Course
CSA1
Cyber Security Analyst & Investigator – Hands-On/AI («CSA1»)
Course facts
- Understanding the fundamentals of SOC, CSIRT, and incident management
- Being familiar with proven analysis tools and frameworks, including support from artificial intelligence
- Testing IT systems, networks, and web applications for vulnerabilities
- Analyzing targeted attacks on employees, IT systems, networks, and web applications in the hacking lab
- Analyzing targeted attacks on employees, IT systems, networks, and web applications in the hacking lab
- Understanding current AI-based cyber attacks
- Using indicators of compromise (IoC) and indicators of attack (IoA) in threat hunting
- Recommending measures for targeted mitigation
Expert cyber security analysts use conventional methods and AI-based approaches to detect cyber attacks early on, investigate them and quickly take countermeasures. These investigative skills are also highly valued in IT and cyber security incident response teams (CSIRT). In addition, offensive hacking skills and knowledge of current attack scenarios are essential for detecting targeted attack patterns. Together, we develop the necessary fundamentals and put them into practice in the hacking lab. It is well known that the best learning outcomes are achieved when attack scenarios are experienced first-hand.
- Introduction to SOC topics (incident response, IoC and IoA, TTPs, playbooks, XDR, SIEM/SOAR, threat intelligence, APT, etc.)
- Basics of analysing and assigning tactics, techniques and procedures (TTPs) using MITRE ATT&CK®
- Significance of YARA, Sigma and Snort for targeted threat hunting
- Analysis of various working methods, techniques and tools in the hacking lab
- Analysing the exposure of IT systems and individuals (OSINT)
- Performing and analysing vulnerability scanning (CVE/CVSS/exploits)
- Recognising basic social engineering attacks
- Recognising basic AI-supported cyber attacks
- Recognising basic cyber attacks on IT systems using malware and exploits
- Recognise basic cyber attacks in networks
- Recognise basic cyber attacks on web applications (OWASP)
- Understand basic cyber attacks using living-off-the-land techniques
- Recognise hardware hacking tools (keyloggers, bad USB sticks, bad USB cables, etc.)
- Propose targeted mitigation of the scenarios shown in the hacking lab
* MITRE ATT&CK® is a registered trademark of The MITRE Corporation.
Component of the following courses
In addition to KALI LINUXTM, the course covers various extensions, online tools, and AI models. A corresponding lab environment is available to all participants.
Various hands-on exercises will introduce you to the topic of cyber security analysis and familiarize you with various hacking tools. With the knowledge you gain, you will then be able to uncover vulnerabilities in your own IT environments, identify specific attack patterns, and perform both conventional and AI-supported analyses.
All participants expressly agree not to misuse the knowledge they have learned. A corresponding written agreement must therefore be signed before the start of the course.
* KALI LINUXTM is a trademark of Offensive Security.
This course is aimed at cybersecurity and IT professionals, as well as IT managers and IT project managers who are looking for a sound and practical introduction to the analysis of cyber threats using offensive attack techniques and artificial intelligence. It is also aimed at individuals who want to gain a basic technical overview.
Experience in the daily use of information technologies and basic network knowledge are required. Experience with Linux shells is an advantage, but not a requirement. Basic knowledge of information security terminology equivalent to the following course is an advantage, but also not a requirement: