System Forensics and Incident Handling

This is a deep dive seminar on security operations: vulnerability management, anomalies detection, discovery of industry attacks and threats, understanding how compromised system or solution looks like, defining the indicators of the attack, incident handling also daily servicing on SIEM platform. We will also walk through the advanced access rights, password mechanisms, windows internals, PowerShell usage for security purposes, gaining unauthorized access, advanced DNS configuration and common configuration mistakes, forensics techniques, Active Directory security, IIS Security, debugging, advanced monitoring and troubleshooting and much more! Topics covered during this training will help you to walk in hacker's shoes and evaluate your infrastructure from their point of view. The training focuses on detecting, responding, and resolving computer security incidents and covers the following security techniques:

• The steps of the incident handling process
• Detecting malicious applications and network activity
• Common attack techniques that compromise hosts
• Detecting and analyzing system and network vulnerabilities
• Continuous process improvement by discovering the root causes of incidents