Certified Incident Handler Training Course
The Certified Incident Handler course offers a structured methodology for effectively and efficiently managing and responding to cybersecurity incidents.
This instructor-led live training, available online or onsite, is designed for intermediate-level IT security professionals aiming to acquire the tactical skills and knowledge necessary to plan, classify, contain, and manage security incidents.
Upon completion of this training, participants will be able to:
- Grasp the incident response lifecycle and its distinct phases.
- Car out incident detection, classification, and notification procedures.
- Implement containment, eradication, and recovery strategies effectively.
- Formulate post-incident reporting and continuous improvement plans.
Course Format
- Interactive lectures and discussions.
- Practical application of incident handling procedures in simulated scenarios.
- Guided exercises targeting detection, containment, and response workflows.
Course Customization Options
- For a customized training session tailored to your organization's specific incident response procedures or tools, please contact us to arrange it.
Course Outline
Introduction to Incident Handling
- Understanding cybersecurity incidents
- Goals and benefits of incident handling
- Incident response standards and frameworks (NIST, ISO, etc.)
Incident Response Process
- Preparation and planning
- Detection and analysis
- Classification and prioritization
Containment Strategies
- Short-term vs long-term containment
- Network segmentation and isolation techniques
- Coordination with stakeholders and notification protocols
Eradication and Recovery
- Identifying root causes
- System restoration and patching
- Monitoring post-recovery
Documentation and Reporting
- Incident documentation best practices
- Generating actionable post-mortem reports
- Lessons learned and metrics for improvement
Incident Response Tools and Technologies
- SIEM systems and log analysis tools
- Endpoint detection and response (EDR)
- Automation and orchestration in IR
Tabletop Exercises and Simulations
- Interactive incident scenarios
- Team coordination drills
- Evaluating response effectiveness
Summary and Next Steps
Requirements
- Basic understanding of IT security concepts
- Familiarity with network protocols and system administration
- Awareness of cybersecurity threats and vulnerabilities
Audience
- IT security analysts
- Incident response team members
- Cybersecurity operations professionals
Open Training Courses require 5+ participants.
Certified Incident Handler Training Course - Booking
Certified Incident Handler Training Course - Enquiry
Certified Incident Handler - Consultancy Enquiry
Testimonials (2)
Clarity and pace of explanations
Federica Galeazzi - Aethra Telecomunications SRL
Course - AI-Powered Cybersecurity: Advanced Threat Detection & Response
The instructor's mastery of all the topics
Miguel Angel Jimenez Sanchez - ASP Integra Opciones
Course - MITRE ATT&CK
Machine Translated
Upcoming Courses
Related Courses
AI-Powered Cybersecurity: Threat Detection & Response
21 HoursThis instructor-led, live training in Argentina (online or onsite) is designed for entry-level cybersecurity professionals seeking to harness AI to enhance their threat detection and response capabilities.
Upon completion of this training, participants will be able to:
- Grasp the role of AI in cybersecurity.
- Deploy AI algorithms for effective threat detection.
- Streamline incident response using AI tools.
- Embed AI into current cybersecurity infrastructure.
AI-Powered Cybersecurity: Advanced Threat Detection & Response
28 HoursThis instructor-led, live training in Argentina (online or onsite) is designed for intermediate to advanced cybersecurity professionals aiming to enhance their capabilities in AI-driven threat detection and incident response.
Upon completion of this training, participants will be capable of:
- Deploying advanced AI algorithms for real-time threat detection.
- Tailoring AI models to address specific cybersecurity challenges.
- Creating automation workflows for threat response.
- Protecting AI-driven security tools from adversarial attacks.
Blue Team Fundamentals: Security Operations and Analysis
21 HoursThis instructor-led, live training in Argentina (online or onsite) is aimed at intermediate-level IT security professionals who wish to develop skills in security monitoring, analysis, and response.
By the end of this training, participants will be able to:
- Understand the role of a Blue Team in cybersecurity operations.
- Use SIEM tools for security monitoring and log analysis.
- Detect, analyze, and respond to security incidents.
- Perform network traffic analysis and threat intelligence gathering.
- Apply best practices in security operations center (SOC) workflows.
Bug Bounty Hunting
21 HoursBug Bounty Hunting involves identifying security vulnerabilities in software, websites, or systems and responsibly reporting them to receive rewards or recognition.
This instructor-led, live training (available online or onsite) is designed for beginner-level security researchers, developers, and IT professionals who wish to learn the fundamentals of ethical bug hunting and how to participate in bug bounty programs.
By the end of this training, participants will be able to:
- Understand the core concepts of vulnerability discovery and bug bounty programs.
- Use key tools like Burp Suite and browser dev tools for testing applications.
- Identify common web security flaws such as XSS, SQLi, and CSRF.
- Submit clear, actionable vulnerability reports to bug bounty platforms.
Format of the Course
- Interactive lecture and discussion.
- Hands-on use of bug bounty tools in simulated testing environments.
- Guided exercises focused on discovering, exploiting, and reporting vulnerabilities.
Course Customization Options
- To request a customized training for this course based on your organization's applications or testing needs, please contact us to arrange.
Bug Bounty: Advanced Techniques and Automation
21 HoursBug Bounty: Advanced Techniques and Automation provides an in-depth exploration of high-impact vulnerabilities, automation frameworks, reconnaissance methodologies, and the strategic tooling utilized by top-tier bug bounty hunters.
This instructor-led live training, available online or onsite, is designed for intermediate to advanced security researchers, penetration testers, and bug bounty hunters who aim to streamline their workflows, scale their reconnaissance efforts, and uncover complex vulnerabilities across diverse targets.
Upon completing this training, participants will be capable of:
- Automating reconnaissance and scanning processes for multiple targets.
- Utilizing state-of-the-art tools and scripts essential for bounty automation.
- Identifying complex, logic-based vulnerabilities that extend beyond standard scan results.
- Developing custom workflows for subdomain enumeration, fuzzing, and vulnerability reporting.
Course Format
- Interactive lectures and discussions.
- Practical application of advanced tools and scripting for automation purposes.
- Guided laboratory exercises focused on real-world bounty workflows and sophisticated attack chains.
Customization Options
- For tailored training based on your specific bounty targets, automation requirements, or internal security challenges, please contact us to arrange a customized session.
CHFI - Certified Digital Forensics Examiner
35 HoursThe vendor-neutral Certified Digital Forensics Examiner certification is designed to train Cyber Crime and Fraud Investigators by teaching them electronic discovery and advanced investigative techniques. This course is essential for anyone who encounters digital evidence while conducting an investigation.
The Certified Digital Forensics Examiner training provides the methodology for conducting a computer forensic examination. Students learn to apply forensically sound investigative techniques to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain the chain-of-custody, and write a findings report.
The Certified Digital Forensics Examiner course benefits organizations, individuals, government offices, and law enforcement agencies interested in pursuing litigation, establishing proof of guilt, or taking corrective action based on digital evidence.
Mastering Continuous Threat Exposure Management (CTEM)
28 HoursThis instructor-led, live training in Argentina (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to implement CTEM in their organizations.
By the end of this training, participants will be able to:
- Understand the principles and stages of CTEM.
- Identify and prioritize risks using CTEM methodologies.
- Integrate CTEM practices into existing security protocols.
- Utilize tools and technologies for continuous threat management.
- Develop strategies to validate and improve security measures continuously.
Cyber Threat Intelligence
35 HoursThis instructor-led, live training in Argentina (online or onsite) is aimed at advanced-level cyber security professionals who wish to understand Cyber Threat Intelligence and learn skills to effectively manage and mitigate cyber threats.
By the end of this training, participants will be able to:
- Understand the fundamentals of Cyber Threat Intelligence (CTI).
- Analyze the current cyber threat landscape.
- Collect and process intelligence data.
- Perform advanced threat analysis.
- Leverage Threat Intelligence Platforms (TIPs) and automate threat intelligence processes.
Fundamentals of Corporate Cyber Warfare
14 HoursThis instructor-led, live training in Argentina (online or onsite) covers the different aspects of enterprise security, from AI to database security. It also includes coverage of the latest tools, processes and mindset needed to protect from attacks.
DeepSeek for Cybersecurity and Threat Detection
14 HoursThis instructor-led, live training in Argentina (online or onsite) is designed for intermediate-level cybersecurity professionals seeking to utilize DeepSeek for advanced threat detection and automation.
By the conclusion of this training, participants will be able to:
- Utilize DeepSeek AI for real-time threat detection and analysis.
- Implement AI-driven anomaly detection techniques.
- Automate security monitoring and response using DeepSeek.
- Integrate DeepSeek into existing cybersecurity frameworks.
Duty Managers Cyber Resilience
14 HoursThis instructor-led, live training in Argentina (online or onsite) is aimed at intermediate-level duty managers and operational leaders who wish to build robust cyber resilience strategies to safeguard their organizations against cyber threats.
By the end of this training, participants will be able to:
- Comprehend the fundamentals of cyber resilience and its importance to duty management.
- Create incident response plans to sustain operational continuity.
- Recognize potential cyber threats and vulnerabilities in their environment.
- Apply security protocols to reduce risk exposure.
- Coordinate team responses during cyber incidents and recovery efforts.
Junior Detection Engineer Essentials
21 HoursDetection engineering involves the design, implementation, and refinement of techniques to identify malicious activities across systems and networks.
This instructor-led, live training, available online or onsite, is designed for beginner-level cybersecurity professionals seeking practical skills in creating and tuning security detections.
Upon completing this training, participants will possess the capabilities to:
- Create effective detection rules and signatures using standard security tools.
- Analyze logs and telemetry data to spot suspicious behavior.
- Leverage threat intelligence to enhance detection logic.
- Refine alerts and minimize false positives within a SOC environment.
Course Format
- Guided instruction accompanied by practical demonstrations.
- Scenario-based exercises and hands-on analysis.
- Real-world detection development in an interactive lab setting.
Customization Options
- For organizations needing a customized version of this program, please contact us to explore customization possibilities.
MITRE ATT&CK
7 HoursThis instructor-led, live training in Argentina (online or onsite) is designed for information system analysts who want to leverage MITRE ATT&CK to reduce the risk of security breaches.
Upon completion of this training, participants will be able to:
- Establish the necessary development environment to begin implementing MITRE ATT&CK.
- Categorize attacker interactions with systems.
- Document adversary behaviors within systems.
- Track attacks, interpret patterns, and evaluate the effectiveness of existing defense tools.
Open-Source EDR Fundamentals: Deployment, Detection & Response
14 HoursOpenEDR is an open-source endpoint detection and response solution that delivers continuous telemetry, detection, and analysis of hostile activity across endpoints.
This instructor-led live training (available online or onsite) is designed for beginner to intermediate IT and security professionals who aim to deploy, configure, and operate OpenEDR to identify and respond to cyber threats.
Upon completion of this training, participants will be able to:
- Deploy and configure OpenEDR agents and server components for telemetry collection.
- Execute basic detection and monitoring using OpenEDR dashboards and event views.
- Analyze endpoint events to identify suspicious activity and potential threats.
- Integrate OpenEDR alerts into incident response workflows and reporting processes.
Course Format
- Interactive lectures and discussions.
- Numerous exercises and practical practice sessions.
- Hands-on implementation in a live-lab environment.
Customization Options
- To request a customized training for this course, please contact us to arrange.
Mastering Open-Source EDR & Mitre ATT&CK for Threat Hunting
21 HoursOpenEDR is an open-source endpoint detection and response platform that offers analytic detection capabilities, providing visibility into the MITRE ATT&CK framework for real-time event correlation and root cause analysis of adversarial activities.
This instructor-led live training (available online or onsite) targets advanced SOC analysts, threat hunters, and incident responders who aim to design and operate threat-hunting programs using OpenEDR, mapping their detections to the MITRE ATT&CK framework.
Upon completing this training, participants will be able to:
- Deploy and configure OpenEDR agents and server components for telemetry collection and analysis.
- Map observable endpoint telemetry to MITRE ATT&CK techniques and construct detection logic accordingly.
- Design and execute threat-hunting workflows leveraging behavioral analytics and event correlation to identify adversarial activity.
- Integrate OpenEDR findings into incident response playbooks and perform root cause analysis.
Format of the Course
- Interactive lecture and discussion.
- Extensive exercises and practice.
- Hands-on implementation in a live-lab environment.
Course Customization Options
- To request a customized training for this course, please contact us to arrange.