The primary goal of this training is to generate offensive attack events/symptoms within PurpleLABS infrastructure that later should be detected by Open Source SOC stack including Sigma – the open standard event description rule set and the rest of dedicated, open-source security solutions in use.
Participants will thoroughly familiarize themselves with the content of the available Sigma detection rules and their structure, better understand the essence of offensive actions, learn the low-level relationships between data sources, and thus achieve knowledge in creating their own detection rules and eventually bypassing them.
“The content of in and out was great. Lots of gained knowledge and hands on!”
“Great course! A truly huge number of topics and tools covered”
“Leszek was a really good trainer, he covered a lot of material, and had a very good personality.”
“Leszek Miś is very knowledge in the topics covered in the course. He also shares real life scenario which were useful for participant to better understand application of material presented. Contents were very good, it covers many leading open source project which i find it useful. I would recommend this course to my colleagues.”