0
0
0
0
#SEC699
Latest posts tagged with #SEC699 on Bluesky
Trending
Posts tagged #SEC699
Next week @Jean_Maes_1994 will be giving a sneak peek to the updated SANS #SEC699 Advanced #PurpleTeam course covering: Emulating, Detecting, and Responding to LOLBAS Attacks. This is a free preview from the amazing folks @SANSOffensive...
0
0
1
0
Just kicked off #SEC504 Going to be an amazing week of Hacker Tools, Techniques, and Incident Handling. Love the work that @joswr1ght has done maintaining and updating this course. I often say this is the original #purpleteam @SANSOffensive course followed by #SEC599 and #SEC699
0
0
0
0
Next chance to take SANS #SEC699 Advanced #PurpleTeam class during US time is July 25 with the amazing @Jean_Maes_1994 This course covers 50% emulation and 50% detection. It is advanced, 600 level course that is half lecture and half labs!...
0
0
1
0
The next SANS #SEC699 course is sold out! This means your next chance to take it will be during SANS Cyber Security East April 16-21 with the amazing @Jean_Maes_1994! #purpleteam
I will be teaching #SEC504 and there are many other courses available:...
0
0
1
0
Day 2 of #SEC699 is packed with content from @Jean_Maes_1994 on initial access, execution, and evasion. We understand controls, how to bypass them, and then how to detect the bypasses of EDR, ETW, app allow list, ASR, AMSI, etc. #purpleteam
https://sans.org/sec699
0
0
0
0
Made it home after 22 hour delay! Tired but super excited to kick off a week of #SEC699 Live Online and host a webcast during lunch: Running Your First #PurpleTeam Exercise: Understand the Cyber Kill Chain, Cyber Threat Intelligence, Emulation, &...
0
0
1
0
Join me on Monday at 1pm for a SANS Webcast on Running your first Purple Team Exercise: Understand the Cyber Kill Chain, Cyber Threat Intelligence, Emulation, and Response
https://www.sans.org/webcasts/121820
#purpleteam #CTI @SANSOffensive #SEC599 #SEC699
0
0
0
0
We have a blog and webinar series coming out on https://sans.org/purple-team covering getting started with #PurpleTeam and then diving deeper into more detailed topics from #SEC504 #SEC599 #SEC699
Blogs coming out soon, first webinar on March 28 at 1pm...
0
0
1
0
Check out this feedback about #SEC699 that was just posted on Discord: "I just started day3, and just came back here to say that's the best course/training I've ever done, the content is just awesome!!! I've enjoy every section from the beginning!!!" @ErikVaBu @Jean_Maes_1994
0
0
1
0
Want to learn how to emulate attacks while also learning how to detect and respond to them? Then @SANSOffensive #SEC699 Advanced #PurpleTeam is for you! I am teaching it later this month but there are many other offerings to match your desired time zone:...
0
0
1
0
Kicking off SANS #SEC699 today! Love teaching this 6 day advanced #purpleteam course! Many chances to take it this year: https://sans.org/sec699
@SANSOffensive @SANSInstitute
0
0
0
0
Planning training for 2022? Check out SANS #SEC699 the advanced #purpleteam class "Purple Team Tactics - Adversary Emulation for Breach Prevention & Detection" I will be teaching it in February and March with more options available later in the...
0
0
1
0
0
0
0
0
Some relevant and timely links for day 5 of #SEC699:
- ACE AD Persistence: www.specterops.io/assets/resources/an_ace_...
- Azure AD new vuln:...
0
0
1
0
Day 2 of #SEC699 is one of my favorites: Initial Access which has become harder and harder with newer tech. We look at bypassing AMSI, Office Macro Obfuscation, application allow-listing, exploit guard and attack surface reduction, process injection, etc. @Jean_Maes_1994
0
0
0
1
Getting ready to kick of #SEC699 Advanced #PurpleTeam course. @SANSOffensive Today we ensure everyone is leveled up for this 600 level course. We use AWS and terraform for each student to deploy a large lab environment for attack, detect, and respond. Lots of process covered too!
0
0
0
0
Day 2 of #SEC699 is awesome! @ErikVaBu and @Jean_Maes_1994 did such an awesome job building highly technical content for initial access. This is an advanced #purpleteam course, you can read more here: www.sans.org/cyber-security-courses/p...
0
0
0
0
Ready to kick off #SEC699 Adversary Emulation for Breach Prevention and Detection with my co-instructor @Jean_Maes_1994 @SANSOffensive #purpleteam #adversaryemulation #detectionengineering
0
0
0
0
Prepping to teach #SEC699 @SANSOffensive advanced #purpleteam class with @Jean_Maes_1994 next week and I am so excited!!! @ErikVaBu and team built an amazing course covering 50% red and 50% detection/blue. Hands on labs with your own...
0
0
1
0
Excited to teach the Advanced Purple Team class from SANS with my friend @Jean_Maes_1994 during the Threat Hunting Summit!! You should register! #SEC699 #PurpleTeam #Tactics #AdversaryEmulation for #Breach #Prevention & #Detection @SANSOffensive...
0
0
1
0
Thrilled to be hosting the SANS #ThreatHunting Solutions Track (entire summit is free Oct. 7-8) and teaching #SEC699 #PurpleTeam Tactics - #AdversaryEmulation for Breach Prevention & Detection with the one and only @Jean_Maes_1994 Oct 11-16!...
0
0
1
0
It has arrived!!! Earned the #SEC699 Advanced Purple Team class coin during the Beta 2 CTF. Was a ton of fun! Thanks to @ErikVaBu @jimshew @Steph3nSims @SANSPenTest @SANSInstitute
0
0
0
0
WOW #SEC699 CTF was AWESOME!! You play in teams and have to defend and attack at the same time. You are given a company to defend and an adversary to emulate. Extra points for using same TTPs the adversary did, various objectives, and you have to turn in a report. @ErikVaBu
0
0
0
0
Day 6 of #SEC699 is CTF! Looking forward to working on a team defending against an attack while performing an #adversaryemulation against another organization. Going to start 2-Blue 2-Red and go from there. This will be fun!! @ErikVaBu @jimshew @SANSPenTest @SANSInstitute
0
0
0
0
Today in #SEC699 Day 4 Persistence! COM Object Hijacking; WMIC; AppInit DLLs; AppCertDLLs; Netsh helper DLL; Office Application Startup; Application Shimming; and Account Manipulation!!! @ErikVaBu @jimshew @SANSInstitute @SANSPenTest
0
0
0
0
Day 3 of #SEC699 looking forward to Bloodhound, deep dive into LSASS, abusing unconstrained and constrained delegation, pivoting through domains, trusts, and forest, and much more.
#purpleteam @SANSInstitute @SANSPenTest @ErikVaBu @jimshew
0
0
0
0