Blue Teaming Defensive Security Course
Master the art of defensive cybersecurity with our Blue Teaming Defensive Security Course. Learn to safeguard your organization’s network from cyber threats and ensure a resilient security posture
Overview
Join CyberFox Training’s Blue Teaming Defensive Security Course and enhance your skills in incident response, threat detection, and security operations. This comprehensive program covers 24 modules, equipping you with the knowledge and tools to protect your organization from cyber threats effectively.
Course Objectives:
- Master incident response and security operations fundamentals.
- Gain proficiency in using top 20 open-source tools essential for Blue Teamers.
- Learn to deploy and manage Elastic Stack (ELK) SIEM for robust security monitoring.
- Harness the power of Microsoft Azure Sentinel for cloud-native SIEM and SOAR.
- Implement a hands-on Wazuh Host-based Intrusion Detection System (HIDS).
- Understand threat intelligence fundamentals and its role in defense.
- Utilize The Hive Project for efficient incident management.
- Enhance incident response and threat hunting with OSQuery and Kolide Fleet.
- Apply the MITRE PRE-ATT&CK framework for reconnaissance assessments.
- Perform Open Source Intelligence (OSINT) using SpiderFoot and Shodan.
- Leverage MITRE ATT&CK to defend against Advanced Persistent Threats.
- Analyze malicious traffic with Wireshark and delve into digital forensics.
- Learn static malware analysis with Radare2 and Yara rules.
- Explore IDA Pro and Ghidra for reverse engineering.
- Master memory analysis techniques for in-depth threat investigation.
- Simulate Red Teaming attacks using “Atomic Red Team.”
- Build a Machine Learning Intrusion Detection System.
- Analyze Process Hollowing (T1055.012) with Azure Sentinel.
- Understand event handling with Filebeat and Logstash in Azure Sentinel.
- Monitor malicious similar domains using custom logs and DNSTwist.
Target Audience:
This course is ideal for cybersecurity professionals, IT administrators, network defenders, and anyone interested in enhancing their skills in Blue Teaming and defensive security. Whether you are a beginner looking to build a strong foundation or an experienced professional aiming to stay updated with the latest tools and techniques, this program caters to a wide range of skill levels.
Benefits:
- Gain comprehensive knowledge and practical experience in Blue Teaming and defensive security.
- Develop expertise in using essential open-source tools for threat detection and incident response.
- Learn to deploy and manage SIEM solutions, including Elastic Stack (ELK) and Microsoft Azure Sentinel.
- Enhance your ability to detect and respond to cyber threats effectively.
- Acquire hands-on experience in threat intelligence, OSINT, malware analysis, and reverse engineering.
- Prepare for real-world scenarios with practical exercises and case studies.
- Boost your career prospects and contribute to your organization’s cybersecurity defense.
Enroll in CyberFox Training’s Blue Teaming Defensive Security Course and become a proficient defender against cyber threats.
Course Module:
- Module 1 – Incident Response and Security Operations Fundamentals
- Module 2 – TOP 20 Open-source tools every Blue Teamer should have
- Module 3 – How to deploy your Elastic Stack (ELK) SIEM
- Module 4 – Getting started using Microsoft Azure Sentinel (Cloud-Native SIEM and SOAR)
- Module 5 – Hands-on Wazuh Host-based Intrusion Detection System (HIDS) Deployment
- Module 6 – Threat Intelligence Fundamentals:
- Module 7 – How to Install and use The Hive Project in Incident Management
- Module 8 – Incident Response and Threat hunting with OSQuery and Kolide Fleet
- Module 9 – How to use the MITRE PRE-ATT&CK framework to enhance your reconnaissance assessments
- Module 10 – How to Perform Open Source Intelligence (OSINT) with SpiderFoot
- Module 11 – How to perform OSINT with Shodan
- Module 12 – Using MITRE ATT&CK to defend against Advanced Persistent Threats
- Module 13 – Hands-on Malicious Traffic Analysis with Wireshark
- Module 14 – Digital Forensics Fundamentals
- Module 15 – How to Perform Static Malware Analysis with Radare2
- Module 16 – How to use Yara rules to detect malware
- Module 17 – Getting started with IDA Pro
- Module 18 – Getting Started with Reverse Engineering using Ghidra
- Module 19 – How to Perform Memory Analysis
- Module 20 – Red Teaming Attack Simulation with “Atomic Red Team”
- Module 21 – How to build a Machine Learning Intrusion Detection system
- Module 22 – Azure Sentinel – Process Hollowing (T1055.012) Analysis
- Module 23 – Azure Sentinel – Send Events with Filebeat and Logstash
- Module 24 – Azure Sentinel – Using Custom Logs and DNSTwist to Monitor Malicious Similar Domains