Defending Enterprises – Coming 2021!

Developed and delivered by trainers who teach internationally at global security conferences such as Black Hat, our Hacking Enterprises training is an immersive hands-on experience designed to test, develop and extend your mindset and skills.

Defending Enterprises Logo

Due in 2021, our immersive 2-day Defending Enterprises training will be the natural counterpart to our popular Hacking Enterprises course. 

From setup and configuration, to threat hunting, monitoring and alerting, you’ll play a SOC analyst in our lab and try to rapidly locate IOC’s and IOA’s from an enterprise breach executed by the trainers in real time.

Over the 2 days well cover the following topics:

  • MITRE ATT&CK framework primer
  • Defensive OSINT
  • Linux auditing and logging overview
  • Windows events, logging and configuring Sysmon
  • Configuring ELK, Splunk and data forwarders
  • Filters, regex and visualisations
  • Configuring monitoring and alerting

  • Identifying IOC’s and IOA’s
  • Detecting phishing attacks (Office macros, HTA’s and suspicious links)
  • Detecting credential exploitation (Kerberoasting, PtH, PtP, DCSync)
  • Detecting lateral movement (WinRM, WMI, SMB, DCOM, MSSQL)
  • Detecting data exfiltration (HTTP/S, DNS, ICMP)
  • Detecting persistence (userland methods, WMI Event Subscriptions)
  • Identifying C2 communications


IF YOU WOULD LIKE TO BE NOTIFIED WHEN DEFENDING ENTERPRISES IS PUBLICLY SCHEDULED PLEASE LET US KNOW