This course covers practical aspects of how to analyze various stages of attack using the data provided by F-Secure EDR. The lectures are divided by attack specs. in the first lecture we will study various initial execution methods, in the second migration from the first compromised process, and so forth.
Each lecture is divided into introduction of the particular step, the most common methods used by attackers, and then continues with example data recorded by EDR. Each student will be provided a read only access to training company where we have example each exhibiting a given malicious behavior.
These lectures will be available later in F-Secure Academy as recordings – however, to benefit from the interactivity of the lectures, joining them is very much encouraged. Attending three of the five lectures of the course either via the events or through F-Secure Academy will provide you with an EDR Advanced Training certificate.
Each lecture will be given online at 14:00 - 16:00 UTC+3 Helsinki time.
The Advanced Plus courses are free of charge and can be attended by any F-Secure Partner. The course requires some technical knowledge on how RDR functions, so we recommend completing F-Secure RDR Technical Training (Basic) in F-Secure Academy before participating.
Principal Researcher, Tactical Defence Unit, F-Secure
Jarno Niemelä works as a Principal Researcher at F-Secure Tactical Defence unit. Jarno has been working on cyber defence related topics at F-Secure since year 2000, first in Anti-Virus lab, and then moving into behavioral analysis, behavioral analysis automation and cyber defence related topics. Jarno has been working with RDR and its predecessor technologies since their implementation at F-Secure.