Blue Team Basic Training

Course Overview

Knowledge about current and future cyber attacks is just as important for SOC teams/employees as is the testing of processes and ways to effectively fend them off.

In our Blue Team Basic Online course, you will train to identify incidents quickly, eliminate them permanently from the network and close attack vectors. You practice and optimize processes, receive new impulses through best practices and are thus better equipped to fend off attacks rapidly, effectively and sustainably.

You can expect an overview on typical vulnerabilities, future attack scenarios and demonstrate new cyber security solutions.

Methods and aims

A practice-oriented, hands-on online training on the Cyber Range, group work, structured feedback, lectures and knowledge transfer, discussions, best practices, demos. Strengthening skills of the team and individual team members.

Detection of incidents in network analysis
Analysis of vulnerabilities
Detection of attack routes
Implementation of adequate recovery measures

Overview

Blue Team Basic Online - for SOC teams/employees
Is based on two components:

Over the course of three days, you will

  • practice in a secure environment to deal with real security incidents in three hyper-realistic scenarios online on the Cyber Range simulation platform;
  • observe a virtual enterprise network with state-of-the-art software such as the Palo Alto firewall and SIEM IBM Q-Radar,
  • identify, analyze and evaluate security issues as they arise,
  • discuss and implement appropriate mitigation measures.

In doing so, you are supported by trainers and are exposed to real malware - in an environment that, in contrast to real-time operations, can be reset at the touch of a button. This also allows you to explore the implications of different paths of the same scenarios.

In complementary lectures, you will receive an overview of current and future attack scenarios, vulnerabilities, next generation vulnerabilities and latest tools and trends in network security as well as best practices.


Schedule

Please note – end times can differ slightly as they depend on the speed in which participants master scenarios. Consequently, we may shift content between the training days.

Day 1 - 09:00 AM to 05:00 PM


Introduction


Group work/training of attack scenarios on the Cyber Range platform


Knowledge transfer: Cyber attacks - today and tomorrow / typical attack vectors


Structured feedback and debriefings

Day 2 - 09:00 AM to 05:00 PM


Group work/training of attack scenario on the Cyber Range platform including testing the effectiveness and efficiency of different approaches


Structured feedback and debriefings

Day 3 - 09:00 AM to 05:00 PM


Group work/training of attack scenario on the Cyber Range platform


Trends and State-of-the-Art solutions


Structured feedback and debriefings


Review/reflection on the learning outcomes and final discussion


Requirements to participate

You should be familiar with the functioning of firewalls and SIEM systems, in particular

  • Linux and Windows log management
  • Linux and Windows Forensics
  • Advanced network knowledge
  • Dealing with database systems
  • Basics of Web applications
  • Basics in Reverse Engineering

If you have further questions, please do not hesitate to contact us.


Training Platform and Tools

The Cyber Range training will be conducted on the cyber training and simulation platform. For more engagement with our attendees in the online trainings we will use the online conferencing tool MS Teams in addition to facilitate talk, chat and lectures.

Our next Training

Can be booked as open training for individuals or as in-house training for a team.

Blue Team Basic Training 08.-10.10.2024 max. 10

Contact

Interested? Please contact Christiane Plösser

Contact us

Training modules

Blue Team Advanced Training

3-5 day training with more complex scenarios for higher demands on analytical skills and problem-solving competence in coping with real attack situations.

Read more

Red Team Training

Think like an attacker to be a world-class defender! This training is a role-play where two teams will take turns to operate as attackers or defenders.

Read more

Blue Team vs. Red Team

Attacking by the Red Team and defending by the Blue Team in real time is the goal of this module.

Read more

Malware Analysis

A deep dive into the analysis of infection routes, creating persistence and removing malware.

Read more

ICS Training

In this course you will learn what to do if Industrial Control Systems/Operational Technology have been compromised.

Read more

Customized Training

You want to customize your training to your specific needs? No problem! Let us create a customized offer for your security team!
Training can be offered as online or face-to-face training.

Contact us