Studies
Admissions
The Institute
Resources
Log inApply Now

Modes of Study

Bachelors Masters Single Courses Foundation FP Grado Superior 1 on 1 Classes

List of Courses

Barcelona Courses Bangkok Courses
Studies
Admissions
The Institute
Resources
Log inApply Now

Modes of Study

Bachelors Masters Single Courses Foundation FP Grado Superior 1 on 1 Classes

List of Courses

Barcelona Courses Bangkok Courses
Studies
Admissions
The Institute
Resources
Log inApply Now

Modes of Study

Bachelors Masters Single Courses Foundation FP Grado Superior 1 on 1 Classes

List of Courses

Barcelona Courses Bangkok Courses

CSEC414

Security Operations Center and Cyber Threat Hunting

Barcelona Campus
Aug 01, 2022 - Aug 19, 2022
This course teaches students to get acquainted with modern cyber attack tactics, techniques and procedures and how they can be addressed by cyber security operations staff.
Barcelona Campus
Aug 01, 2022 - Aug 19, 2022

Faculty Profiles

Teymur Kheirkhabarov

Teymur Kheirkhabarov

Head of Cyber Defense Center at BI.ZONE

Vadim Khrykov

Vadim Khrykov

Head of Threat Detection & Incident Response at BI.ZONE

Course length

3 weeks

Duration

3 hours
per day

Total hours

45 hours

Credits

6 ECTS

Language

English

Course type

Offline

Fee for single course

€1500

Fee for degree students

€750

Skills you’ll learn

Threat IntelligenceThreat HuntingDetection EngineeringSecurity OperationsWindows & Linux SecurityIncident Response & Investigation
OverviewCourse outlineCourse materialsPrerequisitesMethod & grading

Overview

Information security is a complex of processes, people and technologies, and their mutual effectiveness defines efficiency of the overall Infosecurity program in the enterprise. Security operations is the crucial glue between these three components and Security operations center is its implementation in practice. During the module classes students get acquainted with modern attack tactics, techniques and procedures and how they can be addressed by security operations staff. In lab classes students will get practical skills in modern cyber threats detection, incident response and investigation.

Learning highlights

  • Plan and organize security monitoring in the enterprise
  • Use different threat intelligence sources to detect modern cyber threats
  • Detect and investigate malicious activity in windows and linux infrastructures based on attacker’s tactics, techniques and procedures
  • Build cyber threat hunting infrastructure based on open source solutions
  • Development of threat detection logic and rules
  • Basic incident response & investigation

Course outline

15 classes

Dive into the details of the course and get a sense of what each class will cover.
Monday
Tuesday
Wednesday
Thursday
Friday
Monday
1

Session 1

Current state of cyber threats

Tuesday
2

Session 2

Security operations center mission & goals, architecture, processes and tools

Wednesday
3

Session 3

Cyber Threat Intelligence

Thursday
4

Session 4

Build your own monitoring and hunting infrastructure (based on Elastic stack)

Friday
5

Session 5

Threat Detection Engineering Methodology

Monday
6

Session 6

Endpoint Security Monitoring

Tuesday
7

Session 7

Windows Architecture and Security

Wednesday
8

Session 8

Windows Audit and Monitoring Capabilities

Thursday
9

Session 9

Windows Endpoint Attack Techniques and Detection

Friday
10

Session 10

Active Directory Attacks and Detection

Monday
11

Session 11

Linux Audit and Monitoring Capabilities

Tuesday
12

Session 12

Linux Endpoint Attack Techniques and Detection

Wednesday
13

Session 13

Network Security Monitoring

Thursday
14

Session 14

Incident Response & Investigation

Friday
15

Session 15

Cyber Threat Hunting

Course materials

Books

Windows Internals, Part 1: System architecture, processes, threads, memory management, and more (Developer Reference)

Pavel Yosifovich, Alex Ionescu, Mark E. Russinovich, David A. Solomon

Windows Security Monitoring: Scenarios and Patterns, 1st Edition

Andrei Miroshnikov

The Practice of Network Security Monitoring: Understanding Incident Detection and Response

Richard Bejtlich

Intelligence-Driven Incident Response: Outwitting the Adversary

Rebekah Brown and Scott J Roberts

Blue Team Handbook: SOC, SIEM, and Threat Hunting (V1.02): A Condensed Guide for the Security Operations Team and Threat Hunter

Don Murdoch

Applied Incident Response

Steve Anson

Crafting the InfoSec Playbook: Security Monitoring and Incident Response Master Plan, 1st Edition

Jeff Bollinge, Brandon Enright, Matthew Valites

MITRE, Ten Strategies of a World-Class Cybersecurity Operations Center

Carson Zimmerman

Threat Hunting with Elastic Stack: Solve complex security challenges with integrated prevention, detection, and response

Andrew Pease

Prerequisites

A baseline understanding of cyber security topics

General Windows and Linux operating system fundamentals

Being accustomed to the Linux command-line

Basic understanding of TCP/IP and networking concepts

Methodology

Lectures

Practical demonstrations

Hands-on exercises

Weekly tests

Grading

The final grade will be composed of the following criteria:
15% - Classwork
35% - Weekly tests
50% - Homework
Teymur Kheirkhabarov

Faculty

Teymur Kheirkhabarov

Head of Cyber Defense Center at BI.ZONE

Teymur is engaged in theoretical and practical aspects of information security research for more than six years. Currently, senior SOC analyst at Kaspersky responsible for advanced threat research. Formerly, the head of the Information security department at Krasnoyarsk Hydropower Plant.

Received specialist's and master's degrees in Siberian State Aerospace University named after academician M. F. Reshetnev where later he gave lectures on Information security.

See full profile
Vadim Khrykov

Faculty

Vadim Khrykov

Head of Threat Detection & Incident Response at BI.ZONE

Vadim has started his career as developer and applications security professional with more than 11 years of experience is this field. Since 2019 he joined the BI.ZONE Cybersecurity team to build world-class managed security products and services. He is currently a head of thread detection and incident response division where he drives threat hunting, threat research and incident response capabilities.

See full profile

Apply for this course

Snap up your chance to enroll before all spaces fill up.

Security Operations Center and Cyber Threat Hunting

by Teymur Kheirkhabarov, Vadim Khrykov

Total hours

45 Hours

Dates

Aug 01 - Aug 19, 2022

Fee for single course

€1500

Fee for degree students

€750

How to secure your spot

Complete the form below to kickstart your application

Schedule your Harbour.Space interview

If successful, get ready to join us on campus

FAQ

Will I receive a certificate after completion?

Yes. Upon completion of the course, you will receive a certificate signed by the director of the program your course belonged to.

Do I need a visa?

This depends on your case. Please check with the Spanish or Thai consulate in your country of residence about visa requirements. We will do our part to provide you with the necessary documents, such as the Certificate of Enrollment.

Can I get a discount?

Yes. The easiest way to enroll in a course at a discounted price is to register for multiple courses. Registering for multiple courses will reduce the cost per individual course. Please ask the Admissions Office for more information about the other kinds of discounts we offer and what you can do to receive one.