First Incident Responder Training

As technology advances, cyber security attacks are happening more frequently and on a larger scale. Having a first line of defence is as crucial as prevention. The faster you detect and the more effectively you respond to the security breach will help mitigate any financial, reputational and legal impact on your organisation.

This course aims to equip first responders with the foundations to be effective in responding to incidents. Participants will be equipped with foundational knowledge and skills that they could use to assist in the incident response within their own sphere of expertise and without being a forensic or IR specialist.

Part 1:  Workshop on range of attacks & vectors used in the scenarios

Part 2:  How to detect/respond adversary tactics, techniques and procedures (TTP) from the MITRE ATT&CK framework

• Reconnaissance
• Initial entry
• Web application attack e.g. SQL Injection
• Phishing attack
• Persistence e.g. web shell
• Command & Control
• Credential attacks e.g. password spraying
• Lateral movement
• Exfiltration via covert channels

Part 3:  Wrap up and debrief

Who should take this course

System/network/database administrators and other IT team members who might be called to assist in incident response.