This course is intended to help participants understand defensive security. It is built on the concept of “The best defence is a good offense”. Network security professionals need to look beyond the configuration of the hardware and software alone but start looking and the traffic flow within the network. The knowledge of what traffic flow to where in the network will help define defensive security.

In course is built around four security areas:

• Network device security
• Endpoint security
• Application security
• Parameter less security

In this course the participant will learn the following:

• Computer Network and Defense Fundamentals.
• The Biggest Misconception in Cyber defense
• Starting network defence through vulnerability testing, Pentesting and audit.
• How to use threat hunting & OSINT activities to understand the threats faced by the organization.
• Learn how to use the MITRE ATT&CK framework to learn about network threats and the various technical and tactics used by threat actors.
• Identify detection capabilities, or lack thereof.
• Learn to track defensive security controls,
• Traditional v. Modern Cyber Defense methods
• Network Security Threats, Vulnerabilities, and Attacks.
• The Role of ethical hacking in network defence
• Wireless Network Defence.
• Network Monitoring and Analysis.
• Network Security Controls, Protocols, and Devices
• How to Improve Cyber Defense for your Network
• Building a defensible network architecture
• Designing a security Choke Points and Network Inspection
• Endpoint defence
• Network Security Monitoring
• Network Security Controls, Protocols, and Devices.
• Systems Hardening and Security Baselining
• Learn about available open-source projects, like Red Canarys Atomic Red Team, to help test security controls that align with specific ATT&CK techniques.
• The security Operating Center (SOC)
• Elements of Security Operating Center (SOC)
• Understand security orchestration, automation, and response (SOAR) solutions to automate the testing of your security controls and get a clear view of what you can detect versus what you cannot.
• Learn how SOAR can help organizations automate the testing of security controls.

The is designed with a strong focus on the practical implementation of the lessons. So, there is lots of focus on defensive tooling. Each module is accompanied by practical security lab.