Select Course Schedule.
| Starting date | Ending date | days | Time | |
|---|---|---|---|---|
| 25 Nov 2024 | 27 Nov 2024 | M-T-W | 02:00am - 09:00am |
|
Incident Response and Threat Hunting with AI
Incident Response & Forensic Investigation are constantly evolving, crucial topics in the area of cybersecurity. In order to stay ahead of cyber-criminals, the knowledge of Individuals and Teams responsible for Incident Response, collecting digital evidences and handling the incidents has to be constantly enhanced and updated. This advanced training provides skills necessary to find the threats, collect and preserve data in a correct manner, analyze it and get to know as much about the incident as possible. This workshop will cover the general approach to threat monitoring, incident response readiness as well as the important aspects of Windows internals. The training will also include hands-on exercises on our custom-built lab environment. Furthermore, we grant an extra 3 weeks of lab access to the students with additional home assignments and Expert’s help if needed.
This course will be delivered by: Paula Januszkiewicz is the Founder and CEO of CQURE Inc. and CQURE Academy. She is also Enterprise Security MVP, honorable Microsoft Regional Director for CEE and a world class cybersecurity expert, consulting Customers all around the world. In 2017, Paula graduated from Harvard Business School. She is a top speaker at conferences including Microsoft Ignite (she was rated No. 1 among 1,100 speakers at a conference with 26000 attendees), RSA (speaking since 2017, in 2019 she delivered a keynote at RSA USA for 40000 attendees), Black Hats (USA, Europe, Asia where she was rated No.1 speaker), keynote at LEAP 2022 and keynoting multiple times at GISEC. Her presentations gather thousands of people. In 2019, Paula’s presentation was voted best of Black Hat Asia 2019 Briefings!
hours
18
language
English
Summary
Incident Response & Forensic Investigation are constantly evolving, crucial topics in the area of cybersecurity. In order to stay ahead of cyber-criminals, the knowledge of Individuals and Teams responsible for Incident Response, collecting digital evidences and handling the incidents has to be constantly enhanced and updated. This advanced training provides skills necessary to find the threats, collect and preserve data in a correct manner, analyze it and get to know as much about the incident as possible. This workshop will cover the general approach to threat monitoring, incident response readiness as well as the important aspects of Windows internals. The training will also include hands-on exercises on our custom-built lab environment. Furthermore, we grant an extra 3 weeks of lab access to the students with additional home assignments and Expert’s help if needed.
This course will be delivered by: Paula Januszkiewicz is the Founder and CEO of CQURE Inc. and CQURE Academy. She is also Enterprise Security MVP, honorable Microsoft Regional Director for CEE and a world class cybersecurity expert, consulting Customers all around the world. In 2017, Paula graduated from Harvard Business School. She is a top speaker at conferences including Microsoft Ignite (she was rated No. 1 among 1,100 speakers at a conference with 26000 attendees), RSA (speaking since 2017, in 2019 she delivered a keynote at RSA USA for 40000 attendees), Black Hats (USA, Europe, Asia where she was rated No.1 speaker), keynote at LEAP 2022 and keynoting multiple times at GISEC. Her presentations gather thousands of people. In 2019, Paula’s presentation was voted best of Black Hat Asia 2019 Briefings!
Target Audience
All IT and Security Professionals.
Topics Covered
+
- How to Identify an Incident
- Handling Incidents Techniques
- Incident Response Plan Checklist
- Incident Handling Preparation
- Incident Response Best Practices
- Containment Strategy to Stop Multiple Component Incidents
+
- Types of Hunting b. Defining Hunt Missions
- Malware Hiding Techniques
- Uncovering Internal Reconnaissance
- Uncovering Lateral Movement
- Uncovering Hidden network transmissions
+
- Introduction to Windows Internals
- Processes and threads
- Effective permissions auditing
- Windows services
- Advanced techniques with Sysinternals Suite
+
- Role of Forensics Analysis in Incident Response
- Challenging Aspects of Digital Evidence
- Collecting Electronic Evidence
+
- Types and approaches to network monitoring
- Network evidence acquisition
- Network protocols and Logs
- Gathering data from network security appliances
- Detecting intrusion patterns and attack indicators
- Data correlation
- Hunting malware in network traffic
+
- Introduction to memory dumping and analysis
- Creating memory dump
- Utilizing Volatility to analyse Windows memory image
+
- Introduction to storage acquisition and analysis
- Drive Acquisition
- Autopsy
- Building timelines
+
- Preserving digital evidences
- Documentation of changes
- Interviews
- Timeline building
minimize course outline
Select Course Schedule.
| Starting date | Ending date | days | Time | |
|---|---|---|---|---|
| 25 Nov 2024 | 27 Nov 2024 | M-T-W | 02:00am - 09:00am |
|