Incident Detection, Analysis & Response – for IT [CSR101]

To respond effectively to cyber security challenges, SOC-Members must constantly develop and test their knowledge and effectiveness. One of the best ways to do this is to test their readiness against simulated attack scenarios at a hyper-realisitic Cyber Simulation Range (CSR). This course sets the stage for future security analysts to deal with cyber-attack scenarios – ranging from basic to complex – which include legacy, current and emerging threat vectors.

By the end of this course, participants will be able to:

• understand the functionality of a state-of-the-art CDC
• utilize integrated tools of the complete CDC technology stack
• efficiently detect, assess and determine the scope of incidents
• enrich event information utilizing external threat intelligence
• perform tasks in various CDC roles in situations of stress

• Cyber Defense Center (CDC)
• Cyber Simulation Range (CSR)
• Understand the hyper-realistic CSR architecture
• Work with the CDC technology stack and toolbase
• Identfiy criticalities of assets and information
• Slip into different CDC roles
• Perform teamwork and individual tasks
• Practical training sessions in IT environments

• CDC analysts who are faced with security incidents on a regular basis and need to know how to detect, investigate, remediate, and recover from compromised systems across an IT infrastructure
• Threat hunters who are seeking to understand threats more fully and who want to learn from incidents in order to more effectively hunt threats and respond to future threats
• Technically oriented CISOs, risk managers and security experts who are responsible for the organisational management of serious cyber crises

• Most important: a passion for IT security
• Must: OS basics for Windows and Linux
• Must: Network basics regarding the OSI model
• Must: Logging and log analysis basics
• Nice to have: Hacking basics (Metasploit, Mimikatz, Kali, WebApp hacking etc.)

ISH certificate "SECURITY INCIDENT ANALYST – LEVEL 1"