The Intrusion Operations class provides students a unique opportunity to learn and implement real-world techniques used by advanced adversaries. An attacker can easily break into an organization by abusing misconfigurations, but the inverse also applies - defenders can easily detect red teams and malicious actors using commodity malware, default indicators, and more. You will learn how to overcome enterprise defenses and hardened infrastructure. You will leverage custom tooling and advanced configurations to break into a simulated corporate network and develop targeted malware profiles to remain undetected. You will leave this class with the skills and tools to develop custom tradecraft for long term persistence.
Olaf Hartong , FalconForce
Vast experience in digital security, specialized in security operations, detection engineering and threat hunting. Olaf has extensive knowledge of different monitoring platforms, in particular the Microsoft Defender XDR and Sentinel stack. He presents on well-known security conferences, such as BlackHat, Defcon, WWHF, BRUcon, SOcon, NorthSec, Insomni'hack and MITRE ATT&CKcon. Olaf is the author of ThreatHunting for Splunk, ATTACKdatamap, FalconHound, and Sysmon-modular tools.