Advanced APT Threat Hunting & Incident Response

APTs are constantly evolving their attack techniques putting pressure on responders and blue teamers to stay up-to-date on all the latest tactics, techniques and procedures. Depending on the nature of the organization, responders and blue teamers may have never responded to a nation-state level threat in their environment. This course is built to arm attendees with the ability to detect, respond and remediate an APT-level attack. Attendees will be challenged with practical labs built around a simulated APT intrusion covering each stage of the ATT&CK chain. Students will be exposed to endpoint forensics, log analysis and cloud forensics on up-to-date attack techniques leveraged by Russian, Chinese, North Korean and Iranian APT groups against organizations within the last two years.