Cosive knows security operations and threat intelligence inside and out. We've developed a range of training courses that will help you tap into our expertise and get you up to speed, fast.
Introduction to STIX, TAXII and CybOX
STIX, TAXII and CybOX are community-championed specifications for threat data sharing, promising to make sharing within and between organisations much easier. Chances are that if you aren’t receiving threat intel via STIX today, you will be in the near future.
Introduction to STIX, TAXII and CybOX course will introduce you to the basics of how to share and consume threat data and threat intel using these standards. During this single day course, you will learn what STIX, TAXII and CybOX are, why they were developed, why there is such a buzz about them, and how to use them within your organisation.
The course will give you hands-on experience working with STIX , TAXII and CybOX, providing you with the fundamental knowledge required to use STIX, TAXII and CybOX in their threat intelligence programmes.
CSIRT / SOC fundamentals
This course is targeted at security practitioners from ISPs, enterprises, government or academia who are setting up an organisational or national CSIRT or SOC. It covers the fundamentals of establishing a CSIRT, the functions of a CSIRT, and how to operate a CSIRT efficiently. Topics include:
CSIRT structure / organisation
IR tracking systems
IR legal issues
Handling common incidents (phishing, DDoS, malware etc)
CSIRT internal infrastructure
CSIRT communications (email, hotlines, IRC, encryption, formatting, incident reporting)
Analysis tools (log files, network queries, malware)