This two-day course is based on evidential information about cyber security attacks facing various organisations today. The course is based on our experience and interaction with our clients and other industry attack victims.

  • Analyse recent known and some unknown attacks and dive into the technical details on how they avoided detection.
  • Review the basic application of incident triage, OODA and the Diamond Methodology, and deep dive into the Cyber Kill Chain.
  • Help attendees understand the role log management plays in network-based attacks, followed by a review of the most common log types and log sources in an organisation.
  • Review most common SIEM products and technologies including security analytic approaches to SIEM.