Advanced Incident Response

Master the art of proactive cyber defense with our Advanced Incident Response Course. Learn to detect, investigate, and neutralize advanced threats across Windows, Linux, and cloud environments using real-world techniques and hands-on labs.

Key Topics Covered:

• SOC Overview
• MITRE ATT&CK in Depth
• Incident Response in Depth
• Windows Artifact Analysis
• Log Analysis
  • Windows Event Log Analysis
  • Proxy Log Analysis
  • Sysmon Log Analysis
  • Firewall Log Analysis
• Malware Analysis
  • Static Analysis
  • Dynamic Analysis
• Splunk Log Onboarding
  • Log Analysis using Splunk
  • Alert Creation
  • Dashboard Creation
  • Splunk Commands Overview
  • Live Exercise with Splunk
• Endpoint Detection and Response (EDR) with MDE
  • Advanced Incident Response with MDE EDR
  • Malware Alert Analysis using MDE
  • Process Tree Analysis and Timeline Investigations
  • Behavioral Blocking and Machine Learning Alerts
  • Custom Detection Rules and Automated Remediation Workflows
  • Kusto Query Language (KQL) for Advanced Hunting
• Threat Detection for Modern Attacks
• Hunting on Endpoints
• Identification of Malicious System and User Activity
• Advanced Attack Vectors (Fileless Attacks, Living-off-the-Land Binaries)
• Phishing Mail Analysis
• Web Application Attacks Investigation
• Cloud Security Fundamentals
• SOC Interview Preparation
• Mock Interview
• Job Assistance