
Courses

Cybersecurity Basics
This brief course is designed to introduce you to fundamental cybersecurity concepts and terminology. You will learn about security controls, access management, data protection, encryption, incident response, GRC, and more.

Network Basics
This brief course is designed to introduce you to fundamental networking and network security concepts. You will learn basic networking terminology and topics like the CIA triad, networking models, common ports and protocols, common network-based threats, and network infrastructure security.

Windows Event Logs
In this hands-on lab, you will learn the basics of Windows Event logs, their format, and different types. You will practice using the Event Viewer and correlating between Event Logs in the Event Viewer and a SIEM

Defensive Security and Cyber Risk
In this course, you will learn the basics of defensive security and cyber risk. You will review foundational risk management concepts such as calculating risk and strategies for dealing with risk. You will also explore the NIST CSF as a framework for understanding defensive security.

Domain Authentication in Windows
In this hands-on lab, you will learn about domain-based authentication mechanics in the Windows operating system, including user accounts, the authentication process, and different types of authentication. You will practice identifying when a domain user account has logged on and logged off, including the type of authentication.

Local Authentication in Windows
In this hands-on lab, you will learn about local authentication mechanics in the Windows operating system, including user accounts, the authentication process, and different types of authentication. You will practice identifying when a user account has logged on and logged off, including the type of authentication.

Spearphishing with an Attachment
In this hands-on lab, you will learn the basics of email analysis with a special focus on malicious attachments. You will practice performing triage analysis of a spearphishing email containing a suspicious attachment.

Persistence in Windows
In this hands-on lab, you will learn the basics of persistence in Windows. You will practice generating data that is representative of common persistence mechanisms, then use a SIEM to identify indicators of persistence.

Execution in Windows
In this hands-on lab, you will learn the basics of process analysis and Windows execution. You will practice using Process Explorer and a SIEM to analyze information from collected process dumps.

Spearphishing with a Link
In this hands-on lab, you will learn how to analyze spearphishing emails containing malicious links. You will practice analyzing a sample spearphishing email.
After too many years of security operations work, Chris Daywalt tries to turn his phone off at 5:00 pm EST. While there are a bunch of training classes and education somewhere on his resume, much of what he has to teach was learned at the school of hard knocks, often at the expense of his previous clients. He wants to help you spend more time detecting and denying adversaries and less time banging your head against your keyboard. He dips his blueberry donuts in orange juice.
Chris’ 19-year career includes work for organizations of all sizes, both government and private sector, and is distributed roughly like so: