All classes run for five consecutive days, beginning at 8:30am CDT. Network Forensics and Investigation II, Automated Network Defense, and Threat Hunting with Python require successful screening exercise completion prior to enrolling.
Interested in Enrolling?
If you would like to register or enroll a team, please email firstname.lastname@example.org or contact your Focal Point account representative. Instructions for enrolling in Focal Point Academy’s Learning Management System (LMS) will be provided prior to course start date.
Open Enrollment Course Details
Behavioral Malware Analysis | 5-day course
Behavioral Malware Analysis teaches you all the fundamental skills necessary to analyze malicious software from a behavioral perspective. Using system monitoring tools and analytic software, this course teaches how to observe malware in a controlled environment to quickly analyze its effects to the system. From simple key loggers to massive botnets this class covers a wide variety of current threats from today’s Internet with actual samples being analyzed in the training environment.
Network Forensics and Investigation I | 5-day course
Network Forensics and Investigation I will teach students to differentiate between normal and abnormal network traffic, understand how packets flow through a network, and enable them to attribute conversations and actions taken over a network segment to specific hosts or users. This course focuses on research, filtering, and comparative analysis to identify and attribute the different types of activity on a network. Students will learn how to follow conversations across a wide range of protocols and through redirection, as well as how to develop custom filters for non-dissected protocols.
Network Forensics and Investigation II | 5-day course
Formerly Malicious Network Traffic Analysis
Network Forensics and Investigation II builds on students’ existing skills and will give them the ability to identify and investigate multiple types of network intrusions. They will gain the skills to accurately correlate different stages of malicious activity in order to build a complete picture of the scope and impact of a complex network intrusion, and to detect tunneling, command-and-control, or other illicit communications inside a network. They will develop the skills needed to identify potential indicators of compromise in network traffic using common analytic tools and techniques. Students will become competent in skills such as employing regular expressions to create custom filters, analyzing statistical network traffic patterns and distinguishing normal traffic from anomalous traffic.
Automated Network Defense | 5-day course
Formerly Cyber Threats Detection & Mitigation
Automated Network Defense teaches students how to automate proactive responses to network threats. They will develop complex signatures employing rule chaining, event filtering and post-detection analysis to identify distributed attacks, multi-stage events, and other more complex threats. They will gain the skills to use regular expressions to effectively detect variable or morphing attacks and to extrapolate succinct rule criteria from malicious traffic. They will learn to design, configure and deploy intrusion detection/prevention systems, manage their rule sets to increase efficiency and reduce redundancy, and identify optimal sensor placement to ensure there are no gaps in coverage.
Hacker Methodologies for Security Professionals | 5-day course
Hacker Methodologies for Security Professionals teaches the processes threat actors use to break into organizations’ networks and steal their most sensitive data. Utilizing the latest penetration testing tools and techniques, students will learn to identify, scan, and enumerate target systems, correlate services to vulnerabilities and exploits, employ exploits to gain access to the target systems, elevate privileges, propagate through the network, and cover their tracks within a target network.
Threat Hunting with Python | 5-day course
Formerly Python for Network Defenders
This intermediate-level course teaches students how to take threat hunting hypotheses generated from contextual data or threat intelligence feeds, and then write Python scripts that interact with various data sources and perform data analytics to determine the validity of those hypotheses. Techniques include the use of advanced data structures, active data gathering using Scapy and other tools, scripting database or SIEM queries, and more. Successful students will gain the ability to script or automate a variety of custom threat hunting tasks and speed up their threat hunting processes.