Adversary Detection & Incident Response - Network Defense Range OPERATIONS

Fighter pilots need flight simulators; incident responders need Network Defense Ranges.Effectively detecting and retracing the steps of today’s network attacker requires expertise. Expertise requires practical incident response and threat-hunting experience. This course offers hands-on experience that is as close as you can get to the real thing without the messy data losses, economic impacts, reporting requirements, and lawsuits. The best way to gain experience in advanced adversary defense is to practice in a live-fire environment. Even if you have some experience, how do you keep your skills sharp? As importantly, how do you maintain effective team dynamics? Chances are your organization’s defenses are pretty good so you don’t go up against Advanced Persistent Threat actors very often. Well, Network Defense Range Operations is your opportunity.Network Defense Range Operations is hands-on. It includes a full enterprise network and state-of-the-art digital forensics and incident response tools. We attack it with high-fidelity simulations of current, active threat actors. We emulate their tactics, techniques and procedures down to the IP addresses and hashes. You will gain experience ● Investigating cross-platform, advanced adversarial techniques ● Utilizing MITRE’s ATT&CK matrix for threat actor identification and TTP tracking ● Building out enterprise investigations ● Practicing incident enrichment and collaboration