SEC450 Blue Team Fundamentals Security Operations and Analysis
Focused View
21:00:35
151 View
- 1 - Welcome to Blue Team
- 02.mp403:15
- 03.mp400:01
- 04.mp402:27
- 05.mp400:01
- 06.mp401:03
- 07.mp401:05
- 08.mp401:43
- 09.mp400:42
- 10.mp402:14
- 11.mp405:03
- 12.mp400:41
- 13.mp400:50
- 14.mp401:30
- 15.mp402:11
- 16.mp400:46
- 17.mp401:52
- 18.mp403:03
- 19.mp400:25
- 20.mp400:27
- 21.mp400:01
- 22.mp401:21
- 23.mp400:01
- 2 - SOC overview
- 02.mp400:43
- 03.mp401:38
- 04.mp400:43
- 05.mp402:26
- 06.mp400:45
- 07.mp403:14
- 08.mp400:08
- 09.mp400:33
- 10.mp402:54
- 11.mp401:01
- 12.mp401:13
- 13.mp400:28
- 14.mp402:00
- 15.mp400:32
- 16.mp400:41
- 17.mp402:11
- 18.mp400:53
- 19.mp401:34
- 20.mp402:01
- 21.mp404:20
- 22.mp400:44
- 24.mp400:01
- 3 - Defensible network concepts
- 01.mp400:01
- 02.mp400:40
- 03.mp401:48
- 04.mp402:10
- 05.mp402:17
- 06.mp401:38
- 07.mp401:34
- 08.mp401:09
- 09.mp401:30
- 10.mp401:50
- 11.mp401:00
- 12.mp400:42
- 13.mp402:28
- 14.mp400:50
- 15.mp400:11
- 16.mp400:46
- 17.mp402:01
- 18.mp400:32
- 19.mp400:31
- 4 - Events, alerts, anomalies and incidents
- 02.mp400:43
- 03.mp400:51
- 04.mp401:18
- 05.mp401:18
- 06.mp403:14
- 07.mp401:03
- 08.mp400:36
- 09.mp401:15
- 10.mp401:33
- 11.mp402:22
- 12.mp401:29
- 13.mp401:21
- 14.mp401:12
- 15.mp405:49
- 16.mp401:52
- 17.mp400:38
- 18.mp401:10
- 19.mp400:39
- 20.mp400:36
- 5 - Incident management system
- 01.mp401:01
- 02.mp400:46
- 03.mp400:43
- 04.mp402:46
- 05.mp401:46
- 06.mp403:29
- 07.mp402:12
- 08.mp400:26
- 09.mp400:36
- 10.mp401:28
- 11.mp401:16
- 12.mp401:21
- 13.mp400:24
- 14.mp401:22
- 15.mp401:45
- 16.mp401:13
- 17.mp401:14
- 18.mp403:39
- 19.mp400:39
- 20.mp403:05
- 21.mp400:01
- 22.mp413:22
- 23.mp402:11
- 6 - Threat intelligence platform
- 01.mp400:59
- 02.mp401:29
- 03.mp401:18
- 04.mp400:49
- 05.mp401:24
- 06.mp400:47
- 07.mp401:31
- 08.mp401:26
- 09.mp400:54
- 10.mp401:27
- 11.mp401:16
- 12.mp400:53
- 13.mp400:32
- 14.mp401:14
- 15.mp400:44
- 16.mp400:40
- 17.mp400:48
- 18.mp401:22
- 19.mp400:37
- 20.mp400:01
- 21.mp410:11
- 22.mp402:04
- 23.mp401:01
- 24.mp400:18
- 7 - SIEM and automation
- 01.mp400:11
- 02.mp400:54
- 03.mp403:12
- 04.mp403:18
- 05.mp401:59
- 06.mp402:23
- 07.mp400:48
- 08.mp400:28
- 09.mp400:57
- 10.mp401:06
- 11.mp400:24
- 12.mp401:19
- 13.mp401:08
- 14.mp401:55
- 15.mp401:49
- 16.mp400:30
- 17.mp400:55
- 18.mp401:19
- 19.mp401:23
- 20.mp401:30
- 8 - Know your enemy
- 01.mp400:01
- 02.mp400:40
- 03.mp401:15
- 04.mp400:38
- 05.mp401:49
- 06.mp401:34
- 07.mp400:25
- 08.mp401:50
- 09.mp401:27
- 10.mp401:13
- 11.mp402:22
- 12.mp402:38
- 13.mp402:35
- 14.mp400:56
- 15.mp401:44
- 9 - Summary
- 01.mp400:01
- 02.mp401:29
- 03.mp400:01
- 04.mp400:01
- 05.mp405:56
- 1 - Network architecture
- 01.mp400:21
- 02.mp404:24
- 03.mp400:01
- 04.mp400:09
- 05.mp400:01
- 06.mp400:17
- 06 2.mp400:44
- 07.mp401:02
- 08.mp401:49
- 10.mp401:58
- 11.mp401:37
- 12.mp402:18
- 13.mp401:24
- 14.mp401:54
- 15.mp403:06
- 16.mp401:38
- 17.mp401:42
- 18.mp401:42
- 19.mp400:40
- 20.mp401:59
- 21.mp402:37
- 2 - Traffic capture and analysis
- 01.mp400:01
- 02.mp403:38
- 03.mp400:46
- 04.mp400:39
- 05.mp403:57
- 06.mp401:29
- 07.mp400:55
- 08.mp401:11
- 09.mp401:29
- 10.mp401:00
- 11.mp401:51
- 12.mp401:38
- 13.mp400:52
- 3 - Understanding DNS
- 01.mp402:03
- 02.mp400:56
- 03.mp401:28
- 04.mp401:11
- 05.mp400:32
- 06.mp402:28
- 07.mp400:32
- 08.mp401:20
- 09.mp402:47
- 10.mp401:11
- 11.mp402:23
- 12.mp400:52
- 13.mp401:09
- 14.mp400:01
- 15.mp400:47
- 16.mp401:46
- 17.mp401:23
- 18.mp400:01
- 19.mp401:25
- 4 - DNS analysis and attacks
- 01.mp400:01
- 02.mp400:23
- 03.mp400:24
- 04.mp402:53
- 05.mp402:37
- 06.mp401:43
- 07.mp403:17
- 08.mp404:21
- 09.mp401:27
- 10.mp401:56
- 11.mp403:23
- 12.mp400:47
- 13.mp401:37
- 14.mp401:33
- 15.mp400:48
- 16.mp404:01
- 17.mp401:29
- 18.mp401:38
- 19.mp403:29
- 20.mp405:00
- 21.mp401:58
- 22.mp402:17
- 23.mp400:54
- 24.mp402:18
- 25.mp402:32
- 26.mp402:13
- 27.mp401:17
- 28.mp402:34
- 29.mp401:17
- 30.mp400:01
- 31.mp410:43
- 5 - Understanding HTTP(S)
- 01.mp400:15
- 02.mp401:01
- 03.mp400:45
- 04.mp400:35
- 05.mp400:42
- 06.mp401:30
- 07.mp401:07
- 08.mp401:11
- 09.mp400:29
- 09 (1).mp400:29
- 10.mp401:37
- 11.mp401:36
- 12.mp403:00
- 13.mp401:25
- 14.mp401:18
- 15.mp402:14
- 16.mp401:14
- 17.mp400:46
- 18.mp402:19
- 19.mp401:01
- 20.mp402:48
- 21.mp401:32
- 22.mp402:31
- 23.mp400:52
- 24.mp401:22
- 25.mp400:39
- 6 - HTTP analysis and attacks
- 01.mp400:49
- 02.mp401:10
- 03.mp401:11
- 04.mp400:57
- 05.mp400:36
- 06.mp401:28
- 07.mp400:56
- 08.mp403:11
- 09.mp401:01
- 10.mp403:24
- 11.mp401:48
- 12.mp401:44
- 13.mp402:12
- 14.mp401:12
- 15.mp400:28
- 16.mp400:45
- 17.mp401:20
- 18.mp400:01
- 19.mp402:11
- 20.mp402:22
- 21.mp403:38
- 22.mp400:48
- 23.mp401:46
- 24.mp401:06
- 25.mp402:32
- 26.mp401:00
- 27.mp400:01
- 28.mp403:50
- 29.mp400:05
- 7 - Understanding SMTP and email
- 01.mp400:38
- 02.mp400:51
- 03.mp401:39
- 04.mp401:53
- 05.mp400:42
- 06.mp400:36
- 07.mp401:46
- 08.mp400:24
- 09.mp402:27
- 10.mp401:06
- 11.mp400:55
- 12.mp400:35
- 13.mp402:23
- 14.mp400:20
- 15.mp401:11
- 16.mp401:34
- 17.mp401:24
- 18.mp400:45
- 19.mp401:27
- 8 - Additional network protocols
- 01.mp400:01
- 02.mp400:58
- 03.mp402:43
- 04.mp401:12
- 05.mp402:32
- 06.mp400:33
- 07.mp402:54
- 08.mp400:59
- 09.mp402:06
- 10.mp402:12
- 11.mp401:02
- 12.mp401:07
- 9 - Summary
- 01.mp400:01
- 02.mp400:29
- 03.mp400:01
- 04.mp405:22
- 1 - Endpoint attack tactics
- 01.mp400:25
- 02.mp403:52
- 03.mp400:31
- 04.mp400:01
- 05.mp400:01
- 06.mp400:58
- 07.mp401:09
- 08.mp402:10
- 09.mp401:34
- 10.mp402:13
- 11.mp401:23
- 12.mp400:50
- 13.mp403:17
- 14.mp401:19
- 15.mp401:52
- 16.mp401:52
- 17.mp402:08
- 18.mp401:56
- 19.mp401:35
- 20.mp405:17
- 21.mp400:09
- 22.mp402:33
- 23.mp401:24
- 24.mp400:54
- 25.mp402:01
- 26.mp400:55
- 27.mp400:38
- 28.mp400:57
- 2 - Endpoint Defense in Depth
- 01.mp400:11
- 02.mp401:15
- 03.mp401:32
- 04.mp401:44
- 05.mp404:05
- 06.mp401:36
- 07.mp401:29
- 08.mp400:54
- 09.mp402:51
- 10.mp400:41
- 11.mp403:16
- 12.mp402:52
- 13.mp402:53
- 14.mp401:20
- 15.mp401:26
- 16.mp404:44
- 17.mp402:37
- 18.mp401:18
- 19.mp402:38
- 20.mp401:47
- 21.mp400:50
- 22.mp400:50
- 3 - How windows logging works
- 01.mp400:30
- 02.mp401:37
- 03.mp400:54
- 04.mp401:14
- 05.mp400:46
- 06.mp401:48
- 07.mp400:38
- 08.mp400:09
- 09.mp403:43
- 10.mp400:11
- 11.mp400:13
- 12.mp402:03
- 13.mp401:07
- 14.mp400:30
- 4 - How linux logging works
- 01.mp401:22
- 02.mp401:09
- 03.mp400:57
- 04.mp401:17
- 05.mp401:24
- 06.mp400:55
- 07.mp401:40
- 08.mp401:55
- 09.mp401:00
- 10.mp400:47
- 11.mp400:43
- 12.mp400:39
- 13.mp400:01
- 14.mp400:56
- 5 - Interpreting important events
- 01.mp400:09
- 02.mp404:08
- 03.mp401:13
- 04.mp400:53
- 05.mp400:41
- 06.mp402:42
- 07.mp402:12
- 08.mp400:34
- 09.mp401:01
- 10.mp400:42
- 11.mp400:59
- 12.mp401:57
- 13.mp400:31
- 14.mp402:20
- 15.mp401:19
- 16.mp401:17
- 17.mp401:28
- 18.mp401:57
- 19.mp401:07
- 20.mp402:54
- 21.mp401:06
- 22.mp401:29
- 23.mp401:06
- 24.mp401:17
- 25.mp400:06
- 26.mp402:16
- 27.mp400:50
- 28.mp400:01
- 29.mp410:44
- 6 - Log collection, parsing and normalization
- 01.mp400:54
- 02.mp400:40
- 03.mp400:54
- 04.mp401:23
- 05.mp402:49
- 06.mp401:40
- 07.mp400:34
- 08.mp403:24
- 09.mp401:13
- 10.mp402:08
- 11.mp402:26
- 12.mp401:25
- 13.mp401:19
- 14.mp402:24
- 15.mp402:08
- 16.mp401:26
- 17.mp401:04
- 18.mp402:44
- 19.mp401:01
- 20.mp400:01
- 21.mp408:37
- 7 - File contents and identification
- 01.mp401:21
- 02.mp401:58
- 03.mp401:18
- 04.mp402:43
- 05.mp401:19
- 06.mp401:17
- 07.mp401:29
- 08.mp401:53
- 09.mp402:16
- 10.mp401:47
- 11.mp401:44
- 12.mp400:53
- 13.mp400:27
- 8 - Identifying and handling suspicious files
- 02.mp400:43
- 03.mp401:36
- 04.mp402:23
- 05.mp401:03
- 06.mp401:39
- 07.mp401:34
- 08.mp402:18
- 09.mp401:16
- 10.mp401:29
- 11.mp400:56
- 12.mp401:14
- 013.mp402:24
- 13.mp400:01
- 14.mp401:46
- 15.mp401:59
- 16.mp401:23
- 17.mp400:58
- 18.mp401:18
- 19.mp401:13
- 20.mp401:11
- 21.mp401:54
- 22.mp401:03
- 23.mp401:52
- 9 - Summary
- 01.mp400:01
- 02.mp401:01
- 03.mp402:44
- 1 - Alert triage and prioritization
- 01.mp400:59
- 02.mp402:12
- 03.mp400:01
- 04.mp400:41
- 04 2.mp400:47
- 05.mp400:01
- 06.mp401:02
- 07.mp401:44
- 08.mp400:54
- 10.mp401:38
- 11.mp405:29
- 12.mp401:51
- 13.mp401:28
- 14.mp401:31
- 15.mp406:14
- 16.mp400:29
- 17.mp406:09
- 18.mp401:11
- 19.mp401:52
- 20.mp402:56
- 21.mp400:35
- 2 - Perception memory and investigation
- 01.mp400:14
- 02.mp401:10
- 03.mp400:14
- 04.mp400:51
- 05.mp401:25
- 06.mp400:56
- 07.mp403:12
- 08.mp400:46
- 09.mp400:25
- 10.mp400:33
- 11.mp401:01
- 12.mp400:55
- 13.mp400:34
- 14.mp400:26
- 15.mp401:32
- 16.mp401:01
- 17.mp400:24
- 18.mp401:45
- 19.mp400:39
- 20.mp401:18
- 21.mp400:56
- 3 - Modules and concepts for infosec
- 01.mp400:48
- 02.mp400:54
- 03.mp401:11
- 04.mp400:07
- 04 2.mp401:04
- 05.mp400:55
- 06.mp401:06
- 07.mp400:23
- 08.mp401:49
- 10.mp402:15
- 11.mp401:23
- 12.mp402:07
- 13.mp401:34
- 14.mp402:00
- 15.mp400:50
- 16.mp401:29
- 17.mp403:50
- 18.mp401:52
- 19.mp403:41
- 20.mp403:32
- 21.mp402:10
- 22.mp401:11
- 23.mp400:34
- 24.mp400:33
- 25.mp400:01
- 26.mp407:31
- 4 - Structured analyticsal techniques
- 01.mp400:08
- 02.mp400:38
- 03.mp401:25
- 04.mp401:10
- 05.mp401:14
- 06.mp400:52
- 07.mp400:48
- 08.mp402:13
- 09.mp401:08
- 10.mp401:06
- 11.mp402:33
- 12.mp403:36
- 13.mp401:05
- 14.mp400:51
- 15.mp402:45
- 16.mp401:44
- 17.mp401:45
- 18.mp401:28
- 19.mp400:21
- 20.mp401:15
- 21.mp401:17
- 22.mp400:52
- 5 - Analysis questions and tactics
- 01.mp401:25
- 02.mp401:32
- 03.mp401:26
- 04.mp400:01
- 04 2.mp402:04
- 05.mp403:07
- 06.mp401:12
- 07.mp400:27
- 08.mp401:43
- 10.mp400:41
- 11.mp402:00
- 12.mp401:18
- 13.mp403:27
- 14.mp401:08
- 15.mp401:12
- 16.mp401:05
- 17.mp401:30
- 18.mp402:53
- 19.mp401:04
- 20.mp401:43
- 21.mp403:11
- 22.mp401:37
- 23.mp405:06
- 24.mp403:06
- 25.mp400:56
- 26.mp401:12
- 27.mp400:50
- 28.mp401:29
- 29.mp401:32
- 30.mp400:57
- 31.mp402:46
- 32.mp400:34
- 6 - Analysis opsec
- 01.mp400:05
- 02.mp400:48
- 03.mp400:33
- 04.mp401:32
- 05.mp400:56
- 06.mp400:59
- 07.mp401:41
- 08.mp402:15
- 09.mp401:04
- 10.mp400:35
- 11.mp401:01
- 12.mp401:34
- 13.mp403:16
- 14.mp401:38
- 15.mp400:49
- 16.mp400:01
- 17.mp404:31
- 7 - Intrusion discovery
- 01.mp401:29
- 02.mp400:59
- 03.mp402:03
- 04.mp400:15
- 04 2.mp401:06
- 05.mp400:52
- 06.mp401:36
- 07.mp401:51
- 08.mp400:44
- 10.mp401:48
- 11.mp400:47
- 12.mp400:49
- 13.mp400:45
- 14.mp401:43
- 15.mp401:23
- 16.mp400:40
- 17.mp400:44
- 1 - Improving life in the SOC
- 01.mp400:01
- 02.mp400:01
- 03.mp401:18
- 04.mp400:01
- 05.mp400:34
- 06.mp400:42
- 07.mp400:34
- 08.mp400:57
- 09.mp401:01
- 10.mp401:10
- 11.mp400:51
- 12.mp401:17
- 13.mp403:54
- 14.mp401:50
- 15.mp401:08
- 16.mp400:16
- 17.mp401:32
- 18.mp401:49
- 19.mp400:41
- 20.mp401:05
- 21.mp402:23
- 22.mp403:34
- 23.mp401:36
- 24.mp402:29
- 25.mp400:08
- 2 - Analytic features and enrichment
- 01.mp400:01
- 02.mp401:29
- 03.mp400:55
- 04.mp400:57
- 05.mp400:48
- 06.mp400:21
- 07.mp401:37
- 08.mp402:31
- 09.mp400:22
- 10.mp400:53
- 11.mp403:09
- 12.mp401:15
- 13.mp401:39
- 14.mp401:52
- 15.mp403:12
- 16.mp402:27
- 17.mp401:25
- 18.mp401:38
- 19.mp400:45
- 20.mp401:04
- 3 - New analytic design, testing and sharing
- 01.mp400:01
- 02.mp400:58
- 03.mp401:09
- 04.mp401:28
- 05.mp401:08
- 06.mp402:16
- 07.mp400:48
- 08.mp401:38
- 09.mp400:31
- 10.mp402:42
- 11.mp402:14
- 12.mp402:20
- 13.mp401:08
- 14.mp404:12
- 15.mp401:52
- 16.mp401:11
- 17.mp402:24
- 18.mp400:53
- 19.mp403:13
- 20.mp403:24
- 21.mp401:09
- 22.mp400:56
- 23.mp401:20
- 24.mp401:28
- 25.mp400:53
- 26.mp400:47
- 27.mp402:21
- 28.mp401:33
- 29.mp400:46
- 30.mp400:56
- 31.mp402:00
- 32.mp401:15
- 4 - Tuning and false positive reduction
- 01.mp400:31
- 02.mp400:38
- 03.mp401:32
- 04.mp401:47
- 05.mp401:16
- 06.mp400:33
- 07.mp400:56
- 08.mp401:16
- 09.mp401:53
- 10.mp400:40
- 11.mp400:51
- 12.mp402:25
- 13.mp400:55
- 14.mp401:57
- 15.mp401:29
- 16.mp401:06
- 17.mp400:36
- 18.mp401:18
- 19.mp400:53
- 20.mp400:49
- 21.mp401:11
- 22.mp400:47
- 23.mp400:20
- 24.mp400:36
- 25.mp401:07
- 26.mp400:01
- 27.mp400:32
- 28.mp401:14
- 29.mp400:48
- 30.mp400:01
- 31.mp406:21
- 5 - Automation and orchestration
- 01.mp400:18
- 02.mp400:25
- 03.mp400:37
- 04.mp403:28
- 05.mp401:09
- 06.mp402:20
- 07.mp400:27
- 08.mp401:03
- 09.mp402:13
- 10.mp401:52
- 11.mp401:51
- 12.mp400:58
- 13.mp401:36
- 14.mp401:15
- 15.mp400:58
- 16.mp400:09
- 6 - Improving operational efficiency and workflow
- 01.mp400:09
- 02.mp400:54
- 03.mp400:42
- 04.mp400:52
- 05.mp401:10
- 06.mp400:42
- 07.mp402:10
- 08.mp400:28
- 09.mp401:04
- 10.mp400:58
- 11.mp401:36
- 12.mp401:05
- 13.mp400:28
- 14.mp400:01
- 15.mp409:33
- 7 - Containing identified instrusions
- 01.mp400:31
- 02.mp400:46
- 03.mp400:47
- 04.mp401:59
- 05.mp400:33
- 06.mp401:15
- 07.mp401:23
- 08.mp403:14
- 09.mp400:42
- 10.mp401:30
- 11.mp401:07
- 12.mp401:33
- 13.mp400:12
- 14.mp400:55
- 15.mp400:34
- 16.mp400:53
- 17.mp400:34
- 18.mp401:01
- 19.mp402:38
- 20.mp400:49
- 21.mp401:28
- 22.mp400:56
- 23.mp402:16
- 24.mp402:10
- 25.mp400:59
- 26.mp400:39
- 27.mp400:01
- 28.mp400:38
- 8 - Skill and career development
- 01.mp400:26
- 02.mp400:51
- 03.mp403:23
- 04.mp401:48
- 05.mp401:37
- 06.mp402:45
- 07.mp401:20
- 08.mp400:45
- 09.mp400:39
- 10.mp401:31
- 11.mp400:33
- 12.mp400:52
- 13.mp401:34
- 14.mp402:26
- 15.mp401:31
- 16.mp400:48
More details
User Reviews
Rating
average 0
Focused display
Sans
View courses SansThe SANS Institute is a private U.S. for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. Topics available for training include cyber and network defenses, penetration testing, incident response, digital forensics, and auditing.
- language english
- Training sessions 849
- duration 21:00:35
- Release Date 2023/07/05
