Expert Training

Modern Detection And Response

Date: November 16 2021

10:00 - 18:00 UTC+3 Helsinki

Course Description

The threat landscape is quite diverse and constantly evolves. How can you ensure that in such uncertain times your organization is protected as well as it should? This training explores common attacker techniques and ways F-Secure can help you in detecting such threats.

During the training you will have an opportunity to execute attacks based on real–world scenarios in an isolated environment and observe the way they are detected by the F-Secure Rapid Detection & Response service. For each attack most effective ways of analysis and response will be discussed.

Upon the completion of the training, you will have the basic technical skills needed to detect and eradicate threat actors on both Windows and Linux. You will also be able to use F-Secure Rapid Detection & Response Portal in order to retrieve additional information useful during incident analysis.

The training includes theoretical introduction and hands–on workshops within the F-Secure Playground environment, giving each participant access to a private lab environment to experiment in. Both Windows and Linux scenarios will be considered.

The training will cover the following topics:

  • Modern threat detection
  • Microsoft Office offensive macros
  • Attacker tooling
  • Windows process injection
  • Windows Persistence techniques
  • Lateral movement
  • Active Directory
  • Linux exploitation


The Expert level course costs 1000€ per partner contact with partner level discounts available (Platinum 550€, Gold 630€, Silver 750€).

The course requires some technical knowledge on how RDR functions, so we recommend completing F-Secure RDR Technical Training (Basic) in F-Secure Academy before participating. 


10min Introduction
30min Lecture: Threat Intelligence
30min Lecture: Threat Detection
15min Hands-on workshops introduction and lab setup
2h Scenario #1
2h 30min Scenario #2
1h 30min Scenario #3
5min Closing Words


Krzysztof Marciniak
Security Researcher, Business Security R&D, F-Secure

Krzysztof during his 5 years at F-Secure explored different areas of security from developing software to penetration testing and incident response. With his focus on exploitation of Windows systems as well as hardware security, he shares his knowledge internally as well as externally through events such as trainings, conferences and events — including the founding of Poznań Security Meetup in Poland.

Jarosław Kaminski
Principal Security Researcher, Business Security R&D, F-Secure

Jarosław was leading the F-Secure security consulting / penetration testing team in Poznań until he moved to the current role in 2020. With a prior experience as a software developer, system and network administrator, he pursues his interests in a wide spectrum of security topics, focusing particularly on core infrastructure services, network and Linux.