Incident Response Trainings

Baner IR

As part of our Incident Response training, the following solutions are available

  Click on the logo for the agenda

Logo PANW                                                                                  Logo S1

Unique Features of the "Incident Response" Training Available at Our Educational Center

1. Training with Advanced EDR/XDR Tools Led by Cybersecurity Experts

Participants learn incident management using forensic (Forensics and Threat Hunting) tools available in commercial EDR/XDR solutions, the same ones used in enterprises. The training is conducted by an expert in the EDR/XDR solution chosen by the participants.

2. Training in a Realistic Cyber ​​Range Environment

Participants practice in a "Cyber ​​Range" designed to resemble a real IT system, including elements most frequently targeted by cybercriminals, such as Active Directory and domain controllers, MS SQL Server, MS Exchange, MS CA, etc. The "Cyber ​​Range" does not contain any artificial "capture the flag" machines—only real systems and vulnerabilities exploited in actual cyberattacks.

3. Real Cyberattack Scenarios Based on Threat Intelligence

Incident management training is conducted using realistic hacking scenarios observed in real-world breaches. The scenarios cover complete attack paths—from initial access and discovery through privilege escalation, credential harvesting, and lateral movement, all the way to the takeover of domain controllers and other critical systems.

4. Complex Cyberattack Scenarios Supported by the Cyber ​​Soldier Educational Application

Participants do not need to be professional pen-testers to execute real, complex cyberattack scenarios. This is made possible through the Cyber ​​Soldier educational application.

5. Opportunity to Improve "Incident Response" Skills in a Production Environment

IT and SOC employees who complete the training in the "Cyber ​​Range" can further refine their practical incident response skills in their production environment. This allows them to assess the effectiveness of their organization's incident detection tools and improve their usage under conditions similar to a real cyberattack. All cyberattack scenarios available in the Cyber ​​Soldier application are realistic (based on Threat Intelligence), making them suitable for execution in production environments - more invasive scenarios require proper approval.