This session builds a solid foundation in security operations and defensive analysis, teaching you to detect, analyze, and respond to cyber threats.

Session contains:
- Attacker Methodology: Lockheed-Martin Cyber Kill-Chain and MITRE ATT&CK Framework.
- SIEM and ELK Stack: Sentinel and ELK Stack concepts.
- Windows Endpoint Security: Collect Windows processes, services, registry and PowerShell.
- Linux Endpoint Security: Linux daemons, Syslog Framework, and web logging
- IDPS: Integrate IDPS with Microsoft Sentinel.
- Active Directory Security: detecting Active Directory enumeration.