Nowadays with the peak of security incidents adversaries detection became crucial challenge for blue teamers. Beside detection of the most popular tactics, techniques and procedures like network discovery and lateral movement, are you ready for incidents where adversaries abuse windows infrastructure to achieve their goals? We will dive into internals of such attacks as kerberoasting and golden tickets to find detection opportunities to detect them before the first ticket was passed.

Network logs are one of the most efficient sources to hunt adversaries, but building good analytics capabilities require a deep understanding of benign activity and attacker behavior. This training focuses on detecting real-case attacks, tools and scenarios by the past year.

The training is highly interactive and retains a good balance between theory and a lot of hands-on exercises for the students to get used to the detection engineering methodology and prepare them to start implementing this at their organizations.