Cyber Defence-program |
Using indicators to enhance defense capabilities
|
Belgrade - Serbia
Date:
Fees - 400 Eur / per participant
Date:
Fees - 400 Eur / per participant
Using indicators to enhance defense capabilities
This exercise is developed as training for Incident Response Team members and other IT security professionals that are responsible for creating and acting on the indicators derived from malicious campaigns and incidents. It should also provide useful information for any network administrator responsible for network security.
The goal of this exercise is to learn how to create indicators and log their usage in the “Collaborative Research into Threats” (CRITs) system, focusing on how to use CRITs to select indicators. While CRITs can help the readers organize their work, including logging of actions and handling objects, ultimately the reader has full responsibility on planning and choosing what the indicators will be. This training is meant to teach how to use CRITs for everyday tasks and provide a foundation for developing more advanced indicator management skills.
Exercises:
Task 0: Setup and requirements
Task 1: Create the CRITs analyst account
Task 1: Upload all the information
Task 2: Use CRITs services to extract even more information
Task 4: Visualize relationships
Task 5: Create indicators
Task 6: Apply indicators and log their status
Target Audience:
CERT staff involved in the process of incident handling, especially those responsible for detection of new threats related directly to the CERT customers.
This exercise is developed as training for Incident Response Team members and other IT security professionals that are responsible for creating and acting on the indicators derived from malicious campaigns and incidents. It should also provide useful information for any network administrator responsible for network security.
The goal of this exercise is to learn how to create indicators and log their usage in the “Collaborative Research into Threats” (CRITs) system, focusing on how to use CRITs to select indicators. While CRITs can help the readers organize their work, including logging of actions and handling objects, ultimately the reader has full responsibility on planning and choosing what the indicators will be. This training is meant to teach how to use CRITs for everyday tasks and provide a foundation for developing more advanced indicator management skills.
Exercises:
Task 0: Setup and requirements
Task 1: Create the CRITs analyst account
Task 1: Upload all the information
Task 2: Use CRITs services to extract even more information
Task 4: Visualize relationships
Task 5: Create indicators
Task 6: Apply indicators and log their status
Target Audience:
CERT staff involved in the process of incident handling, especially those responsible for detection of new threats related directly to the CERT customers.