We may earn an affiliate commission when you visit our partners.
Aaron Rosenmund
In this course on system anomaly detection, you will explore the use of CPU, RAM, GPU, fans, and power resource usage data to reveal various advanced attacker techniques and uncover events associated with hardware supply chain interdiction.
Read more
In this course on system anomaly detection, you will explore the use of CPU, RAM, GPU, fans, and power resource usage data to reveal various advanced attacker techniques and uncover events associated with hardware supply chain interdiction.
Read more
In this course on system anomaly detection, you will explore the use of CPU, RAM, GPU, fans, and power resource usage data to reveal various advanced attacker techniques and uncover events associated with hardware supply chain interdiction.
Developing the skills necessary for a security analyst to properly detect and triage advanced attacker intrusion tactics and techniques requires experience and the use of advanced detection capabilities. Neither of which are easily obtained. In this course, Security Event Triage: Detecting System Anomalies, you will learn foundational knowledge required to baseline different machine performance data and triage deviations from that baseline that can indicate a stealthy adversary’s presence in your environment when all other methods have failed. First, you will learn about CPU, RAM, and Hard drive metric data and how it can be used to detect anything from botnets to the use of hard drives as microphones for side-channel espionage. Next, you will discover the techniques used for “in-browser” crypto-jacking or malware delivered crypto mining activity by monitoring browser activity and GPU usage that stands out from the established baseline for normal applications. Finally, you will look at fan speeds and power usage to identify air-gapped network hopping techniques and hardware supply chain compromise. When you are finished with this course, you will have the skills and knowledge of not only how a multitude of advanced attacker techniques are performed, but also what they look like in a realistic environment and how to identify them as part of your security analyst operations.
Register for this course and see more details by visiting:
OpenCourser.com/course/juu128/security
Here's a deal for you
We found an offer that may be relevant to this course.
Save money when you learn.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
What's inside
Syllabus
Course Overview
Introduction to System Telemetry Analysis
Analyzing the Computing Basics
Leveraging Graphics Processing Indicators
Read more
Syllabus
Course Overview
Introduction to System Telemetry Analysis
Analyzing the Computing Basics
Leveraging Graphics Processing Indicators
Read more
Uncovering Significance of Power and Fans, Lights
Incorporating Telemetry Analysis in Triage Workflow
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Explores system anomaly detection using CPU, RAM, GPU, fans, and power resource usage data, providing foundational knowledge for security analysts
Covers advanced attacker tactics and techniques, including botnets, crypto-jacking, side-channel espionage, and hardware supply chain compromise
Teaches skills and knowledge necessary for triage and detection of advanced attacker intrusion tactics and techniques through baseline analysis and deviation detection
Helps security analysts develop the experience and capabilities to identify stealthy adversaries and protect their environments
Provides hands-on labs and interactive materials to reinforce learning and develop practical skills
Save this course
Save Security Event Triage: Detecting System Anomalies to your list so you can find it easily later:
Save
Save
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Security Event Triage: Detecting System Anomalies with these
activities:
System Telemetry Analysis Concepts Refresher
Show steps
This course includes monitoring and analyzing system data, so reviewing general system telemetry analysis concepts and techniques will be beneficial.
Show steps
-
Review documentation or online resources on system telemetry analysis concepts
-
Practice analyzing sample system telemetry data
Compilation of Tools for Telemetry Analysis and Threat Detection
Show steps
Having a collection of useful tools at your disposal is crucial for effective system anomaly detection. Compile a list of tools for telemetry analysis, threat detection, and security monitoring.
Browse courses on
Cybersecurity Tools
Show steps
-
Research and identify tools that align with the course objectives.
-
Categorize and organize the tools based on their functionality and relevance.
Workshop on Leveraging Fan Speeds and Power Usage for Threat Detection
Show steps
Explore advanced techniques for identifying hardware supply chain compromises and air-gapped network hopping by monitoring fan speeds and power usage. Attend a workshop to gain hands-on experience.
Show steps
-
Identify and register for a relevant workshop.
-
Attend the workshop and actively participate in the exercises.
Three other activities
Expand to see all activities and additional details
Show all six activities
Practice Detecting Anomalies with CPU Metrics
Show steps
Understanding how to detect anomalies in CPU metrics is essential for identifying advanced attacker techniques. Engage in practice drills to enhance your ability to analyze CPU data for threat detection.
Show steps
-
Find datasets or generate sample CPU metrics data with known anomalies.
-
Use data analysis tools to analyze CPU metrics and identify deviations from normal patterns.
Deliverable: Incident Response Plan for System Telemetry Anomalies
Show steps
To ensure effective handling of security incidents, it's crucial to have a well-defined incident response plan. Create a deliverable that outlines your incident response process for system telemetry anomalies.
Browse courses on
Incident Response Planning
Show steps
-
Identify potential security incidents related to system telemetry anomalies.
-
Develop a step-by-step incident response plan, including roles and responsibilities.
Project: Develop a System Telemetry Monitoring Dashboard
Show steps
To effectively monitor and analyze system telemetry data, it's beneficial to create a customized dashboard. Start a project to develop a dashboard that meets your specific security requirements.
Show steps
-
Define the scope and requirements of the dashboard.
-
Choose appropriate data visualization tools and techniques.
System Telemetry Analysis Concepts Refresher
Show steps
This course includes monitoring and analyzing system data, so reviewing general system telemetry analysis concepts and techniques will be beneficial.
Show steps
Show steps
Show steps
- Review documentation or online resources on system telemetry analysis concepts
- Practice analyzing sample system telemetry data
Compilation of Tools for Telemetry Analysis and Threat Detection
Show steps
Having a collection of useful tools at your disposal is crucial for effective system anomaly detection. Compile a list of tools for telemetry analysis, threat detection, and security monitoring.
Browse courses on
Cybersecurity Tools
Show steps
Show steps
Show steps
- Research and identify tools that align with the course objectives.
- Categorize and organize the tools based on their functionality and relevance.
Workshop on Leveraging Fan Speeds and Power Usage for Threat Detection
Show steps
Explore advanced techniques for identifying hardware supply chain compromises and air-gapped network hopping by monitoring fan speeds and power usage. Attend a workshop to gain hands-on experience.
Show steps
Show steps
Show steps
- Identify and register for a relevant workshop.
- Attend the workshop and actively participate in the exercises.
Three other activities
Expand to see all activities and additional details
Show all six activities
Practice Detecting Anomalies with CPU Metrics
Show steps
Understanding how to detect anomalies in CPU metrics is essential for identifying advanced attacker techniques. Engage in practice drills to enhance your ability to analyze CPU data for threat detection.
Show steps
Show steps
Show steps
- Find datasets or generate sample CPU metrics data with known anomalies.
- Use data analysis tools to analyze CPU metrics and identify deviations from normal patterns.
Deliverable: Incident Response Plan for System Telemetry Anomalies
Show steps
To ensure effective handling of security incidents, it's crucial to have a well-defined incident response plan. Create a deliverable that outlines your incident response process for system telemetry anomalies.
Browse courses on
Incident Response Planning
Show steps
Show steps
Show steps
- Identify potential security incidents related to system telemetry anomalies.
- Develop a step-by-step incident response plan, including roles and responsibilities.
Project: Develop a System Telemetry Monitoring Dashboard
Show steps
To effectively monitor and analyze system telemetry data, it's beneficial to create a customized dashboard. Start a project to develop a dashboard that meets your specific security requirements.
Show steps
Show steps
Show steps
- Define the scope and requirements of the dashboard.
- Choose appropriate data visualization tools and techniques.
Career center
Learners who complete Security Event Triage: Detecting System Anomalies will develop knowledge and skills
that may be useful to these careers:
Security Engineer
Security Engineer
Security Engineers are responsible for designing and implementing security systems and solutions. They use a variety of tools and techniques to protect systems from threats, including system anomaly detection. This course can help Security Engineers to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Security Analyst
Security Analyst
Security Analysts are responsible for investigating and resolving security incidents. They use a variety of tools and techniques to detect and respond to threats, including system anomaly detection. This course can help Security Analysts to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Cybersecurity Analyst
Cybersecurity Analyst
Cybersecurity Analysts are responsible for analyzing security data and identifying threats. They use a variety of tools and techniques to detect and respond to threats, including system anomaly detection. This course can help Cybersecurity Analysts to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Security Consultant
Security Consultant
Security Consultants are responsible for providing advice and guidance on security matters. They use a variety of tools and techniques to assess security risks and develop security solutions. This course can help Security Consultants to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Incident Responder
Incident Responder
Incident Responders are responsible for responding to security incidents and restoring systems to normal operation. They use a variety of tools and techniques to investigate and resolve incidents, including system anomaly detection. This course can help Incident Responders to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Penetration Tester
Penetration Tester
Penetration Testers are responsible for simulating attacks on systems to identify vulnerabilities. They use a variety of tools and techniques to identify and exploit vulnerabilities. This course can help Penetration Testers to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Malware Analyst
Malware Analyst
Malware Analysts are responsible for analyzing malware and identifying its functionality. They use a variety of tools and techniques to analyze malware and develop detection and mitigation strategies. This course can help Malware Analysts to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Information Security Manager
Information Security Manager
Information Security Managers are responsible for managing the security of an organization's information systems. They use a variety of tools and techniques to assess security risks and develop security solutions. This course can help Information Security Managers to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
CISOs are responsible for overseeing the security of an organization's information systems. They use a variety of tools and techniques to assess security risks and develop security solutions. This course can help CISOs to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Data Protection Officer (DPO)
Data Protection Officer (DPO)
DPOs are responsible for ensuring that an organization complies with data protection laws and regulations. They use a variety of tools and techniques to assess data protection risks and develop data protection solutions. This course can help DPOs to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Forensic Investigator
Forensic Investigator
Forensic Investigators are responsible for investigating security incidents and collecting evidence. They use a variety of tools and techniques to analyze evidence and identify the source of an attack. This course can help Forensic Investigators to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Threat Intelligence Analyst
Threat Intelligence Analyst
Threat Intelligence Analysts are responsible for collecting and analyzing threat intelligence. They use a variety of tools and techniques to identify and track threats. This course can help Threat Intelligence Analysts to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
IT Security Manager
IT Security Manager
IT Security Managers are responsible for managing the security of an organization's IT systems. They use a variety of tools and techniques to assess security risks and develop security solutions. This course can help IT Security Managers to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Vulnerability Researcher
Vulnerability Researcher
Vulnerability Researchers are responsible for finding and exploiting vulnerabilities in software and systems. They use a variety of tools and techniques to identify and exploit vulnerabilities. This course can help Vulnerability Researchers to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
Privacy Manager
Privacy Manager
Privacy Managers are responsible for managing the privacy of an organization's data. They use a variety of tools and techniques to assess privacy risks and develop privacy solutions. This course can help Privacy Managers to develop the skills they need to detect and triage advanced attacker intrusion tactics and techniques.
For more career information including salaries, visit:
OpenCourser.com/course/juu128/security
Reading list
We've selected 12 books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Security Event Triage: Detecting System Anomalies.
Covers software security testing techniques and methodologies, providing a valuable resource for security analysts and software developers.
Provides a comprehensive guide to incident response, detection, and prevention, covering best practices and techniques for securing IT systems.
Save
Provides a comprehensive overview of system performance tuning and optimization techniques, including in-depth coverage of CPU, memory, I/O, and network performance.
Save
Offers a comprehensive overview of network security threats and vulnerabilities, providing practical guidance on how to detect and mitigate these threats.
Offers a practical guide to network security assessment, covering techniques and tools for identifying and mitigating network vulnerabilities.
Provides a comprehensive overview of Metasploit and Armitage, offering practical guidance on using these tools for penetration testing and vulnerability assessment.
Covers advanced memory management concepts and techniques, including page tables, virtual memory, and cache management.
Offers a theoretical and practical foundation in security engineering, covering topics such as risk assessment, threat modeling, and secure system design.
Offers a comprehensive overview of computer security, covering topics such as cryptography, access control, and network security.
Save
Provides a comprehensive overview of cryptography, including coverage of encryption algorithms, digital signatures, and protocols.
Offers a comprehensive foundation in operating systems concepts, providing a solid understanding of system internals and resource management.
Provides a deep understanding of computer architecture, including topics such as CPU design, memory hierarchy, and I/O systems.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/juu128/security
Share
Similar courses
Here are nine courses similar to
Security Event Triage: Detecting System Anomalies.
Security Event Triage: Revealing Attacker Methodology in Web Application Events
OpenCourser.com/course/dm0wec/security
Security Event Triage: Revealing Attacker Methodology in...
Most relevant
Security Event Triage: Operationalizing Security Analysis
OpenCourser.com/course/g974uf/security
Security Event Triage: Operationalizing Security Analysis
Most relevant
Security Event Triage: Detecting Network Anomalies with Behavioral Analysis
OpenCourser.com/course/ryu2o5/security
Security Event Triage: Detecting Network Anomalies with...
Security Event Triage: Monitoring Assets and Topology
OpenCourser.com/course/4g7as1/security
Security Event Triage: Monitoring Assets and Topology
Security Event Triage: Statistical Baselining with SIEM Data Integration
OpenCourser.com/course/e3unas/security
Security Event Triage: Statistical Baselining with SIEM...
Incident Response: Containment, Eradication and Recovery
OpenCourser.com/course/pmf1wn/incident
Incident Response: Containment, Eradication and Recovery
Monitor and Detect with IBM Security QRadar
OpenCourser.com/course/m83muq/monitor
Monitor and Detect with IBM Security QRadar
Security Event Triage: Analyzing Live System Process and Files
OpenCourser.com/course/oouv7q/security
Security Event Triage: Analyzing Live System Process and...
Live Response and Forensics with PowerShell
OpenCourser.com/course/2tbcvf/live
Live Response and Forensics with PowerShell
Time
107 hours
Level
Advanced
Via
Pluralsight
Instructor
Aaron Rosenmund
Language
English
Good to know
Explores system anomaly detection using CPU, RAM, GPU, fans, and power resource usage data, providing foundational knowledge for security analysts
Covers advanced attacker tactics and techniques, including botnets, crypto-jacking, side-channel espionage, and hardware supply chain compromise
Teaches skills and knowledge necessary for triage and detection of advanced attacker intrusion tactics and techniques through baseline analysis and deviation detection
Helps security analysts develop the experience and capabilities to identify stealthy adversaries and protect their environments
Provides hands-on labs and interactive materials to reinforce learning and develop practical skills
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser