Blue Team

Snort IDS

Beginner Security Operations

In the Snort Blue Team Lab, participants assume the role of a blue team defender tasked with securing a corporate network using Snort, a popular open-source Intrusion Detection System (IDS). This immersive, hands-on lab simulates real-world network security challenges where attackers are attempting to breach the network through various techniques, including port scans, malicious payloads, and suspicious network traffic. Participants will learn to configure and deploy Snort rules, analyze network traffic for indicators of compromise (IoCs), and implement effective detection strategies to identify and respond to potential threats. By the end of the lab, participants will have a solid understanding of how to use Snort to protect an organization from network-based attacks and improve overall security posture. To use this lab you will need to be connected to the Professional Labs VPN!

Attacker

Intermediate Malware Analysis

In the Attacker Malware Analysis Lab, participants adopt the role of a blue teamer, focusing on an offline investigation to identify, analyze, and neutralize malware threats. This hands-on lab is designed to simulate a real-world scenario where attackers have deployed malicious executables to compromise a system. Participants will utilize tools such as VirusTotal and other forensic utilities to gather detailed information about the malicious files. Through this lab, they will learn to recognize the signs of malware infections, perform thorough static analysis of executables, and implement effective countermeasures to safeguard the network from future attacks.

Keylogger

Beginner Malware Analysis

In the Keylogger Malware Analysis Lab, participants step into the role of a blue teamer, tasked with identifying, analyzing, and neutralizing a keylogger malware threat within a corporate environment. This hands-on lab is designed to simulate a real-world scenario where attackers have deployed a keylogger to secretly capture keystrokes and steal sensitive information. Participants will learn to recognize the signs of keylogger infections, use forensic tools to analyze malicious binaries, and implement effective countermeasures to protect the network from future attacks.