The rate of data breaches and APT attacks rapidly increased during the period coinciding with the COVID-19 pandemic. Organizations have started to recognize weaknesses and vulnerabilities in their IT infrastructure, at great expense to their operations and customer data. For medium to large commercial organizations, a defense-in-depth strategy that includes securing and testing is required. This is where blue team operations come into play.
The objective of blue team operations is to determine the weaknesses that affect an organization and implement security mechanisms and safeguards to protect their data and digital infrastructure.
As a follow-up to the HackerSploit Red Team Security Series, a new Linode LIVE! series is available on Blue Team operations. Instituting blue team operations helps you determine weaknesses and then implement security mechanisms or safeguards to protect your data and digital infrastructure.
In this video series, infosec and cybersecurity professionals review industry standards and tools to protect, detect, and respond against attacks from malicious threat actors in an enterprise environment.
Head to HackerSploit’s YouTube channel to watch part one for an introduction to network security, intrusion detection, and threat detection by showcasing the tools and techniques used by blue teams. Topics include:
- Network Traffic Analysis With Wireshark
- Intrusion Detection With Snort
- Intrusion Detection With Wazuh
- Intrusion with Suricata
- Security Event Monitoring With Splunk
And when you’ve completed Part 1 of the course, head on over to the link in the event details and register for Part 2 of the series to learn about host based security and DFIR (Digital Forensics & Incident Response) on both Windows and Linux. Topics include:
- Host-Based Intrusion Detection With OSSEC
- Memory Analysis With LIME
- Memory Forensics With Volatility
- Disk Analysis with Autopsy
- Docker Image Analysis With Trivy
- Incident Response With FireEye Redline