Incident Response

Understand the mindset behind effective response on security incidents, and apply them through real-world tactics and techniques.
The goal of this module is to develop in you the mindset that an effective incident responder has. We’ll be diving through a tactical dissection of proven response processes, from preparing your environment to be a fertile ground for response, to the containment and removal of malicious software. We’ll also be discussing how to recover and consequently learn from everything to prime yourself for the next response.

0%
Preparation
A look into the Preparation phase of the Incident Response.
0%
Identification & Scoping
A look into the second phase of the Incident Response Framework, Identification & Scoping.
0%
Threat Intel & Containment
Learn what threat intelligence looks like, and some containment strategies used in the IR process.
0%
Eradication & Remediation
A look into the fourth phase of the Incident Response framework: Eradication, Remediation, and Recovery.
0%
Lessons Learned
A look into the fifth phase of the Incident Response framework: Lessons Learned.
0%
Tardigrade
Can you find all the basic persistence mechanisms in this Linux endpoint?
Need to know

Log Analysis
Log analysis is collecting, parsing and processing log files and turning data into actionable knowledge to detect security threats and anomalies and identify system performance issues.

Advanced Splunk
Understand advanced Splunk capabilities to search data for anomalies by creating complex search queries, applying regex, and creating presentable reports and dashboards.

Advanced ELK
Learn about the main components of the ELK stack by going through the installation and configuring process and linking them together to form an effective log analysis utility.

Threat Hunting
Understand the fundamentals of threat hunting, and learn how to build your own methodology for effective hunting across your infrastructure.
What are modules?
A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).
