Security Event Triage: Detecting System Anomalies

سرفصل های دوره

In this course on system anomaly detection, you will explore the use of CPU, RAM, GPU, fans, and power resource usage data to reveal various advanced attacker techniques and uncover events associated with hardware supply chain interdiction.

Exercise Files

security-event-triage-detecting-system-anomalies.zip

Module 1 - Course Overview

1. Course Overview

Module 2 - Introduction to System Telemetry Analysis

1. Introducing Telemetry Data

2. Why Are You Doing This

3. What System Data Looks Like

4. Where to Get System Data From

5. What Anomalies Are You Trying to Find

6. Roadmap to System Data Analysis

Module 3 - Analyzing the Computing Basics

1. Introduction to Basic Computer Resource Monitoring

2. Collecting and Normalizing Basic Telemetry Data for Security

3. If I Had the Bots, How Would I Know

4. Detecting Post Exploitation Botnet Activity

5. Advanced Persistent Threats Are Worse Than Bots

6. Listen to My Hard Drive Yourself

7. Detection for Attack Techniques and What Is Next

Module 4 - Leveraging Graphics Processing Indicators

1. Introduction to Crypto Jacking, Mining, and Loot

2. How Crypto Mining Attacks Work and Where to Find Them

3. Detecting Browser Based Cryptojacking and GPU Mining across a Live Environment

4. Describing Behavioral Detection of GPU Abuse

Module 5 - Uncovering Significance of Power and Fans, Lights

1. Introduction to Fan and Power Side Channels

2. How Air Gap Hopping without USB Works

3. Demonstrating Air Gap Hopping with Fan Speeds and How to Catch It

4. How Could You Possibly Find Hardware Supply Chain Interdiction

5. Detecting Anomalous Hardware Configurations through Power Usage Anomalies

6. Implications of Power and Network Correlation Anomalies

Module 6 - Incorporating Telemetry Analysis in Triage Workflow

1. Telemetry Data Is One Piece of the Larger Puzzle

2. Where Telemetry Anomalies Fit in a Chain of Compromise

3. The Place of Telemetry Data in Security Event Triage

139,000 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight