MP4 | Video: h264, 1600x900 | Audio: AAC, 44100 Hz, 2 Ch
Language: English | Size: 1.36 GB | Duration: 17h 31m
If you're a security analyst responsible for investigating alerts, performing forensics, or responding to incidents then this is the course that will help you gain a deep understanding how to most effectively catch bad guys and kick them out of your network. Investigation Theory is designed to help you overcome the challenges commonly associated finding and catching bad guys.
I've got so many alerts to investigate and I'm not sure how to get through them quickly.
I keep getting overwhelmed by the amount of information I have to work with an investigation.
I'm constantly running into dead ends and getting stuck. I'm afraid I'm missing something.
I want to get started threat hunting, but I'm not sure how.
I'm having trouble getting my management chain to understand why I need the tools I'm requesting to do my job better.
Some people just seem to "get" security, but it just doesn't seem to click for me.
Investigation Theory will teach you how to conduct investigations regardless of the toolset.
You'll Learn:
Metacognition: Mental models for approaching an investigation.
Evidence: The nuance of investigative data sources, how to interpret them, and how to use your understanding of evidence to drive investigative questioning.
Questions: How to ask the best investigation questions and how you use reasoning to form heuristics and "rules of thumb".
Investigation Playbooks: Strategies and templates for building your own investigation playbooks.
Open Source Intel: A framework for understanding context about threats using free open-source tools.
Mise en Place: How to master your environment with any toolset.
The Timeline: Strategies for tracking the investigation process and your findings.
The Curious Hunter: Techniques for finding investigation leads without alerts.
Your Own Worst Enemy: Recognizing and limiting negative bias.
Reporting: effective communication of breaches and false alarms.
This course utilizes the Investigation Ninja web application to simulate real investigation scenarios. By taking a vendor agnostic approach, Investigation Ninja provides real world inputs and allows you to query various data sources to uncover evil and decide if an incident has occurred, and what happened. You'll look through real data and solve unique challenges that will test your newly learned investigation skills. A custom set of labs have been developed specifically for this course. No matter what toolset you work with in your SOC, Investigation Ninja will prepare you to excel in investigations using a data-driven approach.
Download link:
Só visivel para registados e com resposta ao tópico.Only visible to registered and with a reply to the topic.Links are Interchangeable - No Password - Single Extraction
Cantinho Satkeys
