O'Reilly logo
live online training icon Live Online training

Cybersecurity Offensive and Defensive Techniques in 3 Hours

Omar Santos

In this course you will learn all about cybersecurity blue and red teams while also building the skills necessary to create your own teams. We will start with exploring the concepts of red, blue and "purple teams" or "purple teaming," which combines the elements of defense and offense within an organization. Next you will find out how to create and manage cybersecurity red, blue and "purple" teams before jumping into best practices for understanding how your teams can effectively collect and analyze data to defend your organization against threat actors. You will also learn different tools that are appropriate for blue and red teams and how to proactively and iteratively "hunt" and isolate advanced threats that evade existing security solutions within your organization. We will then end with a look at threat intelligence and how blue and red teams use it in their engagements.

What you'll learn-and how you can apply it

  • Learn how enterprises create and manage red and blue teams.
  • Best practices of cybersecurity offensive and defensive practices.
  • Learn how to perform threat hunting.
  • Learn about tools used by blue and red teams.
  • Learn best practices on how to use threat intelligence within a blue or a red team.
  • Learn how large enterprises are building ethical hacking and penetration testing capabilities, as well as automating some of the processes to continuously monitor and assess their infrastructure.

This training course is for you because...

  • You have an understanding of cybersecurity fundamentals.
  • You want to learn different methodologies and best practices to identify, track, and contain advanced adversaries and to response and remediate cybersecurity incidents.
  • You want to learn more about cybersecurity red and blue teams and their practices.
  • You want to learn how to perform threat hunting, how to use threat intelligence, and how enterprises are developing enterprise-wide ethical hacking programs.

About your instructor

  • Omar Santos is a Principal Engineer in the Cisco Product Security Incident Response Team (PSIRT) within Cisco's Security Research and Operations. He mentors and leads engineers and incident managers during the investigation and resolution of security vulnerabilities in all Cisco products, including cloud services. Omar has been working with information technology and cyber security since the mid-1990s. Omar has designed, implemented, and supported numerous secure networks for Fortune 100 and 500 companies and the U.S. government. He is an active member of the security community, where he leads several industry-wide initiatives and standard bodies. Omar is often delivering technical presentations at many conferences and he is the author of over 15 books and video courses.

Schedule

The timeframes are only estimates and may vary according to how the class is progressing

Segment 1: Understanding Offensive and Defensive Security Methodologies (25 minutes) In this segment you will learn about modern offensive and defensive cybersecurity strategies and methodologies that today’s enterprises are adopting.

Segment 2: So, You Want to Be a Hacker? (25 minutes) In this segment you will learn about the different cybersecurity skills that are necessary in today’s environment. We will review different cybersecurity certification programs, their blueprints, and requirements and how you can develop your own roadmap to start or enhance your career in cybersecurity.

Break: 10 minutes

Segment 3: How to Build, Manage, and Operate Cybersecurity Teams (25 minutes) Many organizations hire individuals (or external red teams) to perform penetration testing and assess their security posture. Similarly, they also hire security professionals to defend the organization. These defense teams include computer security incident response teams (CSIRT), security operation center (SOC) analysts and investigators, and InfoSec professionals. Many organizations are now trying to combine the elements of defense and offense in their practices. In this segment you will learn how to create and manage cybersecurity offensive and defensive teams. You will learn best practices that will allow you to understand how your teams can effectively collect and analyze data to defend your organization against threat actors. You will also learn different tools that are appropriate for cybersecurity operations.

Segment 4: Introduction to Threat Hunting (25 minutes) In this segment you will learn what is threat hunting. You will learn how proactively and iteratively “hunt” and isolate advanced threats that evade existing security solutions within your organization.

Break: 10 minutes

Segment 5: Effective Threat Intelligence (30 minutes) In this segment you will learn what is threat intelligence and how cybersecurity experts use it in their engagements. You will learn details about open source intelligence (OSINT) and many different tools that will allow you to successfully use it within your organization.

Segment 6: Enterprise-wide Ethical Hacking and Continuous Monitoring (30 minutes) In this segment you will learn how large enterprises are building ethical hacking and penetration testing capabilities, as well as automating some of the processes to continuously monitor and assess their infrastructure.