SOC – Security Operations Center – Hands On Cyber Attack Simulation

SOC – Security Operations Center – Hands On Cyber Attack SimulationMCSOCICInnovator ClassIC-MCSOC2.1<p>The Master Class does not require specialized knowledge of specific technologies. Knowledge of IT security principles and information security management should be present.</p><p>Executives, managers and auditors for IT and information security, employees from the areas of IT and information security.</p><h5>Malware</h5><ul> <li>Current cyber threat situation and known incidents</li><li>Introduction to function and analysis of malware</li><li>Practice: Use of tools for malware analysis</li></ul><h5>SIEM, Level 1</h5><ul> <li>Security Information and Event Management (SIEM) Introduction</li><li>SIEM architectures</li><li>Introduction Security Incident Management (SIM)</li><li>Practice: Use of Splunk and predefined rules for attack detection</li></ul> <h5>Management of cyber crises, Level 1</h5><ul> <li>Good and bad examples</li><li>Core process for crisis management</li><li>Situation center and situation pictures</li><li>Practice: Managing a serious cyber incident</li></ul> <h5>Network forensics</h5><ul> <li>Recap: TCP/IP protocol family</li><li>Secure network architectures</li><li>Introduction to protocol analysis tools</li><li>Practice: Detecting network-level attacks</li></ul><h5>SIEM, Level 2</h5><ul> <li>Practice: Creating your own rules based on attacks</li></ul> <h5>SOC Management and Reporting</h5><ul> <li>SOC processes and roles</li><li>Practice: SIM process creation</li><li>KPI reporting</li></ul> <h5>Management of cyber crises, Level 2</h5><ul> <li>Introduction to TIBER-DE</li><li>Crisis communication</li><li>Practice: Creation of own cyber crisis exercises</li></ul> <h5>Team exercise</h5><ul> <li>Joint defense of a realistic cyber incident from detection to management</li></ul>The Master Class does not require specialized knowledge of specific technologies. Knowledge of IT security principles and information security management should be present.Executives, managers and auditors for IT and information security, employees from the areas of IT and information security.Malware - Current cyber threat situation and known incidents - Introduction to function and analysis of malware - Practice: Use of tools for malware analysis SIEM, Level 1 - Security Information and Event Management (SIEM) Introduction - SIEM architectures - Introduction Security Incident Management (SIM) - Practice: Use of Splunk and predefined rules for attack detection Management of cyber crises, Level 1 - Good and bad examples - Core process for crisis management - Situation center and situation pictures - Practice: Managing a serious cyber incident Network forensics - Recap: TCP/IP protocol family - Secure network architectures - Introduction to protocol analysis tools - Practice: Detecting network-level attacks SIEM, Level 2 - Practice: Creating your own rules based on attacks SOC Management and Reporting - SOC processes and roles - Practice: SIM process creation - KPI reporting Management of cyber crises, Level 2 - Introduction to TIBER-DE - Crisis communication - Practice: Creation of own cyber crisis exercises Team exercise - Joint defense of a realistic cyber incident from detection to management5 days4499.004499.004499.004499.00