1-Day Training

Free Workshop: Threat Detection and Hunting with PurpleLabs #1 [16 February]

Duration 1 day
Capacity 0 pax
Difficulty beginner

Overview

Registration is closed as class is full. You can still view the livestream here at 19:00 to 21:00 CET/GMT+1, 16 February. Thank you!

Would you like us to notify you about upcoming workshops and training courses? Or want a course that you don’t see here? Drop us an email at sectraininfo@hitb.org

 

DELIVERY: VIRTUAL LIVE STREAM 

DISCORD :  https://discord.gg/XM86uPxxBZ

DATE: 16 February 2021 

TIME: 19:00 to 21:00 CET/GMT+1


If you are looking to get into the threat hunting domain and want to learn more about how to get network and OS visibility/telemetry needed for advanced detection and threat hunting with Open Source / free tools, then this session is for you.

 

PurpleLABS is dedicated virtual infrastructure for conducting detection and analysis of attackers’ behavior in terms of used techniques, tactics, procedures, and offensive tools. The environment is to serve the constant improvement of competences in the field of threat hunting and allows for tracking behavior and current trends of offensive actions.

For those who want to know more about this hands-on cyber range project, here’s the all-in-one picture:

 

 

This session will demonstrate chained detection capabilities and the power of:
  • HELK + ElastAlert
  • Sigma rules
  • Sysmon + Windows Events
  • Splunk
  • ElastiFlow
  • Moloch FPC
  • Suricata IDS
  • Zeek IDS
  • Wazuh
  • Velociraptor
  • OSquery
  • Graylog
  • Falco
  • Syslog

Key Learning Objectives

  • Find out how Detection / Hunting Open Source Software can support your SOC infrastructure
  • Learn ways to improve detection and sharpen your event correlation skills across many different data sources
  • Find the malicious activities and identify threat details on the network
  • Prepare your SOC team for fast filtering out network noise and allow for better incident response handling
  • Understand values of a manual and automated approach to simulate attackers and generate anomalies

Sign Up For an Account

to track your favorites

Sign Up

Want a Training Not Seen Here?

Write to Us

Contact Us