RSA SOC Simulation Challenge ("SOCSim")

Document created by Craig Hansen Employee on Feb 8, 2016Last modified by Elizabeth Maloney on May 1, 2017
Version 7Show Document
  • View in full screen mode

ScheduleandRegisterButton

ScheduleOnlyButton

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

 

 

Summary

Experience the challenge of competition while responding to questions based on a real-world breach scenario.

 

Overview

RSA SOCSim, a forensic analysis experience, exposes participants to network and forensic analysis within a real-world breach scenario using simulated SOC dynamics. Participants are presented with a use case that requires them to analyze data flowing over the network. They are guided through the analysis by challenge questions using a “Jeopardy!” style interface based on the Cyber Kill Chain methodology. Answers are derived through data exploration and investigation of sophisticated "puzzles within puzzles" such as protocol and application analysis, steganography, reverse engineering, encryption/decryption, open source intelligence and much more...

 

Industry tools used in this course include:

  • RSA NetWitness Logs and Packets
  • Other open source tools

 

At the end of the challenge, the RSA facilitator will provide an overview of the breach scenario, including key analytical discoveries for each phase of the Cyber Kill Chain and respond to outstanding questions that participants may have.

 

Audience

Security analysts, computer forensic investigators, incident responders who have had exposure to network, log and host forensic analysis, and want to challenge themselves with simulated breach scenarios.

 

Delivery Type

Classroom

 

Duration

6 hours

 

Prerequisite Knowledge/Skills

Exposure to network, log and host forensic analysis is beneficial. Some security operations experience would be helpful. Working knowledge of RSA NetWitness Logs and Packets is required.

 

Learning Objectives

At the end of the challenge, participants will walk away with hands on experience and exposure to:

  • Network forensics through network protocol and application analysis
  • Malware forensics through static and dynamic analysis
  • Use of open source threat intelligence
  • Common breach scenarios/tactics
  • Cyber Kill Chain methodology
  • Common tools used by network analysts/incident handlers

 

Experience of RSA's Experts

RSA and EMC have a 30-year legacy of working with clients worldwide to deliver security solutions. RSA has leveraged its relationships with industry leaders to give you deep insight into the most current threats and the intelligence-driven techniques and tools to mitigate the risk of disclosure of information.

 

 

ScheduleandRegisterButton

ScheduleOnlyButton

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Attachments

    Outcomes