1 Day
CSIRT / SOC Fundamentals
Learn the fundamentals of establishing a CSIRT, the functions of a CSIRT, and how to operate a CSIRT efficiently.
.jpg)
Company
This is some text inside of a div block.
Category
This is some text inside of a div block.
Date
This is some text inside of a div block.
Website
Visit website
Set your new CSIRT on the path to success.
This course is targeted at security practitioners from ISPs, enterprises, government or academia who are setting up an organisational or national CSIRT or SOC. It covers the fundamentals of establishing a CSIRT, the functions of a CSIRT, and how to operate a CSIRT efficiently. Topics include:
- CSIRT structure / organisation
- CSIRT services
- Threat landscape
- IR procedures
- IR tracking systems
- IR legal issues
- Handling common incidents (phishing, DDoS, malware etc)
- CSIRT staffing
- CSIRT internal infrastructure
- CSIRT communications (email, hotlines, IRC, encryption, formatting, incident reporting)
- Analysis tools (log files, network queries, malware)