Automated Network Defense
Learn how to defend large-scale network infrastructures by building and maintaining IDS/IPS and mastering advanced signature-writing techniques. Cyber threats are increasing at an alarming rate every year and the ability for organizations to defend against full-scale, distributed attacks quickly and effectively has become much more difficult. An Intrusion Detection/Prevention System (IDS/IPS) affords security administrators the ability to automate the process of identifying attacks among the thousands of connections on their network, provided the system is properly configured and the signatures are well written.
Training at a glance
Level
Advanced
Duration
5 Days
Experience
5 years: Defensive Cyber
Average Salary
$143,788
Labs
Yes
Level
Advanced
Duration
5 Days
Experience
5 years: Defensive Cyber
Average Salary
$143,788
Labs
Yes
Training Details
This course teaches how to defend enterprise infrastructure at scale using a combination of tools and platforms such as IDS/IPS, firewalls, and SIEMs. Configuring and tuning these systems properly maximizes their effectiveness at catching and stopping threats while reducing alert fatigue for analysts and responders. Students learn to identify gaps in coverage, write basic and complex signatures, manage rule sets for optimization, use chain rules to detect multistage events, and implement decoding and fingerprinting capabilities to overcome evasion techniques.
- Explain the benefits and limitations of different security technologies (IDS/IPS, firewalls, VPNs, web proxies, etc.)
- Identify optimal platform deployment and gaps in coverage
- Write basic and complex IDS signatures to identify malicious traffic flows, and tune them to reduce false positives
- Use reassembly and pre-processing engines to automatically reconstruct streams of network data prior to analysis
- Apply decoding and other tools to overcome attacker evasion techniques
- Implement automated fingerprinting of encrypted traffic flows to detect anomalous or malicious flows
- Incident Responders who need to understand and react to IDS alerts
- Network Defenders seeking to automate threat detection
- IDS administrators who wish to improve their signature writing skills
- Security Operations Center Staff seeking to automate traffic analysis
- Penetration Testers looking to reduce their network visibility
- A strong understanding of
- TCP/IP networking
- Network Forensics
- Investigation I and II
Upcoming Classes
We offer more than just Automated Network Defense Training
Our successful training results keep our corporate and military clients returning. That’s because we provide everything you need to succeed. This is true for all of our courses.
Strategic Planning & Project Management
From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.
IT & Cybersecurity
ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.
Leadership & Management
Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.