Course Overview
Analyses of past incidents show that human error is often the cause of delays in responding to cyberattacks. In this SOC Master Class, participants will receive practical training to prepare them for the dynamics and complexity of such situations.
This training course covers the key technologies and processes for detecting and analyzing cyberattacks, with a focus on operational SOC activities. Throughout the course, the material is applied in a practical setting using realistic attack scenarios in a training environment (Arena
).
The use of AI tools is an integral part of the training. Participants use these tools specifically to assist with log analysis, the assessment of attack patterns, and the structuring and documentation of incidents.
Who should attend
Executives, managers and auditors for IT and information security, employees from the areas of IT and information security.
Prerequisites
The Master Class does not require specialized knowledge of specific technologies. Knowledge of IT security principles and information security management should be present.
Course Content
In the area of malware, students learn about current threats and the fundamentals of analysis, and apply this knowledge in practical exercises.
In the context of SIEM, participants will learn about architectures, log analysis, and security incident management, and will use Splunk for attack detection.
Network forensics involves the analysis of network traffic and the detection of attacks at the protocol level.
In this advanced SIEM workshop, participants will create and optimize their own detection rules based on real-world scenarios.
SOC processes and reporting cover roles, procedures, and the creation of structured reports.
The exercises are an integral part of all modules and are based on realistic attack scenarios. AI tools are specifically used to support analysis and decision-making processes.
Allemand
Allemagne