Coupon: Cyber Security Blue Team: Incident Responder Series
Cyber Security Blue Team: Incident Responder Series - Part 1
In the first part of our Cyber Security Blue Team: Incident Responder series, we will become fully proficient in Incident Response processes. We will explain and review each stage with examples. Then, we will write in-depth queries and rules at these stages. Specifically, we will learn to develop rules in Suricata, Sysmon, and Splunk for each technique in the MITRE ATT&CK Tactics and Techniques and will write many rules. Thanks to the training we received, you will be able to develop your own NIDS, SYSMON, and SIEM rules. On the other hand, we will understand all of the MITRE ATT&CK Tactics and Techniques and apply them in our Incident Response processes. We will examine the attack commands used in the MITRE ATT&CK Tactics and Techniques and develop our rules to detect these commands.
Link: Click Here
