insoft

Cisco-training

Insoft Services is een van de weinige aanbieders van opleidingen in EMEAR tot een volledige reeks van Cisco-certificering en gespecialiseerde technische opleiding aan te bieden.

Lees meer

Cisco-certificering

Ervaar een blended learning-aanpak die het beste van door een instructeur geleide training en e-learning in eigen tempo combineert om u te helpen zich voor te bereiden op uw certificeringsexamen.

Lees meer

Cisco Learning Credits

Cisco Learning Credits (CLCs) zijn prepaid trainingsvouchers die rechtstreeks bij Cisco worden ingewisseld en die het plannen van uw succes eenvoudiger maken bij de aankoop van Cisco-producten en -services.

Lees meer

Cisco Continuing Education

Het Cisco Continuing Education Program biedt alle actieve certificeringshouders flexibele opties om opnieuw te certificeren door een verscheidenheid aan in aanmerking komende trainingsitems te voltooien.

Lees meer

Cisco Digital Learning

Gecertificeerde medewerkers zijn GEWAARDEERDE activa. Verken de officiële Digital Learning Library van Cisco om uzelf te informeren via opgenomen sessies.

Lees meer

Cisco Business Enablement

Het Cisco Business Enablement Partner Program richt zich op het aanscherpen van de zakelijke vaardigheden van Cisco Channel Partners en klanten.

Lees meer

Cisco trainingscatalogus

Het Cisco Business Enablement Partner Program richt zich op het aanscherpen van de zakelijke vaardigheden van Cisco Channel Partners en klanten.

Lees meer

Fortinet-certificering

Het Fortinet Network Security Expert (NSE) -programma is een training- en certificeringsprogramma op acht niveaus om ingenieurs van hun netwerkbeveiliging te leren voor Fortinet FW-vaardigheden en -ervaring.

Technische trainingen

Fortinet-training

Insoft is erkend als Fortinet Authorized Training Center op geselecteerde locaties in EMEA.

Lees meer

Fortinet trainingscatalogus

Bekijk de volledige Fortinet trainingscatalogus. Het programma omvat een breed scala aan cursussen in eigen tempo en onder leiding van een instructeur.

Lees meer

ATC Status

Bekijk onze ATC-status in geselecteerde landen in Europa.

Lees meer

Fortinet Professionele Services

Wereldwijd erkend team van gecertificeerde experts helpt u een soepelere overgang te maken met onze vooraf gedefinieerde consultancy-, installatie- en migratiepakketten voor een breed scala aan Fortinet-producten.

Lees meer

Microsoft-training

Insoft Services biedt Microsoft-trainingen in EMEAR. We bieden technische trainingen en certificeringscursussen van Microsoft aan die worden geleid door instructeurs van wereldklasse.

Technische cursussen

Extreme-training

Find all the Extreme Networks online and instructor led class room based calendar here.

Technische cursussen

Technische-certificering

We provide comprehensive curriculum of technical competency skills on the certification accomplishment.

Lees meer

Extreme trainingscatalogus

Leer uitzonderlijke kennis en vaardigheden van Extreme Networks

Lees meer

ATP accreditatie

Als geautoriseerde trainingspartner (ATP) zorgt Insoft Services ervoor dat u de hoogste onderwijsnormen krijgt die beschikbaar zijn.

Lees meer

Services Oplossingen

Wij bieden innovatieve en geavanceerde ondersteuning bij het ontwerpen, implementeren en optimaliseren van IT-oplossingen.Ons klantenbestand omvat enkele van de grootste Telco's ter wereld.

Oplossingen

Wereldwijd erkend team van gecertificeerde experts helpt u een soepelere overgang te maken met onze vooraf gedefinieerde consultancy-, installatie- en migratiepakketten voor een breed scala aan Fortinet-producten.

Over ons

Insoft biedt geautoriseerde trainings- en consultancydiensten voor geselecteerde IP-leveranciers. Ontdek hoe we een revolutie teweegbrengen in de industrie.

Lees meer
  • +31 71 799 6230
  • Register

    • Cyber Threat Hunting

    Enroll Now
    Duration
    2 Dagen
    Delivery
    (Online and onsite)
    Price
    Price Upon Request

    This course covers the fundamentals of Cyber Threat Hunting; how to build out a hunt program in your own environment; and how to identify, define, and execute a hunt mission.

     

    Cyber Threat Hunting introduces essential concepts for network and endpoint hunting and then allows learners to apply techniques to hunt for anomalous patterns. Hands-on activities follow real-world use cases to identify attacker techniques. Learners leave the course with critical information for establishing hunt programs within their organization, templates that can be used to document hunt missions, and concrete use cases that they can leverage to hunt in their own environment.

     

    Throughout the course, instructors provide guidance on hunting across typical security toolsets such as SIEM, packet capture, and Trellix Endpoint Security (HX); learners attending the course do not need a prior knowledge of specific Trellix technology to benefit from the instruction, however, lab activities are leveraged on the following Trellix technologies: Helix, Endpoint Security (HX) and Trellix Network Forensics. For example, endpoint hunting use cases leverage either Endpoint Security (HX), or Helix, or both, to acquire data used in the hunt mission.

    • Define Cyber Threat Hunting and articulate its value to an organization
    • Create or enhance an existing hunting program
    • Understand how to identify key stakeholders within an organization
    • Leverage provided use cases for your hunting program
    • Build hunt missions for threat hunting in your organization
    • Leverage both endpoint and network data for successful hunting
    • Use relevant threat models to implement a hunt mission by acquiring and analyzing relevant data
    • Identify areas of the hunt process that can be automated

    Hunting Fundamentals

    • Types of hunting
    • Hunting process
    • Defining hunt missions
    • Creating a hunt program
    • Identifying key stakeholders
    • Defining and leveraging cyber threat intelligence
    • Effecting threat modeling

    Acquiring and Analyzing Endpoint Data at Scale

    • Operating system technology review
    • Malware hiding techniques
    • Uncovering internal reconnaissance
    • Uncovering lateral movement
    • Data acquisition techniques

    Acquiring and Analyzing Network Data at Scale

    • Network technology review
    • Tunneling techniques
    • Exfiltration techniques
    • Suspicious HTTP traffic
    • Data acquisition techniques

    This is a fast-paced technical course that is designed to provide hands-on experience hunting for attackers in modern enterprise environments, including collecting and analyzing endpoint and network evidence. The content and pace is intended for students with some background in incident response, forensic analysis, network traffic analysis, log analysis, security assessments, and/or penetration testing. It is also well suited for those managing incident response or hunt teams or who are in roles that require oversight of cyber threat hunting and other investigative tasks.

    Students taking this course should have a working knowledge of Windows operating systems, networking and network security, file system, registry, and regular expressions. Scripting experience with Python or PowerShell is beneficial. Completion of Endpoint Investigations instructor-led course is also required.

    Overview

    This course covers the fundamentals of Cyber Threat Hunting; how to build out a hunt program in your own environment; and how to identify, define, and execute a hunt mission.

     

    Cyber Threat Hunting introduces essential concepts for network and endpoint hunting and then allows learners to apply techniques to hunt for anomalous patterns. Hands-on activities follow real-world use cases to identify attacker techniques. Learners leave the course with critical information for establishing hunt programs within their organization, templates that can be used to document hunt missions, and concrete use cases that they can leverage to hunt in their own environment.

     

    Throughout the course, instructors provide guidance on hunting across typical security toolsets such as SIEM, packet capture, and Trellix Endpoint Security (HX); learners attending the course do not need a prior knowledge of specific Trellix technology to benefit from the instruction, however, lab activities are leveraged on the following Trellix technologies: Helix, Endpoint Security (HX) and Trellix Network Forensics. For example, endpoint hunting use cases leverage either Endpoint Security (HX), or Helix, or both, to acquire data used in the hunt mission.

    • Define Cyber Threat Hunting and articulate its value to an organization
    • Create or enhance an existing hunting program
    • Understand how to identify key stakeholders within an organization
    • Leverage provided use cases for your hunting program
    • Build hunt missions for threat hunting in your organization
    • Leverage both endpoint and network data for successful hunting
    • Use relevant threat models to implement a hunt mission by acquiring and analyzing relevant data
    • Identify areas of the hunt process that can be automated

    Hunting Fundamentals

    • Types of hunting
    • Hunting process
    • Defining hunt missions
    • Creating a hunt program
    • Identifying key stakeholders
    • Defining and leveraging cyber threat intelligence
    • Effecting threat modeling

    Acquiring and Analyzing Endpoint Data at Scale

    • Operating system technology review
    • Malware hiding techniques
    • Uncovering internal reconnaissance
    • Uncovering lateral movement
    • Data acquisition techniques

    Acquiring and Analyzing Network Data at Scale

    • Network technology review
    • Tunneling techniques
    • Exfiltration techniques
    • Suspicious HTTP traffic
    • Data acquisition techniques

    This is a fast-paced technical course that is designed to provide hands-on experience hunting for attackers in modern enterprise environments, including collecting and analyzing endpoint and network evidence. The content and pace is intended for students with some background in incident response, forensic analysis, network traffic analysis, log analysis, security assessments, and/or penetration testing. It is also well suited for those managing incident response or hunt teams or who are in roles that require oversight of cyber threat hunting and other investigative tasks.

    Students taking this course should have a working knowledge of Windows operating systems, networking and network security, file system, registry, and regular expressions. Scripting experience with Python or PowerShell is beneficial. Completion of Endpoint Investigations instructor-led course is also required.

      Datum op aanvraag

    Follow Up Courses

    Filter
    Categorie

    Order A-Z

    Order Z-A

    42 results

    • Investigations with Email Security Cloud
      1 Dag
      Datum op aanvraag
      Price on Request
      Book Now

    • Network and Email Administration Bundle (AX, EX, FX, NX, CMS)
      1 Dag
      Datum op aanvraag
      Price on Request
      Book Now

    • XDR Administration
      2 Dagen
      Datum op aanvraag
      Price on Request
      Book Now

    • ATD with DXL, TIE and MAR Administration
      4 Dagen
      Datum op aanvraag
      Price on Request
      Book Now

    • Endpoint Security Administration
      4 Dagen
      Datum op aanvraag
      Price on Request
      Book Now

    • Network Traffic Analysis with Network Forensics
      2 Dagen
      Datum op aanvraag
      Price on Request
      Book Now

    • Cyber Threat Hunting
      2 Dagen
      Datum op aanvraag
      Price on Request
      Book Now

    • Investigations with File Protect
      1 Dag
      Datum op aanvraag
      Price on Request
      Book Now

    • Network Detection and Response (NDR) Administration
      1 Dag
      Datum op aanvraag
      Price on Request
      Book Now

    • Network Forensics Administration
      1 Dag
      Datum op aanvraag
      Price on Request
      Book Now

    Know someone who´d be interested in this course?
    Let them know...

    Use the hashtag #InsoftLearning to talk about this course and find students like you on social media.