Skip to main content

Cyber Threat Detection and Mitigation

Taught by experts in network defense, this course equips you with the skills to build and maintain Intrusion Detection/Prevention Systems (IDS/IPS) and utilize advanced signature-writing techniques to defend large-scale network infrastructures. You will begin with writing basic IDS signatures to identify traffic of interest and advance to creating complex signatures to recognize distributed attacks, multi-stage events, and other more complex threats. The course also teaches you how to apply decoding and other tools to overcome IDS evasion techniques, how to determine gaps in coverage, and how to manage rule sets to maintain system efficiency. Beyond threat detection and mitigation, you will also learn the benefits and limitations of different IDS/IPS system types.

Request Course Details

Attending students will learn

  • „IDS types and features
  • „Sensor placement
  • „Sensor configuration
  • „Signature writing basics
  • „IDS evasion techniques
  • „TCP and UDP conversation reassembly
  • „Signature tuning
  • „Sensor tuning
  • „Event filtering and post detection event analysis
  • „Attacks on IDS sensors and mitigation techniques

Who should attend

  • „Incident responders who need to understand and react to IDS alerts
  • „Network defenders seeking to automate threat detection
  • „Security managers who desire to improve their defensive model
  • „IDS administrators who wish to improve their signature writing skills
  • „Security operations center staff seeking to automate traffic analysis
  • „Penetration testers looking to reduce their network visibility


Request More Info About This Course

contact Focal Point

tweets by @FocalPointDR

Loading Tweets...