Security Operations
Explore the practical use of Fortinet security operations solutions to detect, investigate, and respond to Advanced Persistent Threats (APTs).
About The Course
Comprised of theory lessons and hands-on labs, this course will guide you to understand how to execute advanced threats, how threat actors behave, and how security operations handle such threats. You will leverage widely adopted industry frameworks and models to comprehend advanced complex attacks (APTs) and adversary behavior.
Then, you will use these foundations to build detection capabilities and emulate adversary activity. Finally, you will go through industry guidelines for incident handling and practical utilization of Fortinet solutions to detect, analyze, and respond to the previously emulated incident.
Course Objectives
After completing this course, you should be able to:
- Understand the basic concepts of security operations and Fortinet SOC Automation Framework
- Understand frameworks commonly used to describe, organize, and catalog observed threats and actor behavior (threat intelligence)
- Understand how to use a framework for proper incident handling
- Use MITRE ATT&CK® to map adversary behavior based on a mock threat report
- Use MITRE ATT&CK® to elect potential data sources for building detection capabilities
- Build FortiSIEM rules to detect specific adversary behavior
- Emulate adversary behavior
- Handle an incident throughout the main stages of the incident handling life cycle (detection, analysis, containment, eradication, and recovery) based on the NIST 800-61—Computer Security Incident Handling Guide.
Pre-Requisites
Basic knowledge of security operations
NSE 4 FortiGate Security
NSE 5 FortiSIEM
NSE 7 FortiSOAR Design and Development
What's included
- 16 Hours Training Course
- Certificate
- 6 Modules
- 24/7 Support
