Senior Instructor

Chris Daywalt

Security Freelancer

Chris Daywalt is a security freelancer in the defensive space who spends much of his day doing and teaching Digital Forensics and Incident Response (DFIR).

See More
Rating
35
courses
courses

Courses

true
false
false
Course
1
H:
20
M
1
CEUS

Persistence in Windows

In this hands-on lab, you will learn the basics of persistence in Windows. You will practice generating data that is representative of common persistence mechanisms, then use a SIEM to identify indicators of persistence.

Learn More & Enroll
true
false
false
Course
1
H:
20
M
1
CEUS

Execution in Windows

In this hands-on lab, you will learn the basics of process analysis and Windows execution. You will practice using Process Explorer and a SIEM to analyze information from collected process dumps.

Learn More & Enroll
true
false
false
Course
1
H:
30
M
1
CEUS

Spearphishing with a Link

In this hands-on lab, you will learn how to analyze spearphishing emails containing malicious links. You will practice analyzing a sample spearphishing email.

Learn More & Enroll
true
false
false
Course
1
H:
30
M
1
CEUS

SIEM Dashboards

In this lab, you will learn the basics of SIEM dashboards. You will practice creating your own custom dashboard using the Wazuh SIEM.

Learn More & Enroll
true
false
false
Course
1
H:
15
M
1
CEUS

Host Detection Basics

In this course, you will learn the basics of host-based detection and analysis. You will learn about host monitoring strategies, relevant host data, visibility, and content access techniques, as well as types of detection logic.

Learn More & Enroll
true
false
false
Course
1
H:
15
M
1
CEUS

Web Activity Logs

In this hands-on lab, you will learn the basics of web activity logs. You will then practice identifying meaningful events in web proxy (HTTP/HTTPS) and name server (DNS) logs in the context of a new threat intelligence report.

Learn More & Enroll
true
false
false
Course
1
H:
15
M
1
CEUS

SIEM Detection and Alerting

In this hands-on lab, you will learn the basics of SIEM-based detection and alerting. You will practice using the Wazuh SIEM to create, modify, and test custom rules and alerts.

Learn More & Enroll
true
false
false
Course
1
H:
10
M
1
CEUS

Network Observables

In this hands-on lab, you will learn the basics of network observables. You will practice researching and documenting observables from a suspicious email using the security ticketing system theHive.

Learn More & Enroll

About Chris Daywalt

After too many years of security operations work, Chris Daywalt tries to turn his phone off at 5:00 pm EST. While there are a bunch of training classes and education somewhere on his resume, much of what he has to teach was learned at the school of hard knocks, often at the expense of his previous clients. He wants to help you spend more time detecting and denying adversaries and less time banging your head against your keyboard. He dips his blueberry donuts in orange juice.

Chris’ 19-year career includes work for organizations of all sizes, both government and private sector, and is distributed roughly like so:

  • 30% doing DFIR
  • 30% teaching DFIR
  • 20% monitoring and detection engineering
  • 15% risk assessment
    • 5% other stuff, like sneaking in a game of Plants vs. Zombies or taking a quick nap at the desk (Don’t judge - I work overtime)