Incident Response and Attacker Techniques

While this course may sound almost like a penetration testing course, it is not. The focus of a penetration testing course is to find vulnerabilities and to exploit them. The focus of an incident response course, however, is to detect and respond to attacks. There are common areas of learning but there are also many parts of the course that are distinct from each other.

This course is organised in 3 broad parts:

• The 6-step Incident Response Process (Preparation, Identification, Containment, Eradication, Recovery and Lessons Learnt)

• Understanding attackers and how they might attack

• Practical/hands-on steps to detect and respond to attacks

This course is taught in this particular way because we believe that ‘Offense Informs Defense’. Only by understanding the attacker, we can then begin to detect their activities and to respond to them.

At the end of this course, participants will gain knowledge and skills related to the following:

• How to identify a range of attack techniques employed by attacks

• How to prepare yourself and your team to an incident more effectively and efficiently

• Decisions and considerations that may be made in an incident

• Basic triage technique to identify unusual activities on Windows operating system and Linux operating system

• Basic steps to contain an attack and stop it from spreading

Event start date is yet to be confirmed. Interested participants can register their interest below.