In the IR processes, we will develop rules for each MITRE ATT&CK TTP in Suricata, Sysmon, and Splunk and write examples.
Sub Category
- Network & Security
{inAds}
Objectives
- You will be fully proficient in Cyber Security Incident Response processes.
- You will learn to develop advanced rules in SIEM, EDR, and NIDS tools.
- During an incident, you will be able to quickly develop analysis and detection rules, allowing for immediate intervention.
- You will be able to learn and test the attack and defense commands of almost all the tactics and techniques of MITRE ATT&CK.
Pre Requisites
- Having completed my first course, the Blue Team Incident Handler training, will be quite beneficial.
FAQ
- Q. How long do I have access to the course materials?
- A. You can view and review the lecture materials indefinitely, like an on-demand channel.
- Q. Can I take my courses with me wherever I go?
- A. Definitely! If you have an internet connection, courses on Udemy are available on any device at any time. If you don't have an internet connection, some instructors also let their students download course lectures. That's up to the instructor though, so make sure you get on their good side!
{inAds}
Coupon Code(s)