Describe the current enterprise security landscape
Define the Assume Compromise approach
Practice Red team versus Blue team exercises
Develop organizational security preparation, processes, and responses
According to the Wall Street Journal, “All IT Jobs Are Cybersecurity Jobs Now.”
In this course, we examine the concept of Red team – Blue team security professionals. You will practice Red team versus Blue team exercises, where one group of security pros–the red team–attacks some part or parts of a company’s security infrastructure, and an opposing group–the blue team–defends against the attack. Both teams work to strengthen a company’s defenses.
You’ll learn how both the red and blue teams help the business attain a higher level of security, something the securityindustry is now calling the Purple team.
Module 1 Understanding the cybersecurity landscape
The current cybersecurity landscape
The evolution of attacks
Understanding "Assume Compromise"
Examples of compromises
Module 2 Red Team: Penetration, lateral movement, escalation, and exfiltration
Red Team versus Blue Team
Red Team kill chain
Execution of attacker's mission
Module 3 Blue Team: Detection, investigation, response, and mitigation
The Blue Team kill chain
Restricting privilege escalation
On-premises network security
Restrict lateral movement
Developing a strategic roadmap
Microsoft Security Response Center Exploitability Index
A understanding of the current cybersecurity ecosystem.