Antisyphon Advanced Endpoint Investigations Videos

Antisyphon Advanced Endpoint Investigations Videos
English | Tutorial | Size: 5.9 GB

For most security teams, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility, most critical incidents will require the acquisition and analysis of additional endpoint data.

This course focuses on four core investigative competencies: endpoint data collection, investigative triage, incident response pivots, and root cause analysis.

fter learning about key endpoint artifact and memory analysis techniques for Windows and Linux, attendees will work through real-world scenarios in hands-on labs. We’ll pivot from initial detection into host triage analysis to discern attackers’ discovery, defense evasion and lateral movement techniques. Attendees will learn to identify key indicators for the generation of high-fidelity detections.

Key Takeaways
Learning Objectives:

Gain fundamental knowledge of modern Windows and Linux host artifacts.
Explain logical investigative workflows for host pivoting, data collection, and analysis.
Develop an understanding of use cases for incident response host pivots and root cause analysis.
Performance Objectives:

Develop host triage collection and analysis skills for effective investigations of Windows and Linux systems.
Properly identify file system, OS, and memory artifacts to support timeline creation and attack path reconstruction.
Build deductive reasoning and investigative prowess through hands-on exercises built around real-world scenarios.

Who Should Take This Course
Security Operations/Incident Response Analysts
Threat Hunters
Tactical Threat Intel Analysts
Digital Forensics Investigators
Red teamers who want to perfect their operational discipline
Audience Skill Level
Basic understanding of Windows and/or Linux OS fundamentals
Familiarity with attack path models, threat actor frameworks, and hunt methodologies

STUDENT REQUIREMENTS
1-2 years of experience in security operations, incident response, or threat hunting.

System Requirements
Stable Internet access
x86 architecture CPU clocked at 2 GHz or higher that is capable of nested virtualization
(Apple Silicon is currently not supported)
A computer with at least 8 GB of RAM. 16 GB is recommended
VMWare Workstation or VMWare Fusion
(VirtualBox and other VM software is not supported)
Windows 10/11, MacOSX+, or a currently supported Linux Distribution
Full Administrator/root access to your computer or laptop
System must also have at least 80GB of available disk space, 2 vCPUs, and be able to connect to a wireless network for Internet access.

NITROFLARE
nitroflare.com/view/159C9AB7E81B53F/Advanced_Endpoint_Investigation_Videos.part01.rar
nitroflare.com/view/DF6D85DFBF555D4/Advanced_Endpoint_Investigation_Videos.part02.rar
nitroflare.com/view/85D3A085465564F/Advanced_Endpoint_Investigation_Videos.part03.rar
nitroflare.com/view/F30EEA67C062C64/Advanced_Endpoint_Investigation_Videos.part04.rar
nitroflare.com/view/207EB6F3988998F/Advanced_Endpoint_Investigation_Videos.part05.rar
nitroflare.com/view/83B467C3045CC4D/Advanced_Endpoint_Investigation_Videos.part06.rar
nitroflare.com/view/0E49A7C723FB6D9/Advanced_Endpoint_Investigation_Videos.part07.rar
nitroflare.com/view/172B4A650EF078D/Advanced_Endpoint_Investigation_Videos.part08.rar
nitroflare.com/view/2CEDFF2E923740D/Advanced_Endpoint_Investigation_Videos.part09.rar