SEC598: OnDemand
Provided by SANS
What You Will Learn
The machines aren't taking over. You are!
Mastering automation workflows is a force multiplier for security teams. As the scope of work increases in both volume and complexity across today's modern enterprise, security teams find themselves in an uphill battle to prevent, detect, emulate, and respond to threats against their organization.
To combat this ongoing issue, world-class security teams have learned to unleash the power of automation. Highly skilled security and automation engineers are able to implement solutions that allow their teams to shift their daily focus away from high-volume, low priority tasks to business critical, high-priority initiatives.
Over the span of this course, you will interact with a real-world fictitious organization, GLOBEX, where you'll interact with over 15 lab exercises and a capstone centered on security automation use cases that you can take back and implement within your own organization.
You Will Be Able To
The machines aren't taking over. You are!
Mastering automation workflows is a force multiplier for security teams. As the scope of work increases in both volume and complexity across today's modern enterprise, security teams find themselves in an uphill battle to prevent, detect, emulate, and respond to threats against their organization.
To combat this ongoing issue, world-class security teams have learned to unleash the power of automation. Highly skilled security and automation engineers are able to implement solutions that allow their teams to shift their daily focus away from high-volume, low priority tasks to business critical, high-priority initiatives.
Over the span of this course, you will interact with a real-world fictitious organization, GLOBEX, where you'll interact with over 15 lab exercises and a capstone centered on security automation use cases that you can take back and implement within your own organization.
You Will Be Able To
- Translate repeatable activities into automated tasks
- Automate prevention, detection, and response capabilities for specific attack techniques used by real-world adversaries and red teamers
- Improve the effectiveness of your SOC by uncovering opportunities for efficiencies across tier 1 and tier 2 responsibilities
- Learn how to use terraform for advanced capabilities, IaC modules, and setting up dynamic Red Team and Pentest infrastructure
- Set up a Cloud Adversary Emulation capability and leverage cloud native tools to measure detection capabilities and automated response implementation
- Leverage Infrastructure as Code tools to set up automated threat hunting, containment, acquisition, quarantine, and Incident Response workflows.
- Leverage Infrastructure as Code to deploy automated Cyber Range capabilities for on-premise, cloud native, and hybrid, enhancing security programs and their understanding of attack tools and defensive controls
- Deploy and maintain Adversary Emulation as Code and Detection Engineering using CI/CD workflows, helping to advance Red Team Operator and penetration testing capabilities
- Leverage technologies such as Terraform, Ansible, Chef, Puppet, and SOAR tools to automate secure configurations, set a desired-state configuration, deploy infrastructure as code in different environments, and detect and respond to security incidents
- Implement cloud security automation in AWS and Azure
- Create a continuous, automation-enhanced approach to purple teaming
- Understand the security issues that most organizations are facing today.
- Translate security issues into smaller problems, define automated solutions for those specific problems, and then fully chain features that can be used to tackle multiple issues in an automated manner.
- Use tools like Terraform, Ansible, CHEF Puppet, and many more to locally automate secure configurations, set a desired-state configuration, deploy infrastructure as code in different environments, and detect and respond to security incidents in an automated manner.
- Evaluate real-world scenarios within a combination of on-premise and cloud environments using a reference framework that can be immediately used and implemented in your organization.
- Access to the in-class Virtual Training Lab for over 30 in-depth labs.
- A course USB with many tools used for all in-house labs.
- Virtual machine including automation tools example Infrastructure as Code (IaC) templates for automation, and Cyber Range tools
- Virtual machine including fourteen (14) perpetual use labs
- Virtual machines full of penetration testing tools and specimens specially calibrated and tested to work with all our labs and optimized for use in your own penetration tests.
- Access to recorded course audio to help hammer home important network penetration testing lessons.
- Purple Concepts: Bridging The Gap, Poster
Enquire
Start date | Location / delivery | |
---|---|---|
No fixed date | Virtual | Book now |