Georgia Tech Professional Education

Enterprise Security Operations for Effective Cyber Defense

Available dates

Mar 10—12, 2020
3 days
Atlanta, Georgia, United States
USD 1895
USD 631 per day


Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with Georgia Tech Professional Education.

Full disclaimer.

About the course

This course will give students a baseline knowledge of enterprise security operations. Content will explore models and architectures of Security Operation Centers (SOCs), including implementation of both preventative and detective technologies. Students will gain skills in vulnerability management by learning how to leverage kill chains, characterize threat actors, perform vulnerability scanning, and explore adversarial tactics/techniques/procedures (TTPs). In-depth understanding of SOC operations will be attained by understanding security operation roles along with challenges related to building, operating, and maintaining SOCs. Best practices will be promoted such as the use of open source tools, risk scoring, threat hunting, use cases, incident response plans, and defense-focused architectures. The course will be taught using a combination of lectures, interactive workshops, and hands-on labs.

What You Will Learn

  • Cyber threats
  • Vulnerability assessment and penetration testing
  • Cyber threat detection and prevention
  • Security Information and Event Management (SIEM)
  • SOCs

How You Will Benefit

  • Explore current cyber threats.
  • Perform vulnerability scans and penetration tests.
  • Identify issues and gaps with currently available security technologies and emulate attacks to test effectiveness.
  • Explore SIEM technologies and capabilities.
  • Explore SOC implementations, operations, and tools.



  • SOC introduction
  • Current state of cyber threats
  • Cyber threat actors
  • Vulnerability landscape
  • Vulnerability assessments
  • Penetration testing


  • Perimeter protection
  • Intrusion detection/prevention
  • Advanced malware detection/prevention
  • Endpoint protection
  • Secure network architectures
  • Internal network visibility
  • SIEM systems


  • SOCs
  • Building a SOC
  • SOC tools and techniques
  • SOC dashboards, metrics, and performance
  • Incident response, handling and management
  • Threat hunting

Who should attend

This course is designed for information security professionals and managers who are responsible for detecting, preventing, or responding to cyberattacks.

Trust the experts

Trevor Lewis

Trevor Lewis is a Research Scientist, Professional Education instructor, and Penetration Tester for the Georgia Tech Research Institute. Trevor has nearly a decade of experience in information security including architecting security operations, computer network defense, penetration testing, and ...


Benjamin Medlin

Currently leads Cyber Situational Awareness branch, which includes GTRI’s penetration testing team, vulnerability assessments, security operations center (SOC), industry consulting, and software development support in the areas of UI/UX, QA/QC, and PM. Responsible for successful initiation, plan...


Course reviews