Incident Detection, Analysis & Response – for IT [CSR102]

Incident analysts and threat responders have a challenging time understanding complex, multi-level attacks and APT adversary intrusions without pre-built indicators of compromise or threat intelligence gathered before a breach. One of the best ways to enhance capabilities is to test personal readiness in advanced attack scenarios at a hyper-realisitic Cyber Simulation Range. This course sets the stage for level-1-finishers to handle more complex cyber-attack scenarios defending both IT landscapes, IoT and OT/production environments.

By the end of this course, participants will be able to:

• understand emerging challenges and possible solutions in the field of IT & OT security
• utilize advanced CDC tools to filter out the signal within the noise of security alerts
• efficiently detect, assess and determine complex, multi-level and targeted attacks
• respond efficiently to critical security incidents in situations of stress accordingly
• work in a team of security analysts, incident responders and forensic experts

• Advanced Cyber Defense Center

• Next generation security tools for larger cyber defense centers
• Monitoring of security-related events in both IT, IoT and OT environments
• Orchestration and information enrichment of security-relevant events
• Automation of routine tasks in order to free time to focus on important tasks
• Deception and denial of attackers in realtime
• Gathering, enrichment and sharing of IoCs using TI
• Extended Cyber Simulation Range
• Practical training sessions in IT and OT environments

• ISH-certified “SECURITY INCIDENT ANALYST - LEVEL 1” analysts who regularly respond to complex security incidents/intrusions from APT groups/advanced adversaries and need to know how to detect, investigate, remediate, and recover from compromised systems across IT and OT environments

• Threat hunters who are seeking to understand threats more fully and who want to learn from incidents in order to more effectively hunt threats and respond to future threats
• Information security professionals who may encounter critical data breach incidents and targeted intrusions over a longer period of time

• Must: ISH certificate: "CYBER SECURITY ANALYST - LEVEL 1

• Nice to have: Hacking basics (Metasploit, Mimikatz, Kali, WebApp hacking etc.)

ISH certificate "SECURITIY INCIDENT ANALYST– LEVEL 2"