Do you want to…

• assess your own security without specialized security personnel or expensive consultants?

• make dramatic, low-cost security improvements by identifying “low hanging fruit”?

• Generate and centrally collect huge quantities of security information

• Identify and highlight high-fidelity alerts

• develop an environment that is resilient to attack such that harm resulting from a breach is minimized automatically

• reduce security monitoring costs, reduce alert fatigue, and enable 24x7 alerting without the need for a SOC or MSSP

• rapidly identify security breaches, reducing dwell time, breach lifespan, and breach cost?

• create an environment that is actively hostile to returning attackers

​

What if I told you there is a one-on-one, custom coaching program that can make that happen in as little as five weeks, with measurable improvements happening after the first week?

​

One of the most common methods for providing training to security personnel today involves sending them to a training class or conference. This approach provides a cost-effective way to provide personnel with high-quality content in a structured environment. There are, however, challenges with this approach.

​

• Training cost increase based on the number of personnel sent to training. providing training to two people is twice as expensive at training one person.

• The training is not specific to your environment. As a result, students who may be experiencing content for the first time are required to not only understand the content but also must apply new knowledge to the specifics of their organization.

• Training is typically pre-schedule so organizations must adjust their schedules to accommodate the training calendar.

​

Vantage Cyber Defense has personnel with over a decade of experience providing traditional training and has structured its custom training to address may of the previously discussed challenges.

​

• We will provide knowledge and tools to achieve stated goals

• Ability to focus on mid-market means you will be able to execute with limited personnel and resources

• Modular training allows you to pick a complete class, or mix and match the training topics that meet your specific needs

• One-on-one sessions allows for customized training

• One session per week gives you time to absorb the content and complete “homework”, immediately use learning objectives

• No travel

• One price for your organization … multiple students can attend if they work for your company

​

Our approach to training is simple - you pick the number of two-hour training sessions you want the the content you want to discuss. If you want to spend six hours discussing cyber deception and two hours talking incident response, we can do that. If you want to spend two hours on using MITRE ATT&CK and D3FEND as an assessment tool, two hours on effective packet capture, four hours on cyber deception, and another four on incident response, we can make that happen as well. 

​

Select a single, two-hour session or multiple, five-session classes. You pick what is right for you.

​

The following represent the list of our core training topics but remember, we can also customize the content to meet your individual needs. If you don't see it, just ask.

​

Security Assessment & Remediation Prioritization

Nmap for asset inventory, attack surface management, and vulnerability scanning

Security assessments using MITRE ATT&CK and D3FEND

Simple web application scanning

What you need to know about vulnerability scanning

Leveraging an assessment questionnaire to identify gaps in your security program

Prioritization of security efforts using the Pareto Principle and an assumed breach mentality

​

Security Information & Alert Aggregation

Understanding sources of alerts and logs, differentiating between alerts and contextual information

Implementing network packet capture

Maximizing Windows and Linux logging

Understanding, generating, and working with NetFlow

Implementing Zeek, a free network monitoring solution

Implementing Wazuh, a free XDR/SIEM solution

​

Cyber Deception, High-Fidelity Alerting, & Environment Variability

Deception elements, strategy & planning, high vs. low interaction, and deception realism

Leveraging non-production services and systems for high-fidelity, low-noise attack deception

Detection-oriented network design, implementing inter-subnet ACLs and ACL logging

Non-production resources, integrity verification, and ransomware

DIY deception using virtual machines and containers

Using deception for environment variability and MTD
Evaluation of commercial deception technologies
Implementing DejaVU, a free deception solution

Understanding the maturity levels of cyber deception

​

Effective Incident Response

Incident response framework overview

Developing and documenting your IR plan

Incident response preparation

Attack identification and scoping

Attack containment, eradication, and recovery

Setting up 24x7 alerting without a SOC or MSSP using high-fidelity alerts

Continual improvements and MTD operations

​​

To discuss training options, schedule a call with Vantage Cyber Defense today!