[Update Links] SANS SEC564: Red Team Exercises and Adversary Emulation (VOD+PDF+VM) v2020


SANS SEC564: Red Team Exercises and Adversary Emulation (VOD+PDF+VM) v2020
English | Size: 12.97 GB
Genre: eLearning

SANS SEC564: Red Team Exercises and Adversary Emulation VOD+PDF+VM v2020

SEC564 will provide students with the skills to plan and manage Red Team Exercises. Students will understand the tactics, techniques, and procedures (TTPs) used by the adversary to create an adversary emulation plan leveraging MITRE ATT&CK (Adversary Tactics, Techniques, and Common Knowledge). Students will emulate an adversary.

What You Will Learn

In SEC564, you will learn how to plan and execute an end-to-end adversary emulation, including how to plan and build a red team program, leverage threat intelligence to map against adversary tactic, techniques, and procedures (TTPs), emulate those TTPs, report and analyze the results of red team exercises, and ultimately improve the overall security posture of the organization.

You will do all of this in a course-long exercise, in which we perform an adversary emulation against a target organization modeled on an enterprise environment. This environment includes Active Directory, email, web, and file servers, as well as endpoints running the latest operating systems. We will start by consuming cyber threat intelligence to identify and document an adversary that has the intent, opportunity, and capability to attack the target organization. You will discover the TTPs used by the adversary while creating an adversary emulation plan leveraging MITRE ATT&CK (Adversary Tactics, Techniques, and Common Knowledge).

We’ll cover the planning phase of these exercises, showcasing various industry frameworks and methodologies for red teaming and adversary emulation. These frameworks are industry standards used by various regulatory bodies to ensure consistent and repeatable red team exercises.
Using strong planning and threat intelligence, students will follow the same unified kill chain as the adversaries to reach the same objective, from setting up attack infrastructure with command and control to emulating multiple TTPs mapped to MITRE ATT&CK.

The course concludes with exercise closure activities such as analyzing the response of the blue team (people and process), reporting, and remediation planning and retesting. Finally, you will learn how to show the value that red team exercises and adversary emulations bring to an organization. The main job of a red team is to make a blue team better. Offense informs defense and defense informs offense.

tut4sec.com/forum/topic/sans-sec564-red-team-exercises-and-adversary-emulation-vodpdfvm-v2020

If any links die or problem unrar, send request to
forms.gle/e557HbjJ5vatekDV9

SAS-SEC564-Red-Team-Exercises-and-Adversary-Emulation-VOD-PDF-VM-v2020

Leave a Comment