Free

Enterprise Security Case Management

In this online course about Enterprise Security Case Management, you will learn about tools and techniques which help cybersecurity practitioners manage evidence and related case data to preserve their integrity.

Start Course Subscribe for Updates Need to train your team? Learn more

Create Free Account Need to train your team? Learn more

Time

advanced

difficulty

ceu/cpe

Course Content

Introduction

Core Concepts

Evidence and Case Data Storage

Workflow and Managing Cases

Assigning Access

Conclusion

Course Assessment

Course Description

Improper case management can lead to adverse outcomes and significantly increase the time it takes a security team to detect or respond to active threats in an enterprise environment. If and when security cases result in litigation, it is vital that the case management processes and workflows followed be unimpeachable, and that as much relevant, reliable information is captured before, during, and after executing a case.

Security of the evidence and related data are equally important. Leaving these vulnerable negatively impacts their integrity. This course will teach you concepts such as chain of custody, secure evidence and data storage, why data retention, destruction, and backup are necessary considerations, as well the best methods for capturing contemporaneous notes.

Prerequisites

Knowledge of incident response and handling methodologies (i.e. NIST)

Knowledge of the CIA triad

Knowledge of security principles such as least privilege and ‘need to know’

Experience identifying and remediating security events and incidents

Knowledge of SIEM and SOAR tools also beneficial

Course Goals

By the end of this course, students should be able to:

Create and complete chain of custody and examination forms

Determine how and where to securely store case evidence and related data

Determine the best data retention, destruction, and backup procedures for their organization

Write comprehensive contemporaneous notes and capture information relevant to security cases

This course is part of a Career Path:

No items found.

Instructed by

Instructor

Seth Enoka

I am a client-focussed cybersecurity strategist and trusted adviser with proven success in improving technical security postures by delivering customised compromise assessment, threat hunting, incident response, and digital forensic services. I am an expert in end-to-end incident management, from initial scoping, planning, and team task delegation to evidence gathering, data analysis, and detailed reporting.

I consistently assess, translate, and communicate technical data for diverse technical and non-technical audiences. I continually identify opportunities for expanding the portfolio of services and optimising service delivery. I leverage an IT background whilst overseeing network, web-based application, systems, and database assessments, ensuring well-documented, unambiguous client recommendations for handling and preventing future security incidents.

I am proud of building, training, and mentoring agile incident response and digital forensic teams well versed in industry best practices including NIST and ISO. My specialties include Digital Forensics, Incident Response Management, Crisis Management, Cybersecurity Audits, Business Development, Intrusion Detection, and Threat Modeling.

I believe I have reached a point in my security career where I have acquired enough knowledge to be able to give back to the security community by sharing my knowledge and experience with others in the field. I have a desire to train and mentor others interested in cybersecurity, the same way that others helped me with training and mentorship.

Provider

Certification Body

Certificate of Completion

Complete this entire course to earn a Enterprise Security Case Management Certificate of Completion

Page URL

Copy