Hunt the Hacker (HtH)

Hunt the Hacker (HtH)

Kestus:

16 akadeemilist tundi

Toimumiskoht:

Claryfied Security koolitusklass

IT Koolitusel on hea meel kutsuda teid meie partneri Clarified Security korraldatavale 2-päevasele koolitusele Hunt the Hacker.

NB! Koolitus on inglise keeles. Koolituse toimumiseks on minimaalne osavõtjate arv 6.

Practical training that teaches attendees how to discover hackers that have bypassed existing security mechanisms, and are now operating invisibly within the internal network. Brought to you by professional hackers!

Sihtgrupp: Everybody who needs to know more about what threat hunting is, why it is necessary, what is required to start doing it, and how it should be done. Appropriate roles include: CISOs, Security Managers, SOC staffers, Incident Responders, Forensic Analysts, and System Administrators.

Koolituse tulemused / Õpiväljundid

Participants will understand what threat hunting is, be utterly convinced of the need
for it, know what infrastructure is required to facilitate it, and be able to start doing it with confidence
within their own organizations

Koolitusel osalemise eeldused (soovitavalt): To maximize value to the attendee, prior HOHE participation is highly recommended, but not mandatory.

Maht: 16 akadeemilist tundi

Tunnistuse väljastamise eelduseks on koolitusel osalemine terves mahus.

Koolitusel käsitletavad teemad ja sisukirjeldus:

The trainers engage participants with lectures, live demonstrations and Q&A sessions. Each participant spends the majority of their time performing a wide variety of hands-on hunts. Participants learn how to hunt hackers within our Windows and Linux lab network, using a range of highly effective threat hunting technologies and techniques, looking for real life attacks.

Technologies used:

  • Sysmon : Sysmon is the go-to solution for hunters working with Windows machines, and is the technology that Microsoft itself uses to hunt hackers within their own networks.
  • Elastic stack, formerly “ELK” : The Elastic Stack is a suite of mature open source technologies that is popularly used for hunting by big name companies. The principles that are taught in this course using the Elastic Stack are also more generally applicable to other data lake products such as Splunk, Sumo and others.
  • Elastic Security : The Elastic Security adds SIEM and Endpoint security capabilities to Elastic stack and enables threat hunters to collect data, detect anomalies, respond to threats, analyse and correlate large number of datapoints all in one ecosystem.
  • Osquery : Osquery is an infrastructure monitoring framework created by Facebook. Osquery enables low-level operating system monitoring by exposing the operating system as a high-performance relational database which can be easily queried using SQL syntax.

Hunting techniques:

Known bad : Students will learn how to research and develop hunts for known indicators of attack.

Known good : Students will learn how to “find evil by knowing normal”, using various processes of elimination to reduce a set of raw collected data down to “not known good”. Students will then determine through investigation whether the remaining data constitute indicators of attack or benign in nature. Benign items are labeled as “known good” so that they need not be investigated again.

Outliers : Outlier detection is the “power technique” of threat hunting. Students will learn how to leverage statistical analysis in order to force anomalies in large-scale sets of data to become apparent, which will commonly highlight indicators of attack.

It is important to note that although this course focuses on Linux and Windows endpoints, the building-block technological capabilities and hunting principles are equally applicable on MacOS and others.

Koolitus toimub aadressil Lõõtsa 12, Tallinn. Kell 9:00-17:00

You can take part in the training with the Unemployment Insurance Fund training card.

We also recommend that you get acquainted with the in-service training grants offered by the Unemployment Insurance Fund to employers: the training allowance for employers and the reimbursement of the employee's training expenses to the employer.

See you at training!

Koolitajad

  • Allar Viik

    Koolitaja

    Allar Viik

    Koolitaja

Hunt the Hacker (HtH)

Kestus:

16 akadeemilist tundi

Toimumiskoht:

Claryfied Security koolitusklass

IT Koolitusel on hea meel kutsuda teid meie partneri Clarified Security korraldatavale 2-päevasele koolitusele Hunt the Hacker.

NB! Koolitus on inglise keeles. Koolituse toimumiseks on minimaalne osavõtjate arv 6.

Practical training that teaches attendees how to discover hackers that have bypassed existing security mechanisms, and are now operating invisibly within the internal network. Brought to you by professional hackers!

Sihtgrupp: Everybody who needs to know more about what threat hunting is, why it is necessary, what is required to start doing it, and how it should be done. Appropriate roles include: CISOs, Security Managers, SOC staffers, Incident Responders, Forensic Analysts, and System Administrators.

Koolituse tulemused / Õpiväljundid

Participants will understand what threat hunting is, be utterly convinced of the need
for it, know what infrastructure is required to facilitate it, and be able to start doing it with confidence
within their own organizations

Koolitusel osalemise eeldused (soovitavalt): To maximize value to the attendee, prior HOHE participation is highly recommended, but not mandatory.

Maht: 16 akadeemilist tundi

Tunnistuse väljastamise eelduseks on koolitusel osalemine terves mahus.

Koolitusel käsitletavad teemad ja sisukirjeldus:

The trainers engage participants with lectures, live demonstrations and Q&A sessions. Each participant spends the majority of their time performing a wide variety of hands-on hunts. Participants learn how to hunt hackers within our Windows and Linux lab network, using a range of highly effective threat hunting technologies and techniques, looking for real life attacks.

Technologies used:

  • Sysmon : Sysmon is the go-to solution for hunters working with Windows machines, and is the technology that Microsoft itself uses to hunt hackers within their own networks.
  • Elastic stack, formerly “ELK” : The Elastic Stack is a suite of mature open source technologies that is popularly used for hunting by big name companies. The principles that are taught in this course using the Elastic Stack are also more generally applicable to other data lake products such as Splunk, Sumo and others.
  • Elastic Security : The Elastic Security adds SIEM and Endpoint security capabilities to Elastic stack and enables threat hunters to collect data, detect anomalies, respond to threats, analyse and correlate large number of datapoints all in one ecosystem.
  • Osquery : Osquery is an infrastructure monitoring framework created by Facebook. Osquery enables low-level operating system monitoring by exposing the operating system as a high-performance relational database which can be easily queried using SQL syntax.

Hunting techniques:

Known bad : Students will learn how to research and develop hunts for known indicators of attack.

Known good : Students will learn how to “find evil by knowing normal”, using various processes of elimination to reduce a set of raw collected data down to “not known good”. Students will then determine through investigation whether the remaining data constitute indicators of attack or benign in nature. Benign items are labeled as “known good” so that they need not be investigated again.

Outliers : Outlier detection is the “power technique” of threat hunting. Students will learn how to leverage statistical analysis in order to force anomalies in large-scale sets of data to become apparent, which will commonly highlight indicators of attack.

It is important to note that although this course focuses on Linux and Windows endpoints, the building-block technological capabilities and hunting principles are equally applicable on MacOS and others.

Koolitus toimub aadressil Lõõtsa 12, Tallinn. Kell 9:00-17:00

You can take part in the training with the Unemployment Insurance Fund training card.

We also recommend that you get acquainted with the in-service training grants offered by the Unemployment Insurance Fund to employers: the training allowance for employers and the reimbursement of the employee's training expenses to the employer.

See you at training!

Koolitajad

  • Allar Viik

    Koolitaja

    Allar Viik

    Koolitaja

Registreerimine

Hind
Osalejaid

15.-16.03.2023 Hunt the Hacker (HtH)

1000,00 €

1200,00 € km-ga

0
  • Registreeri Töötukassa kaudu

15.-16.03.2023 Hunt the Hacker (HtH)

OsalejaidHind
0

1000,00 €

1200,00 € km-ga

  • Registreeri Töötukassa kaudu

Lisainfo

Osalemise tingimused

Registreerudes e-poe, e-kirja või telefoni teel, saadame Teile arve ja täpsema info osalemise kohta.
Üksteist päeva enne koolitust saadame Teile e-kirjaga meenutuse osalemise infoga.

Koolitusel osalemine on nimeline, kuid saate osalejat tasuta muuta kuni koolituse alguseni.

Koolituse eest tasumine toimub arvel viidatud arveldusarvele. Arve saadetakse maksja aadressile e-postiga. Arve tuleb tasuda enne koolituse algust arvel märgitud maksetähtajaks.

Kui Te ei saa mingil põhjusel osaleda, palun andke sellest kindlasti teada e-posti aadressil [email protected] või telefonil 618 1727 . Kui teatate koolitusel mitteosalemisest kuni 10 tööpäeva enne algust, pakume mõnd muud samaväärset koolitust või tagastame 100% tasutud koolituse maksumusest. Mitteosalemisest vähemalt 5 tööpäeva varem teatades, tagastame 50%. Muul juhul kuulub arve tasumisele. Raha tagastame ette antud summas juhul, kui pole tehtud koolituse korraldamisega seotud kulutusi (ostetud õppematerjale jms). Koolitusele mitteilmumisel, sellest mitteteatamisel või koolituse poolelijätmisel õppetasu ei tagastata.

IT Koolitusel on õigus koolitusgrupi mitte täitumisel koolituse toimumine edasi lükata või koolitus ära jätta. Koolitusele registreerunuid teavitatakse kursuse edasi lükkumisest või ära jätmisest telefoni või e-posti teel. Koolituse ära jäämisel korraldajatest tulenevatel põhjustel makstakse õppetasu tagasi. .

IT Koolitus on Eesti Töötukassa koolituskaardi koostööpartner. Tutvuge koolituskaardi infoga SIIN.
Täpsema info saamiseks võtke meiega ühendust telefonil 618 1727 või [email protected].

Asukoht ja kontaktid

Aadress

Lõõtsa 12, Tallinn

IT Koolitus Vana-Lõuna 39/1, Tallinn 6181727 [email protected]

© AS Äripäev 2000-2022
  • Aadress: Vana Lõuna 39/1, 19094 Tallinn
  • Klienditugi: 667 0099 (8:15-17:00)
  • E-post: [email protected]