Perfect for: Individuals and teams looking to expand their cyber security skills and knowledge

Have you taken part in our hacking enterprises course? Our engaging 2-day defending enterprises training is the natural counterpart.

At In.security, our intensive threat hunting simulation has been designed to teach knowledge and skills required to rapidly identify and detect malicious activity in your network.

Our trainers conduct an enterprise breach where you can gain the practical experience you need and be prepared for a real-life attack. From setup and configuration to threat hunting, monitoring and alerting, guard your organisation’s infrastructure against attackers and threats with defending enterprises.

Course topics What you’ll learn.

Defending enterprises covers a wide array of topics across the 2 days to ensure you gain the knowledge you need:

  • MITRE ATT&CK framework primer
  • Defensive OSINT
  • Linux auditing and logging
  • Windows events, logging and Sysmon
  • Using Logstash as a data forwarder
  • Overview of KQL and Microsoft Sentinel
  • Identifying Indicators of Attack (IOA) and Indicators of Compromise (IOC)
  • Detecting phishing attacks (Office macros, HTA’s and suspicious links)
  • Detecting C2 traffic and beacons
  • Detecting credential exploitation (Kerberoasting, PtH, PtT, DCSync)
  • Creating alerts and analytical rules in Microsoft Sentinel
  • Detecting lateral movement (WinRM, WMI, SMB, DCOM, MSSQL)
  • Detecting data exfiltration (HTTP/S, DNS, ICMP)
  • Detecting persistence (userland methods, WMI Event Subscriptions)
  • C2 communications

This course includes.

  • 14-days lab access after training completes
  • Discord support channel access where our security consultants are available
  • Completion certificate

What you need Prerequisites.

  • Understanding of networking concepts
  • Previous pentesting and/or SOC experience advantageous, but not required

Technical training & workshops Upcoming events & workshops.

In.security

FREE Workshop – Catch Me If You Can: Seeing the Red Through the Blue

Virtual @ In.security
FREE Workshop – Catch Me If You Can: Seeing the Red Through the Blue
In.security

Cyber Awareness

Virtual @ In.security
Cyber Awareness

Defending Enterprises For Threat Hunters

Virtual @ QA
Defending Enterprises For Threat Hunters

Here to help Frequently asked question.

Where do your courses run?

Our courses are delivered and accessible in a number of locations including: live virtual training at your premises or required location, through our training partners, and/or at special events and conferences throughout the year. You can find our scheduled events in our calendar.

If I need to cancel a course, is there a charge?

Charges are dependent on the location of the course you’ve booked:
– Via our training partners: Contact the respective training partner for all amendment/cancellation queries
– At a conference or special event: Contact the respective conference/event coordinator for all amendment/cancellation queries
– At your premises/required location or via live virtual training: No cancellation fee until 21 days before the course is scheduled to run, after which a 50% cancellation fee is incurred. Cancellations 7 days or less before the course is scheduled to run incur a 100% cancellation fee.

I would like to purchase additional hacklab access, is there an option for this?

Of course – If your 14-day complementary access isn’t enough, you can purchase a 28-day extension.