This material has been designed to be taught in a classroom environment.
The material is missing some of the contextual concepts and ideas that will be covered in class. Furthermore, we aim to cover bleeding edge open-source developments and emerging tools. Our materials link heavily to official sources and public materials, as those tools are under constant development. Latest information is therefore constantly evolving and duplicating these sources would be redundant.
Each course contains material for any intermediate-level dev-ops who has some experience with other security|monitoring tools and wants to learn IDS, PCAP or event processing technologies. We believe these classes are perfect for anyone who wants a jump start in learning these or who wants a more thorough understanding their internals.
Our goal is to make our students understand fundamental concepts that can be brought home and adjusted for your individual environments, as opposed to providing rigid guidelines that may not be applicable in most real-world scenarios. Details matter when building technical security and we believe the best teacher to be hands-on experience. Thus, our courses are purely practical and creative problem solving is encouraged.
Please visit:
See:
- Suricata - Rule-based Threat Detection :: Not scheduled
- Information
and registration: https://ccdcoe.org/training/cyber-defence-monitoring-course-rule-based-threat-detection/
- Information
- Arkime - Large Scale Packet Capture Analysis :: 3 - 7 June 2024
- Information and registration: https://ccdcoe.org/training/cyber-defence-monitoring-course-large-scale-packet-capture-analysis-june-2024/
- Prior iterations are preserved under respectively numbered annual branches. Please refer to them if you are interested in prior content.