Defending Enterprises [HITB+ Cyberweek 2021]

This training is suited to a variety of students, including:
  • SOC analysts
  • Security professionals
  • Penetration testers / Red Team operators
  • IT Support, administrative and network personnel

$2,299.00

Duration

2 days

Delivery Method

virtual

Level

intermediate

Seats Available

20

ATTEND ONLINE: Virtual via Zoom and LMS

DATE: 22-23 November 2021

TIME: 09:00 to 17:00 GST/GMT+4

Date Day Time Duration
22 November Monday 09:00 to 17:00 GST/GMT+4 8 Hours
23 November Tuesday 09:00 to 17:00 GST/GMT+4 8 Hours

14-days FREE lab time after class and Discord access for support


New for 2021, in.security’s 2-day Defending Enterprises training is the natural counterpart to their popular Hacking Enterprises course.

From SIEM monitoring, alerting and threat hunting, you’ll play a SOC analyst in their cloud-based lab and try to rapidly locate IOA’s and IOC’s from an enterprise breach.

You’ll use a combination of Microsoft Azure Sentinel and Elastic platforms to perform practical exercises. In each instance, filters and/or expressions will be supplied for both platforms (where applicable).

We know 2 days isn’t a lot of time, so you’ll also get 14-days FREE lab time after class and Discord access for support.

Why You Should Take This Course

This training is suited to a variety of students, including:
  • SOC analysts
  • Security professionals
  • Penetration testers / Red Team operators
  • IT Support, administrative and network personnel

Who Should Attend

TBA

Key Learning Objectives

  • Students will takeaway detection queries that can be immediately used and leveraged to help better protect their networks.

  • The training includes underlying knowledge of each offensive attack, which in turn provides a deeper insight for defenders to better understand the attacks they are facing and produce reliable detection queries.

  • Students will be detecting attacks in up to date environments, running the latest versions of Windows and malware definitions, ensuring detections don't take place in actively weakened environments.
  • Prerequisite Knowledge

    • Understanding of networking concepts
    • Previous SOC and/or pentesting experience is advantageous, but not required
    • Previous experience with the Kusto Query Language (KQL) is beneficial, but not required

    Hardware / Software Requirements

    • Students will need to have access to a laptop and their favourite browser!

    Your Instructor

    No data was found