We may earn an affiliate commission when you visit our partners.
Daniel Lachance, Cristian Pascariu, Aaron Rosenmund, and Guillaume Ross

Keeping up with advanced cyber threats and sifting through the insurmountable number of alerts available to security analysts is not sustainable without leveling up your security analysis skills to keep pace with modern security operations. Developing the skills necessary for a security analyst to properly identify, investigate and report advanced attacker intrusion tactics and techniques requires experience and the use of advanced detection capabilities. Neither of which are easily obtained. This path you will develop the skills and knowledge required to not only understand how a multitude of advanced attacker techniques are performed, but also what they look like in a realistic environment, and how to identify them as part of your security analyst operations. The courses in this path will help in covering the objectives of the NICE Cybersecurity Workforce Framework Cyber Defense Analysis role (PR-CDA-001) and the attacks detected are reflective of threat actor techniques found in the Mitre ATT&CK framework. It also fully covers the the Detect domain in the NIST Framework for Improving Critical Infrastructure Cybersecurity.

Read more

Keeping up with advanced cyber threats and sifting through the insurmountable number of alerts available to security analysts is not sustainable without leveling up your security analysis skills to keep pace with modern security operations. Developing the skills necessary for a security analyst to properly identify, investigate and report advanced attacker intrusion tactics and techniques requires experience and the use of advanced detection capabilities. Neither of which are easily obtained. This path you will develop the skills and knowledge required to not only understand how a multitude of advanced attacker techniques are performed, but also what they look like in a realistic environment, and how to identify them as part of your security analyst operations. The courses in this path will help in covering the objectives of the NICE Cybersecurity Workforce Framework Cyber Defense Analysis role (PR-CDA-001) and the attacks detected are reflective of threat actor techniques found in the Mitre ATT&CK framework. It also fully covers the the Detect domain in the NIST Framework for Improving Critical Infrastructure Cybersecurity.

What You'll Learn

  • Network Traffic Analysis
  • Local Log and Authentication Analysis
  • Application Event Analysis
  • Endpoint OS Activity Analysis
  • Common Adversary Attack Techniques
  • Advanced Adversary Attack Techniques
  • Statistical and Behavioural Anomaly Detection
  • Correlation and Multi-Domain Event Detection in SIEM’s
  • Security Operations Case Creation
  • Enroll now

    Share

    Help others find this collection page by sharing it with your friends and followers:

    What's inside

    Seven courses

    Security Event Triage: Operationalizing Security Analysis

    (0 hours)
    In this course, you will learn the skills and technologies required by security analysts to keep pace with modern security operations. You will gain foundational knowledge of modern cybersecurity continuous monitoring techniques and processes. You will also learn how to identify and interrogate all manner of cyber threats.

    Security Event Triage: Monitoring Assets and Topology

    (1 hours)
    Protecting your network is essential. Compare what should be on the network to scans to identify abnormal devices and traffic.

    Security Event Triage: Leveraging Existing Security Device Alerts

    (1 hours)
    Identifying suspicious network activity can prevent serious security breaches. By monitoring centralized device logs, you can catch potential security problems in a timely manner. This course teaches you how to analyze security device logs looking for security problems.

    Security Event Triage: Detecting Network Anomalies with Behavioral Analysis

    (2 hours)
    In this network behavioral analysis course, you will use frequency, protocol, and population analysis methodologies to detect events associated with multiple threat actors' intrusions into a simulated enterprise network.

    Security Event Triage: Detecting System Anomalies

    (1 hours)
    In this course on system anomaly detection, you will explore the use of CPU, RAM, GPU, fans, and power resource usage data to reveal advanced attacker techniques and uncover events associated with hardware supply chain interdiction. Developing the skills necessary for a security analyst to properly detect and triage advanced attacker intrusion tactics and techniques requires experience and the use of advanced detection capabilities.

    Security Event Triage: Revealing Attacker Methodology in Web Application Events

    (2 hours)
    In this course on revealing web application attack methodology, you will explore the use of web application filters, app service logs, and web vulnerability scanners to detect live web exploitations.

    Security Event Triage: Statistical Baselining with SIEM Data Integration

    (1 hours)
    Log parsing and analysis are not effective for large data sets. This course teaches how to perform data analysis and baselining on large data sets to identify and address threats efficiently.

    Save this collection

    Save Continuous Security Monitoring and Detection to your list so you can find it easily later:
    Save
    Our mission

    OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.

    Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.

    Find this site helpful? Tell a friend about us.

    Affiliate disclosure

    We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.

    Your purchases help us maintain our catalog and keep our servers humming without ads.

    Thank you for supporting OpenCourser.

    © 2016 - 2024 OpenCourser