Courses

Cyber Trace Academy > Courses
Our Courses
SIEM Tools

Discover the fundamentals of SIEM with our beginner-friendly course. Explore log management, real-time monitoring, and incident response.

  • Definition and purpose of Security Information and Event Management (SIEM).
  • Architecture of SIEM.
  • Components of SIEM.
  • Functionality of SIEM.
  • Core functionalities of SIEM tools.
  • Advantages and limitations of SIEM.
  • Deployment models of SIEM (On-Prem, Cloud, Hybrid).
  • Use cases of SIEM in SOC operations.
  • Integration of SIEM with SOAR.
  • Differences between traditional and next-generation (cloud-native) SIEMs.
SOC (Security Operations Center)

Dive into the world of Security Operations Centers (SOCs) with our beginner-level course. Explore SOC essentials for cybersecurity defense.

  • Understanding the SOC environment and SOC fundamentals.
  • Analyst roles and responsibilities.
  • Incident response and threat hunting.
  • Tools and technologies used in SOC.
  • Collaboration and reporting.
  • Workflow Models:
  • Monitoring → Detection → Investigation → Response → Recovery.
Incident Response

Join our beginner's course on Incident Response and learn to effectively handle cybersecurity incidents. Master incident identification, analysis, and response.

  • Incident Response (IR) Lifecycle: Preparation, Detection & Analysis, Containment, Eradication, Recovery, and Post-Incident Activities.
  • Build readiness through policies, tools, and trained personnel.
  • Recognize and classify potential security incidents.
  • Assess and categorize incidents based on impact and severity.
  • Restore affected systems and services to normal operations.
  • Document findings, lessons learned, and enhance response strategies.
Malware Analysis

Delve into the world of cybersecurity with our beginner's Malware Analysis course. Learn to dissect and understand malicious software.

  • Malware families and types — understanding how they work.
  • Core malware functionalities and behaviors.
  • Identifying malware severity and potential impact.
  • Performing static analysis.
  • Performing dynamic analysis.
  • Malware memory forensics.
  • Real-time case studies and practical scenarios.
  • Introduction to reverse engineering techniques.
Endpoint Detection and Response (EDR)

Start your journey in cybersecurity with our EDR course for beginners. Master the art of securing endpoints and responding to threats.

  • EDR overview: Purpose and significance in modern endpoint security.
  • Core functionalities: Monitor, detect, and respond to endpoint-level threats in real time.
  • Behavioral analysis, indicators of compromise (IOCs), and telemetry-based detection.
  • Investigating attacks: Process trees, forensic artifacts, and timeline reconstruction.
  • Response actions: Isolate endpoints, terminate malicious processes, and perform remote remediation.
  • Overview of popular EDR tools: CrowdStrike Falcon, SentinelOne, Microsoft Defender, and Cortex XDR.
Vulnerability Management

Embark on your cybersecurity journey with our beginner's course on Vulnerability Management.

  • Importance of proactively identifying and managing vulnerabilities.
  • How scanners detect misconfigurations, missing patches, and security flaws.
  • Vulnerability evaluation based on severity, exploitability, and business impact.
  • Prioritization: Address high-risk vulnerabilities using CVSS scores and threat intelligence.
  • Patch management: Develop, test, deploy, and verify security updates efficiently.
  • Continuous monitoring through regular scans and security audits.
  • Reporting and compliance: Generate detailed reports for audits and governance.
Penetration Testing

Explore the world of cybersecurity through our beginner's Penetration Testing course.

  • Understand legal and ethical boundaries of penetration testing.
  • The penetration testing lifecycle and methodology.
  • Reconnaissance: Collect public information and map target surfaces.
  • Scanning and enumeration: Identify hosts, services, and open ports.
  • Web application security: Explore OWASP Top 10 vulnerabilities (e.g., SQLi, XSS, CSRF).
  • Exploitation: Practice safe and controlled attacks in lab environments.
  • Reporting: Document findings, assign risk ratings, and provide mitigation recommendations.
Digital Forensics

Reconstruct attack chains, preserve evidence, and report like a true forensic investigator.

  • Importance and principles of digital forensics in cybersecurity investigations.
  • Data acquisition and forensic imaging techniques.
  • Proper methods for collecting and preserving digital evidence.
  • Root Cause Analysis (RCA): Identify how, when, and why incidents occur.
  • Reporting: Document findings for legal, technical, and management review.
  • Chain of custody: Maintain evidence integrity through labeling and secure documentation.
SOAR (Security Orchestration, Automation, and Response)

Automate investigations, map attacks to MITRE tactics, and accelerate response with SOAR workflows.

  • Overview of SOAR platforms and their role in automating SOC operations.
  • Comparison with SIEM: Focus on orchestration, automation, and response workflows.
  • Key components: Playbooks, integrations, case management, and workflows.
  • Alert triage: Automate prioritization, enrichment, and analyst assignment.
  • Automated response: Execute predefined actions (e.g., block IPs, isolate endpoints).
  • Evidence handling: Gather, correlate, and document investigation data automatically.
  • Integration: Connect with SIEM, EDR, firewalls, and threat intelligence platforms.
  • Benefits: Improve operational efficiency, reduce analyst fatigue, and standardize response.
MITRE ATT&CK; Framework
  • Introduction to the MITRE ATT&CK framework.
  • Understanding how it categorizes adversary behaviors and attack techniques.
  • Tactics, techniques, and sub-techniques overview.
  • Learn the main adversary goals: Initial Access, Execution, Persistence, Privilege Escalation, and Exfiltration.
  • Understand how attackers achieve each tactic through real-world techniques.
  • Explore detection methods, mitigations, and threat mapping practices.
  • Practical application: Using MITRE ATT&CK for incident correlation and threat hunting.
WhatsApp