Blue Team Operations

AdvancedBeginnerIntermediate
Written By Amy Burks

Forge Institute is offering this four-day training course to teach you everything you need to know about what constitutes a cybersecurity event, incident, and attack; leveraging log review, threat hunting, and incident response TTPs. This training aids in the development of advanced blue team operators through the understanding of hardening operating systems, applying network security and intrusion detection tools that protect and defend critical networks. 

Course Summary

As organizations protect and defend their systems, they’re actively developing cybersecurity professionals into advanced blue team operators. This is accomplished through professional development training that piques curiosity and empowers a can-do attitude. Blue team operators are the forward-looking defenders of an organization with a proactive mindset that ensure systems are more resilient and prepared for attacks from adversaries. 

Our Blue Team Ops course goes beyond intrusion detection and prevention- we dive into incident response, chain of custody, root cause analysis, attribution, log review, forensics, malware analysis, and more. Cyber professionals will gain an understanding of system vulnerabilities, current threat intelligence briefings, and best practice TTPs. Through hands-on technical applications, exercises, and scenarios, participants gain real-life experiences and rapidly adapt to defensive measures, while mitigating and defending adversaries through sophisticated computer attack scenarios. 

If you’re ready to strengthen system security by hardening operating systems, implementing security applications and best practices while applying network security & intrusion detection tools, then this Blue Team Ops course is for you! 

Lessons in this course

  • Vulnerability information and threat intelligence (K0040)

  • Intrusion Detection and Prevention (K0046, K0324) 

  • Log aggregation and SIEM platforms (K0142, K0143)

  • Incident response (K0042) 

  • Forensics

Target Audience

SOC Analysts, System Administrators, Network Engineers, Defensive Cyber Operators, Cyber Analysts, Information Technology Professionals, Enterprise Defender Teams, Active Directory, Security Engineers, Cybersecurity Professionals, Incident Response & Digital Forensics Teams, Managed Security Service Providers, and anyone who wants to up-skill their Blue Team Ops capabilities. 

Prerequisites

Some experience with SOC operations preferred. Experience with Incident Response/ Vulnerability Management preferred. Experience with Intrusion Detection and Intrusion Prevention preferred.

Course Length

32 hours of course work, ideally to take place, virtually, over a period of 4 days.

Required Materials

  • Student Internet Access

  • PC/Mac with 8gb RAM minimum

  • Webcam/Microphone

Testing/Certification

Course assessment will be completed through an instructor guided culmination exercise.

Resources/References Supplied

  • Copy of course slides

  • Course manual for material covered

  • Various handouts/resources/templates

Amy Burks
Previous

GRC Analyst

Next

Adversary Tactics: Red Team Operations