Defending Enterprises – Coming 2021!
Developed and delivered by trainers who teach internationally at global security conferences such as Black Hat, our Hacking Enterprises training is an immersive hands-on experience designed to test, develop and extend your mindset and skills.
Due in 2021, our immersive 2-day Defending Enterprises training will be the natural counterpart to our popular Hacking Enterprises course.
From setup and configuration, to threat hunting, monitoring and alerting, you’ll play a SOC analyst in our lab and try to rapidly locate IOC’s and IOA’s from an enterprise breach executed by the trainers in real time.
Over the 2 days well cover the following topics:
- MITRE ATT&CK framework primer
- Defensive OSINT
- Linux auditing and logging overview
- Windows events, logging and configuring Sysmon
- Configuring ELK, Splunk and data forwarders
- Filters, regex and visualisations
- Configuring monitoring and alerting
- Identifying IOC’s and IOA’s
- Detecting phishing attacks (Office macros, HTA’s and suspicious links)
- Detecting credential exploitation (Kerberoasting, PtH, PtP, DCSync)
- Detecting lateral movement (WinRM, WMI, SMB, DCOM, MSSQL)
- Detecting data exfiltration (HTTP/S, DNS, ICMP)
- Detecting persistence (userland methods, WMI Event Subscriptions)
- Identifying C2 communications
IF YOU WOULD LIKE TO BE NOTIFIED WHEN DEFENDING ENTERPRISES IS PUBLICLY SCHEDULED PLEASE LET US KNOW