SecOps on GDC for Tier 3 Analysts

Overview

Dive into advanced SecOps workflows for Tier 3 analysts, covering incident response, vulnerability management, threat modeling, security engineering, and Splunk management on Google Cloud.

Syllabus

- Course Overview -- Course 3 Overview - Advanced Incident Response -- Module overview -- Advanced incident response for Tier 3 analysts -- Ad hoc incident response -- Using an incident management plan for ad hoc incident response -- Tools for advanced incident response -- Endpoint Detection and Response (EDR) tools -- Security Information and Event Management (SIEM) tools -- Vulnerability scanners -- Threat intelligence tools -- Intrusion Detection and Prevention Systems (IDPS) tools -- Digital forensic tools -- Advanced incident response tools at Cymbal Federal -- Metrics for evaluating incident response - Vulnerability management for Tier 3 analysts -- Module overview -- Introduction to vulnerability management -- Vulnerability management systems (VMS) -- The vulnerability management lifecycle -- Vulnerability management on GDC -- Techniques for vulnerability management -- Vulnerability assessment -- Vulnerability scanning -- Penetration testing -- Tools for penetration testing -- Best practices for a vulnerability management program -- Vulnerability management reports -- Module summary -- Knowledge check - Threat Modeling -- Module overview -- The modern threat landscape -- Introduction to threat modeling -- The threat modeling process -- Threat modeling frameworks -- Threat modeling frameworks at Cymbal Federal -- Threat intelligence feeds -- Introduction to modeling techniques -- Title needs to be changed later -- STRIDE at Cymbal Federal.mp4 -- Process for Attack Simulation and Threat Analysis (PASTA) -- PASTA at Cymbal Federal -- Common Vulnerability Scoring System (CVSS) -- CVSS at Cymbal Federal -- Selecting a threat modeling technique -- SecOps-specific tools for threat modeling -- SecOps-specific tools at Cymbal Federal -- Threat mapping -- Best practices for effective threat -- Module summary -- Knowledge check - Security Engineering -- Module overview.mp4 -- Introduction to security engineering -- The Secure by Design approach -- Secure by Design and SecOps -- Security engineers in the SOC -- The security engineering workflow -- Introduction to security controls -- Technical security controls -- Administrative security controls -- Tools for security engineers -- Security engineering best practices -- Module review -- Knowledge check - Splunk advanced: Lite management -- Module overview -- Introduction to Splunk management -- Who is responsible for managing Splunk? -- Configuration files in Splunk -- Administering Splunk with Splunk Web and btool -- Best practices and advanced troubleshooting in Splunk -- Splunk management at Cymbal Federal -- Module review -- Knowledge check - Resources -- Course slides -- Additional resources - Your Next Steps -- Course Badge

Taught by

Tags