Loading Events

« All Events

Incident Response Diving Into Cyber Defence

Event Navigation

Master the skills to investigate and reveal malicious activity
Dates

  • TBA

Time

9.00am – 5.00pm

Duration

9 Days

Course Overview

Due to a rise in the number of cyber-attacks and as organisations become more dependent on well-functioning network services, there is a growing need for qualified cybersecurity professionals to be able to respond to suspicious incidents in the network, as well as investigate and understand security breaches and attackers’ activities in the network. These skills are crucial assets that organisations need today.

In the last module of the training, participants will continue learning how to conduct full investigations, as well as define sets of rules and alarms to identify potential attacks.

Participants will also learn to apply what they’ve learnt to real-life case studies based on national-level attacks.

Learning Outcomes

With a good comprehension of the SIEM system and IR investigation tools, cybersecurity analysts can then participate in full IR investigations. He/she will know how to perform any part of the technical investigation and how to write a summary report.

This course will teach the learner how to set rules and alerts based on all kinds of artifacts to monitor the organisation’s network and assets, as well as to identify potential cyber-attacks.

The course will teach learners on:

  • Obtaining a good understanding of using SIEM systems
  • Gaining practical experience in IR investigation tools, techniques and reports.
  • Knowing how to define a set of rules and alarms to identify potential attacks

Topics

  • SIEM systems (e.g. Splunk)
  • Powershell IR
  • Eventlog analysis
  • Sysmon
  • Splunk IR
  • IR storytelling
  • MFT analysis
  • Memory forensics
  • Sandboxes
  • Incident response reporting methodology
  • Yara
  • Malware analysis

Who Should Attend

Cyber Security Analyst, SOC/CIRT

Prerequisite

  • Python programming experience
  • Networking experience
  • Operating system experience
  • Network Forensics experience
  • Network PT experience
  • Linux experience

Course Highlight

This course provides significant hands-on experience with real life case studies. Techniques and tools taught are immediately useful in your day-to-day work.

Training Roadmap

Course Fee

Singapore Citizens Singapore PRs Enhanced Training Support for SMEs International Participants
39 years old or younger 40 years old or older
Total Nett Programme Fee Payable, Including GST, after additional funding from the various funding schemes $3,033.45 $1,143.45 $3,033.45 $1,143.45 $10,111.50

To enquire, please email to soc-ace@nus.edu.sg

To register, click Register

Select Short Course / Modular Course -> Apply for Myself -> Browse Academic Modules / Short Courses-> Module/Course Category -> Short Courses -> Browse Courses-> Strategic Tech Mgt Institute (Faculty/Department / Unit)

Please download the user guide for NUS Online Application Portal after you click ‘Apply for Myself’ if you need assistance.

Instructors

(Click their names to view their short biographies)

Mr Dvir CHIKVASHVILI

Mr Gur SHARON

Mr Rony MUNITZ

Mr Ron SUHODREV

Mr Yaniv PINCHAS

Mr ZHUANG Weiliang

Insight from Instructor

“This course provides a comprehensive deep-dive into all aspects of incident response and is quintessential for all cyber practitioners who aspire to be incident responders (IR). Existing IR practitioners should also take this course to be acquainted with the latest best practices and techniques.

The participants will learn and practice setting alerts, monitoring and investigating using Splunk (as an example for SIEM system), get familiar with the different artifacts they will have to look for and analyze as sysmon logs, eventlogs, registry values and prefetch to understand the attackers TTPs and detect malwares, practice memory forensics to dissect suspicions activity. Finally, they will learn the art of IR storytelling (also known as storyboarding) – how to assemble an accurate timeline to a “full picture” of the incident, based on their findings (and also identify the gaps and by that, know what else is missing) and how to summarize the investigation into an IR report.”

Rony Munitz

*Breakdown Course Fee

Singapore Citizens Singapore PRs Enhanced Training Support for SMEs International Participants
39 years old or younger 40 years old or older
Full Programme Fee $9,450.00 $9,450.00 $9,450.00 $9,450.00 $9,450.00
Less: SSG Grant Amount $6,615.00 $6,615.00 $6,615.00 $6,615.00 $0.00
Nett Programme Fee $2,835.00 $2,835.00 $2,835.00 $2,835.00 $9,450.00
7% GST on Nett Programme Fee $198.45 $198.45 $198.45 $198.45 $661.50
Total Nett Programme Fee Payable, Including GST $3,033.45 $3,033.45 $3,033.45 $3,033.45 $10,111.50
Less Additional Funding if Eligible Under Various Schemes $0.00 $1,890.00 $0.00 $1,890.00 $0.00
Total Nett Programme Fee Payable, Including GST, after additional funding from the various funding schemes $3,033.45 $1,143.45 $3,033.45 $1,143.45 $10,111.50