Compare courses
Register
Georgia Tech Professional Education

Enterprise Security Operations for Effective Cyber Defense

This course has no confirmed dates in the future. Check out relevant courses from other schools.

Relevant courses

Course format
Starting after
Ending before

Description

This course will give students a baseline knowledge of enterprise security operations. Content will explore models and architectures of Security Operation Centers (SOCs), including implementation of both preventative and detective technologies. Students will gain skills in vulnerability management by learning how to leverage kill chains, characterize threat actors, perform vulnerability scanning, and explore adversarial tactics/techniques/procedures (TTPs). In-depth understanding of SOC operations will be attained by understanding security operation roles along with challenges related to building, operating, and maintaining SOCs. Best practices will be promoted such as the use of open source tools, risk scoring, threat hunting, use cases, incident response plans, and defense-focused architectures. The course will be taught using a combination of lectures, interactive workshops, and hands-on labs.

What You Will Learn

  • Cyber threats
  • Vulnerability assessment and penetration testing
  • Cyber threat detection and prevention
  • Security Information and Event Management (SIEM)
  • SOCs

How You Will Benefit

  • Explore current cyber threats.
  • Perform vulnerability scans and penetration tests.
  • Identify issues and gaps with currently available security technologies and emulate attacks to test effectiveness.
  • Explore SIEM technologies and capabilities.
  • Explore SOC implementations, operations, and tools.

Content

INTRODUCTION TO SECURITY OPERATIONS AND CYBER THREATS

  • SOC introduction
  • Current state of cyber threats
  • Cyber threat actors
  • Vulnerability landscape
  • Vulnerability assessments
  • Penetration testing

ENTERPRISE SECURITY OPERATION ARCHITECTURES

  • Perimeter protection
  • Intrusion detection/prevention
  • Advanced malware detection/prevention
  • Endpoint protection
  • Secure network architectures
  • Internal network visibility
  • SIEM systems

ENTERPRISE SECURITY OPERATIONS

  • SOCs
  • Building a SOC
  • SOC tools and techniques
  • SOC dashboards, metrics, and performance
  • Incident response, handling and management
  • Threat hunting

Who should attend

This course is designed for information security professionals and managers who are responsible for detecting, preventing, or responding to cyberattacks.

Experts

Matt Guinn is a Senior Research Scientist and Lead for Penetration Testing for the Georgia Tech Research Institute. He has provided over a decade's worth of Information Security and Assurance expertise to GTRI, the Department of Defense, and Industry Partners. His team specializes in penetration ...
Trevor Lewis is a Research Scientist, Professional Education instructor, and Penetration Tester for the Georgia Tech Research Institute. Trevor has nearly a decade of experience in information security including architecting security operations, computer network defense, penetration testing, and ...
Show more