I Simulate Therefore I Catch - Enhancing Detection Engineering with Adversary Simulation
via YouTube
Overview
This course focuses on enhancing detection engineering through adversary simulation. The learning outcomes include building the attacker's playground, validating detection resilience, measuring detection maturity, and conducting automated adversary simulation. The course teaches skills such as prevention controls, detection analytics, password spraying, network share, and privilege enumeration. The teaching method involves practical demonstrations and real-world examples. The intended audience for this course is cybersecurity professionals, particularly those involved in blue team operations and threat detection.
Syllabus
Intro
FUN FACT ON PERU
BLUE TEAM IN 2019
BUILDING THE ATTACKER'S PLAYGROUND
DETECTION ENGINEERING
FIRST STEP: PREVENTION CONTROLS
VALIDATE DETECTION RESILIENCE
MEASURE DETECTION MATURITY
AUTOMATED ADVERSARY SIMULATION
PENTEST REPORT 2018
PASSWORD SPRAYING: T1110
NETWORK SPRAY: PICKING HOST TARGETS
DETECTION ANALYTICS
NETWORK SHARE (T1135) & PRIVILEGE ENUMERATION
CLOSINS SURVEY FOR THE BLUE TEAM