Course OutlineModule 1: The Professional Blue Teamer
We begin the course by explaining how many Security Operations Centers (SOC) are structured and what would be expected of you if you joined one as a security analyst or blue teamer.
By the end of this module, you will know exactly what your mandate is and what it takes to become a respected blue teamer capable of protecting computer networks, responding to security intrusions, analyzing malware and producing high-value threat intelligence.
Module 2: Cyber Defence
In this module, we impart the top security mitigations that you may be one day require to advise on or deploy:
Module 3: Digital Forensics
Patching applications and operating system
Hardening user applications and operating system
Automated analysis and content filtering
Restrict administrative privileges
Intrusion detection and response
Backup and recovery
Investigating security intrusions require deep knowledge of OS internals and a structured methodology. In this section of the class, we teach both. Some of the topics covered:
Module 4: Threat Hunting
- Log sources
- Indicators of compromise
- Timeline analysis
- Impact assessment
- Containment and recovery
- Writing detection rules
Threat Hunting is a structured approach to identifying “unknown unknowns” that have avoided or evaded security controls. Its goal is to build the strongest case for an organisation’s security plan and investments by manually searching for indicators of compromise on the network (and hopefully not finding them).
In this module, we impart how to perform structured threat hunting in large scale networks. This module is supplemented with practical exercises online where you’ll be required to identify threat actors in networks.
Module 5: Malware Analysis
Reverse engineering malware is often considered an advance skill that few Blue Teamers have honed and are taking advantage of. In this module, we teach you a structured approach to reverse engineering that beginners can employ for great results:
- Successful reverse engineering mindsets and approaches
- Rapidly identifying malware
- Documentation procedure
- Extracting indicators of compromise
This module is then augmented with practical exercises online.
Module 6: Threat Intelligence
We conclude the technical subjects in this class by imparting how to create threat intelligence in large-scale enterprise networks to help decision makers make investments and divestments.
In this module, we do not teach how to use or build security feeds. Instead, we teach how to build internal threat intelligence capabilities that augment and extend the capabilities of the SOC.
Module 7: Interviewing for Blue Team Roles
Finally, we end the course by sharing advice on how to apply and get hired as a Blue Teamer:
How to select an organization in line with your values and where you want your career to grow
How to apply for a junior Blue Teamer role in a way that they’ll be more likely to say “yes”
What you should include in your CV and application letter
The right attitude to have during the interview
Questions that you should ask them to confirm that the Company culture is right for you
We will also impart some guidance on how to work effectively with recruiters to maximize your chances of landing a job with the right organisation for you.