1 - Network architecture
2 - Traffic capture and analysis
3 - Understanding DNS
4 - DNS analysis and attacks
5 - Understanding HTTP(S)
6 - HTTP analysis and attacks
7 - Understanding SMTP and email
8 - Additional network protocols
9 - Summary

SEC 450.3 (2020) - Blue Team Fundamentals Security Operation and Analysis

#sans #pentest #blueteam #cource

1 - Endpoint attack tactics
2 - Endpoint Defense in Depth
3 - How windows logging works
4 - How linux logging works
5 - Interpreting important events
6 - Log collection, parsing and normalization
7 - File contents and identification
8 - Identifying and handling suspicious files
9 - Summary

#APT #report

SEC 450.4 (2020) - Blue Team Fundamentals Security Operation and Analysis

#sans #pentest #blueteam #cource

1 - Alert triage and prioritization
2 - Perception memory and investigation
3 - Modules and concepts for infosec
4 - Structured analyticsal techniques
5 - Analysis questions and tactics
6 - Analysis opsec
7 - Intrusion discovery

Cybereason Labs Analysis Operation Cobalt Kitty

#cobaltstrike #APT #report

SEC 450.5 (2020) - Blue Team Fundamentals Security Operation and Analysis

#sans #pentest #blueteam #cource

1 - Improving life in the SOC
2 - Analytic features and enrichment
3 - New analytic design, testing and sharing
4 - Tuning and false positive reduction
5 - Automation and orchestration
6 - Improving operational efficiency and workflow
7 - Containing identified instrusions
8 - Skill and career development

Обнаружение и обход песочниц

#malware #report

SEC 505.1 (2020) - Securing Windows and powershell automation pt.1

#sans #powershell #course #pentest