Cyber Incident Detection and Threat Hunting

About This Course

As cyber attacks become increasingly sophisticated each day, it is critical for organizations’ security teams to detect attacks at an early stage and manage logs effectively.

In this training, participants will learn how to analyze Windows, Linux, and network logs, enrich log data using Sysmon, conduct threat hunting on the Elastic Stack (ELK), and detect Red Team attack techniques such as ransomware, brute force, and web exploitation.

Who Should Attend?

Information Security Experts
System and Network Experts
Digital Forensics Experts
Cyber Incident Response Specialists

Participant Gains

Gaining log analysis and forensics skills
Log enrichment and visualization using Sysmon and Elastic Stack
Detecting Red Team activities and ransomware attacks
Developing threat hunting scenarios for SOC operations
Hands-on practice with real attack simulations

Topics

Day 1 – Log Forensics and Fundamentals

Windows Event Log Analysis
PowerShell Log Analysis
IIS, DHCP, FTP Logs
Syslog and Network Logs

Day 2 – Log Enrichment and SOC Tools

Sysmon Installation and Usage
Elastic Stack (ELK) Fundamentals
ELK Setup and Log Integration
Log Correlation and Dashboards

Day 3 – Threat Hunting & Red Team Attack Detection

Detecting Ransomware Behavior
Brute Force & Persistence Attack Analysis
Web Exploitation & Command Execution Detection
Threat Hunting Scenarios using ELK
Practical Exercises and Participant Activities

Duration / Fee

Total Duration

18 Saat

(6 Days x 3 Hours)

Training Hours

18:00-21:00

Fee

Detaylı bilgi için arayınız.

Preliminary Information Form