8pm Eastern time, but will be recorded for you to watch it whenever you like. On day 6 you’ll learn to write YARA rules and use THOR Lite to search for evidence on compromised machines.
Gdzie:
Zaloguj
lub
Zarejestruj się
aby zobaczyć!
Co dostajemy:
Our planned agenda is:
- Day 1: We will attack specially hosted class websites (and the servers they are hosted on) using different online and offline methods. Some are traceable in logs, some aren’t directly. We will also use custom built Kali linux installed as a virtual machine to attack the servers live during class. We will review the attacks as they happen in real-time against the target systems. You will be introduced to a SOC environment that is specifically setup for this class.
- Day 2: We will review the attacker activities and track/trace the attacker’s activities. Now that you would have experienced how the attackers actually attack, you can see what you can understand and analyze from the investigators end. You will learn how to perform threat hunting.
- Day 3: In our targets we have Windows logs, IIS logs, Apache logs and Linux logs. You will learn what each log is, what is the use, the relevance and how to interpret/analyze them to find relevant and actionable intelligence. This will include threat intelligence correlation and attribution.
- Day 4: While the attacks are ongoing (our attacks and worldwide random attackers), we will intermittently run packet capture which you will analyze to determine what is an attack and then trace it back to the attacker. You will learn how to identify threats over the network with Wireshark and OSINT tools.
- Day 5: Malware code analysis before it is detonated and also after it is. Performing OSINT on the malware to identify Indicators of Attack before they become indicators of compromise.
- Day 6: Malware analysis and signature creation (YARA and Sigma rules). You will learn how to create signatures for malware and attacks you have analyzed so far to run your own scans to detect threats. You will be introduced to industry standard tools for this analysis.
- Days 7-8: Attribution and Correlation of all attack evidence collected to date. Followed by an Incident Response report. This report will not be same as the report you write, this will be the kind we write in private sector. The objective will be to help you implement learnings from both public and private sector.
Za ile:
Cena podstawowa to:
Pay 100 USD
CA$121.02incl. CA$7.10 Feeincl. CA$13.92 HST
Sales end on May 1, 2021
Lab access included for 90 days Lab includes a network accessible over VPN with SOC tools, EPP/EDR tools, Threat Hunting tools and more
Znizka 30% z kodem: NextronThorLite
