Threat Detection and Response (TDR) Training in Poznan

This instructor-led, live training in Poznan (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to implement CTEM in their organizations. By the end of this training, participants will be able to:

• Understand the principles and stages of CTEM.
• Identify and prioritize risks using CTEM methodologies.
• Integrate CTEM practices into existing security protocols.
• Utilize tools and technologies for continuous threat management.
• Develop strategies to validate and improve security measures continuously.

This instructor-led, live training in Poznan (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to leverage DeepSeek for advanced threat detection and automation. By the end of this training, participants will be able to:

• Utilize DeepSeek AI for real-time threat detection and analysis.
• Implement AI-driven anomaly detection techniques.
• Automate security monitoring and response using DeepSeek.
• Integrate DeepSeek into existing cybersecurity frameworks.

This instructor-led, live training in Poznan (online or onsite) is aimed at advanced-level cyber security professionals who wish to understand Cyber Threat Intelligence and learn skills to effectively manage and mitigate cyber threats. By the end of this training, participants will be able to:

• Understand the fundamentals of Cyber Threat Intelligence (CTI).
• Analyze the current cyber threat landscape.
• Collect and process intelligence data.
• Perform advanced threat analysis.
• Leverage Threat Intelligence Platforms (TIPs) and automate threat intelligence processes.

This instructor-led, live training in Poznan (online or onsite) is aimed at intermediate-level duty managers and operational leaders who wish to build robust cyber resilience strategies to safeguard their organizations against cyber threats. By the end of this training, participants will be able to:

• Understand cyber resilience fundamentals and their relevance to duty management.
• Develop incident response plans to maintain operational continuity.
• Identify potential cyber threats and vulnerabilities within their environment.
• Implement security protocols to minimize risk exposure.
• Coordinate team response during cyber incidents and recovery processes.

This instructor-led, live training in Poznan (online or onsite) is aimed at intermediate-level IT security professionals who wish to develop skills in security monitoring, analysis, and response. By the end of this training, participants will be able to:

• Understand the role of a Blue Team in cybersecurity operations.
• Use SIEM tools for security monitoring and log analysis.
• Detect, analyze, and respond to security incidents.
• Perform network traffic analysis and threat intelligence gathering.
• Apply best practices in security operations center (SOC) workflows.

This instructor-led, live training in Poznan (online or onsite) is aimed at intermediate-level to advanced-level cybersecurity professionals who wish to elevate their skills in AI-driven threat detection and incident response. By the end of this training, participants will be able to:

• Implement advanced AI algorithms for real-time threat detection.
• Customize AI models for specific cybersecurity challenges.
• Develop automation workflows for threat response.
• Secure AI-driven security tools against adversarial attacks.

This instructor-led, live training in Poznan (online or onsite) is aimed at beginner-level cybersecurity professionals who wish to learn how to leverage AI for improved threat detection and response capabilities. By the end of this training, participants will be able to:

• Understand AI applications in cybersecurity.
• Implement AI algorithms for threat detection.
• Automate incident response with AI tools.
• Integrate AI into existing cybersecurity infrastructure.

Learn how to investigate, respond to, and hunt for threats using Microsoft Azure Sentinel, Azure Defender, and Microsoft 365 Defender. In this course you will learn how to mitigate cyberthreats using these technologies. Specifically, you will configure and use Azure Sentinel as well as utilize Kusto Query Language (KQL) to perform detection, analysis, and reporting. The course was designed for people who work in a Security Operations job role and helps learners prepare for the exam SC-200: Microsoft Security Operations Analyst. Audience Profile The Microsoft Security Operations Analyst collaborates with organizational stakeholders to secure information technology systems for the organization. Their goal is to reduce organizational risk by rapidly remediating active attacks in the environment, advising on improvements to threat protection practices, and referring violations of organizational policies to appropriate stakeholders. Responsibilities include threat management, monitoring, and response by using a variety of security solutions across their environment. The role primarily investigates, responds to, and hunts for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party security products. Since the Security Operations Analyst consumes the operational output of these tools, they are also a critical stakeholder in the configuration and deployment of these technologies. Job role: Security Engineer Preparation for exam: SC-200 Features: none Skills gained

• Explain how Microsoft Defender for Endpoint can remediate risks in your environment
• Create a Microsoft Defender for Endpoint environment
• Configure Attack Surface Reduction rules on Windows 10 devices
• Perform actions on a device using Microsoft Defender for Endpoint
• Investigate domains and IP addresses in Microsoft Defender for Endpoint
• Investigate user accounts in Microsoft Defender for Endpoint
• Configure alert settings in Microsoft Defender for Endpoint
• Explain how the threat landscape is evolving
• Conduct advanced hunting in Microsoft 365 Defender
• Manage incidents in Microsoft 365 Defender
• Explain how Microsoft Defender for Identity can remediate risks in your environment
• Investigate DLP alerts in Microsoft Cloud App Security
• Explain the types of actions you can take on an insider risk management case
• Configure auto-provisioning in Azure Defender
• Remediate alerts in Azure Defender
• Construct KQL statements
• Filter searches based on event time, severity, domain, and other relevant data using KQL
• Extract data from unstructured string fields using KQL
• Manage an Azure Sentinel workspace
• Use KQL to access the watchlist in Azure Sentinel
• Manage threat indicators in Azure Sentinel
• Explain the Common Event Format and Syslog connector differences in Azure Sentinel
• Connect Azure Windows Virtual Machines to Azure Sentinel
• Configure Log Analytics agent to collect Sysmon events
• Create new analytics rules and queries using the analytics rule wizard
• Create a playbook to automate an incident response
• Use queries to hunt for threats
• Observe threats over time with livestream

This instructor-led, live training in Poznan (online or onsite) is aimed at beginner to intermediate-level security analysts and system administrators who wish to establish a foundational understanding of Cyber Defence (SOC) analysis. By the end of this training, participants will be able to:

• Understand the principles of Security Management in a Cyber Defence context.
• Execute effective Incident Response strategies to mitigate security incidents.
• Implement Security Education practices to enhance organizational awareness and preparedness.
• Manage and analyze Security Information for proactive threat identification.
• Utilize Event Management techniques to monitor and respond to security events.
• Implement Vulnerability Management processes to identify and address system vulnerabilities.
• Develop skills in Threat Detection to identify and respond to potential cyber threats.
• Participate in Simulated Attacks to test and improve incident response capabilities.

The Certified Digital Forensics Examiner vendor neutral certification is designed to train Cyber Crime and Fraud Investigators whereby students are taught electronic discovery and advanced investigation techniques. This course is essential to anyone encountering digital evidence while conducting an investigation. The Certified Digital Forensics Examiner training teaches the methodology for conducting a computer forensic examination.  Students will learn to use forensically sound investigative techniques in order to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain chain-of-custody, and write a findings report. The Certified Digital Forensics Examiner course will benefit organizations, individuals, government offices, and law enforcement agencies interested in pursuing litigation, proof of guilt, or corrective action based on digital evidence.

This course discusses how to manage an incident response team. how the first responder act, given the frequency and complexity of today's cyber attacks, incident response is a critical function for organizations. Incident response is the last line of defense, detecting and efficiently responding to incidents requires strong management processes, and managing an incident response team requires special skills and knowledge

This instructor-led, live training in Poznan (online or onsite) covers the different aspects of enterprise security, from AI to database security. It also includes coverage of the latest tools, processes and mindset needed to protect from attacks. 

In this course, you will learn the principles and techniques for digital forensics investigation and the spectrum of available computer forensics tools. You will learn about core forensics procedures to ensure court admissibility of evidence, as well as the legal and ethical implications. You will learn how to perform a forensic investigation on both Unix/Linux and Windows systems with different file systems. with many advanced topics like wireless, network, web, DB and Mobile crimes investigation    
 

This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. The purpose of the Ethical Hacking Training is to:

• Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
• Inform the public that credentialed individuals meet or exceed the minimum standards.
• Reinforce ethical hacking as a unique and self-regulating profession.

Audience: The Course is ideal for those working in positions such as, but not limited to:

• Security Engineers
• Security Consultants
• Security Managers
• IT Director/Managers
• Security Auditors
• IT Systems Administrators
• IT Network Administrators
• Network Architects
• Developers

This instructor-led, live training in Poznan (online or onsite) is aimed at computer users who wish to understand malware and take appropriate measures to minimize its threat. By the end of this training, participants will be able to:

• Understand the concept of malware.
• Identify the different types of malware.
• Take necessary steps to mitigate malware (procedural, technological, awareness, etc).

This instructor-led, live training in Poznan (online or onsite) is aimed at information system analysts who wish to use MITRE ATT&CK to decrease the risk of a security compromise. By the end of this training, participants will be able to:

• Set up the necessary development environment to start implementing MITRE ATT&CK.
• Classify how attackers interact with systems.
• Document adversary behaviors within systems.
• Track attacks, decipher patterns, and rate defense tools already in place.

This instructor-led, live training in Poznan (online or onsite) is aimed at information analysts who wish to learn the techniques and processes behind social engineering so as to protect sensitive company information. By the end of this training, participants will be able to:

• Set up the necessary development environment to start creating custom malware.
• Backdoor legitimate web applications undetected.
• Deliver evil files as normal file types.
• Use social engineering techniques to lead targets into a fake website.