Online Threat Detection and Response (TDR) Training in Serbia

This instructor-led, live training in Serbia (online or onsite) is designed for intermediate-level cybersecurity professionals aiming to implement CTEM within their organizations.

Upon completing this training, participants will be equipped to:

• Comprehend the core principles and phases of CTEM.
• Identify and prioritize risks using CTEM methodologies.
• Integrate CTEM practices into existing security protocols.
• Leverage tools and technologies for continuous threat management.
• Develop strategies to continuously validate and enhance security measures.

This instructor-led, live training in Serbia (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to leverage DeepSeek for advanced threat detection and automation.

By the end of this training, participants will be able to:

• Utilize DeepSeek AI for real-time threat detection and analysis.
• Implement AI-driven anomaly detection techniques.
• Automate security monitoring and response using DeepSeek.
• Integrate DeepSeek into existing cybersecurity frameworks.

OpenEDR is an open-source Endpoint Detection and Response (EDR) platform designed to provide continuous telemetry, detection, and analysis of adversarial activities on endpoints.

This instructor-led live training, available both online and onsite, is tailored for IT and security professionals at beginner to intermediate levels who aim to deploy, configure, and operate OpenEDR to identify and counter cyber threats.

Upon completion of this training, participants will be capable of:

• Deploying and configuring OpenEDR agents and server components for efficient telemetry collection.
• Executing fundamental detection and monitoring tasks using OpenEDR dashboards and event views.
• Analyzing endpoint events to pinpoint suspicious behavior and potential threats.
• Integrating OpenEDR alerts into established incident response workflows and reporting mechanisms.

Course Format

• Interactive lectures and discussions.
• Extensive exercises and practical practice sessions.
• Hands-on implementation within a live laboratory environment.

Customization Options

• For customized training requests, please contact us to arrange specific requirements.

OpenEDR is an open-source endpoint detection and response platform that provides analytic detection with MITRE ATT&CK visibility for event correlation and root cause analysis of adversarial activity in real time.

This instructor-led, live training (online or onsite) is aimed at advanced-level SOC analysts, threat hunters, and incident responders who wish to design and operate threat-hunting programs using OpenEDR and map detections to the MITRE ATT&CK framework.

By the end of this training, participants will be able to:

• Deploy and configure OpenEDR agents and server components for telemetry collection and analysis.
• Map observable endpoint telemetry to MITRE ATT&CK techniques and build detection logic accordingly.
• Design and execute threat-hunting workflows that use behavioral analytics and event correlation to identify adversarial activity.
• Integrate OpenEDR findings into incident response playbooks and perform root cause analysis.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Ransomware represents a type of malicious software specifically engineered to encrypt data and extort payments from organizations.

This instructor-led, live training (available online or onsite) is designed for intermediate-level security professionals aiming to enhance their negotiation tactics and intelligence-gathering skills during ransomware incidents.

Upon completing this training, participants will be equipped to:

• Evaluate the structure, behavior, and lifecycle of contemporary ransomware campaigns
• Implement proven negotiation frameworks in real-world ransomware situations
• Collect, analyze, and apply threat intelligence to bolster ransomware defenses
• Collaborate efficiently with stakeholders, law enforcement, and external partners during an attack

Course Format:

• Expert-led presentations augmented by real case studies
• Interactive exercises that simulate ransomware negotiations
• Hands-on practice with intelligence tools in a controlled lab environment

Customization Options:

• If your organization requires a customized version of this training, please reach out to us for details.

This instructor-led, live training in Serbia (online or onsite) is tailored for advanced cybersecurity professionals who wish to comprehend Cyber Threat Intelligence and develop skills to effectively manage and mitigate cyber threats.

By the end of this training, participants will be able to:

• Understand the fundamentals of Cyber Threat Intelligence (CTI).
• Analyze the current cyber threat landscape.
• Collect and process intelligence data.
• Perform advanced threat analysis.
• Leverage Threat Intelligence Platforms (TIPs) and automate threat intelligence processes.

Detection engineering involves the creation, implementation, and refinement of strategies to identify malicious activities across various systems and networks.

This instructor-led, live training (available online or on-site) is designed for beginner-level cybersecurity professionals seeking to develop practical skills in constructing and fine-tuning security detections.

Upon finishing this training, participants will acquire the following capabilities:

• Create effective detection rules and signatures using standard security tools.
• Analyze logs and telemetry data to spot suspicious behavior.
• Utilize threat intelligence to enhance detection logic.
• Improve alert accuracy and minimize false positives within a Security Operations Center (SOC) workflow.

Course Format

• Guided instruction combined with practical demonstrations.
• Scenario-based exercises and hands-on analysis.
• Real-world detection building within an interactive lab environment.

Customization Options

• If your organization requires a customized version of this program, please contact us to discuss your specific needs.

The Certified Incident Handler program offers a systematic methodology for effectively and efficiently managing cybersecurity incidents.

Delivered by instructors through live online or onsite sessions, this course is designed for IT security professionals with intermediate-level expertise who aim to acquire the tactical skills necessary to plan, classify, contain, and manage security incidents.

Upon completing this training, participants will be equipped to:

• Grasp the incident response lifecycle and its various phases.
• Carry out procedures for incident detection, classification, and notification.
• Implement containment, eradication, and recovery strategies with precision.
• Create comprehensive post-incident reports and continuous improvement plans.

Course Format

• Interactive lectures and discussions.
• Practical application of incident handling procedures within simulated environments.
• Instructor-led exercises targeting detection, containment, and response workflows.

Customization Options

• For a tailored training session aligned with your organization’s specific incident response protocols or tools, please reach out to us to make arrangements.

Bug Bounty: Advanced Techniques and Automation provides an in-depth exploration of high-impact vulnerabilities, automation frameworks, reconnaissance techniques, and the tooling strategies employed by top-tier bug bounty hunters.

This instructor-led, live training (available online or onsite) is designed for intermediate to advanced-level security researchers, penetration testers, and bug bounty hunters who aim to automate their workflows, scale their reconnaissance efforts, and uncover complex vulnerabilities across multiple targets.

Upon completion of this training, participants will be able to:

• Automate reconnaissance and scanning processes for multiple targets.
• Utilize cutting-edge tools and scripts essential for bounty automation.
• Identify complex, logic-based vulnerabilities that standard scans often miss.
• Develop custom workflows for subdomain enumeration, fuzzing, and reporting.

Course Format

• Interactive lectures and discussions.
• Hands-on practice with advanced tools and scripting for automation.
• Guided labs focusing on real-world bounty workflows and advanced attack chains.

Course Customization Options

• To request a customized training session tailored to your specific bounty targets, automation requirements, or internal security challenges, please contact us to arrange.

Bug bounty hunting involves systematically identifying security weaknesses in software, websites, or systems and responsibly disclosing them in exchange for rewards or professional recognition.

This instructor-led live training (available online or onsite) is designed for beginner-level security researchers, developers, and IT professionals eager to grasp the fundamentals of ethical bug hunting and actively participate in bug bounty programs.

Upon completing this training, participants will be equipped to:

• Grasp the fundamental principles of vulnerability discovery and the mechanics of bug bounty programs.
• Utilize essential tools such as Burp Suite and browser developer tools for application testing.
• Recognize prevalent web security flaws, including XSS, SQLi, and CSRF.
• Submit clear, actionable vulnerability reports to bug bounty platforms.

Training Format

• Interactive lectures and discussions.
• Practical application of bug bounty tools within simulated testing environments.
• Guided exercises focused on discovering, exploiting, and reporting vulnerabilities.

Customization Options

• For organizations seeking a customized training program tailored to their specific applications or testing requirements, please contact us to arrange a session.

This instructor-led, live training in Serbia (online or onsite) is designed for intermediate-level duty managers and operational leaders who seek to establish strong cyber resilience strategies to protect their organizations against cyber threats.

By the conclusion of this training, participants will be capable of:

• Understanding cyber resilience fundamentals and their importance to duty management.
• Developing incident response plans to ensure operational continuity.
• Identifying potential cyber threats and vulnerabilities within their environment.
• Implementing security protocols to minimize risk exposure.
• Coordinating team responses during cyber incidents and recovery processes.

This live, instructor-led training in Serbia (online or onsite) targets intermediate-level IT security professionals who wish to develop skills in security monitoring, analysis, and response.

By the end of this training, participants will be able to:

• Understand the role of a Blue Team in cybersecurity operations.
• Use SIEM tools for security monitoring and log analysis.
• Detect, analyze, and respond to security incidents.
• Perform network traffic analysis and threat intelligence gathering.
• Apply best practices in security operations center (SOC) workflows.

This instructor-led, live training in Serbia (online or onsite) is designed for intermediate to advanced cybersecurity professionals seeking to enhance their skills in AI-driven threat detection and incident response.

Upon completion of this training, participants will be able to:

• Deploy advanced AI algorithms for real-time threat detection.
• Tailor AI models to address specific cybersecurity challenges.
• Create automation workflows for efficient threat response.
• Protect AI-driven security tools from adversarial attacks.

This instructor-led, live training in Serbia (online or onsite) is designed for entry-level cybersecurity professionals eager to learn how to use AI to enhance their threat detection and response capabilities.

Upon completion of this training, participants will be able to:

• Grasp the applications of AI within cybersecurity.
• Deploy AI algorithms for effective threat detection.
• Automate incident response using AI tools.
• Integrate AI into current cybersecurity infrastructure.

This course equips you with the skills to investigate, respond to, and proactively hunt for threats using Microsoft Azure Sentinel, Azure Defender, and Microsoft 365 Defender. You will learn to mitigate cyber threats by effectively configuring Azure Sentinel and utilizing the Kusto Query Language (KQL) for detection, analysis, and reporting. Designed for professionals in Security Operations roles, this course provides comprehensive preparation for the SC-200: Microsoft Security Operations Analyst certification exam.

Audience Profile

Microsoft Security Operations Analysts collaborate with organizational stakeholders to safeguard information technology systems. Their primary objective is to reduce organizational risk by rapidly remediating active attacks, advising on threat protection improvements, and referring policy violations to the appropriate parties. Key responsibilities include managing, monitoring, and responding to threats using various security solutions. Analysts primarily investigate, respond to, and hunt for threats using Microsoft Azure Sentinel, Azure Defender, Microsoft 365 Defender, and third-party tools. As consumers of operational data from these tools, they play a critical role in their configuration and deployment.

Job role: Security Engineer

Preparation for exam: SC-200

Features: none

Skills gained

• Explain how Microsoft Defender for Endpoint mitigates environmental risks
• Set up a Microsoft Defender for Endpoint environment
• Configure Attack Surface Reduction rules on Windows 10 devices
• Execute actions on devices via Microsoft Defender for Endpoint
• Investigate domains and IP addresses within Microsoft Defender for Endpoint
• Investigate user accounts in Microsoft Defender for Endpoint
• Configure alert settings in Microsoft Defender for Endpoint
• Understand the evolving cybersecurity threat landscape
• Conduct advanced hunting in Microsoft 365 Defender
• Manage incidents in Microsoft 365 Defender
• Explain how Microsoft Defender for Identity mitigates environmental risks
• Investigate Data Loss Prevention (DLP) alerts in Microsoft Cloud App Security
• Describe actions available for insider risk management cases
• Configure auto-provisioning in Azure Defender
• Remediate alerts in Azure Defender
• Construct KQL statements
• Filter searches using KQL based on event time, severity, domain, and other data
• Extract data from unstructured string fields using KQL
• Manage an Azure Sentinel workspace
• Use KQL to access watchlists in Azure Sentinel
• Manage threat indicators in Azure Sentinel
• Explain differences between Common Event Format and Syslog connectors in Azure Sentinel
• Connect Azure Windows Virtual Machines to Azure Sentinel
• Configure the Log Analytics agent to collect Sysmon events
• Create new analytics rules and queries via the analytics rule wizard
• Create playbooks to automate incident response
• Use queries for threat hunting
• Monitor threats over time using livestream

The vendor-neutral Certified Digital Forensics Examiner certification is designed to equip Cyber Crime and Fraud Investigators with the skills for electronic discovery and advanced investigative techniques. This training is indispensable for anyone who encounters digital evidence during the course of an investigation.

The Certified Digital Forensics Examiner program instructs participants on the methodology for conducting computer forensic examinations. Students will master forensically sound investigative practices to assess scenes, collect and document pertinent data, interview key personnel, maintain the chain of custody, and draft comprehensive findings reports.

The Certified Digital Forensics Examiner course offers significant value to organizations, individuals, government entities, and law enforcement agencies seeking to pursue litigation, establish proof of guilt, or implement corrective actions based on digital evidence.

This course explores the management of an incident response team. Given the frequency and complexity of modern cyber attacks, the role of the first responder and the function of incident response have become critical for organizations.

As the final line of defense, effective incident response depends on detecting and responding to events efficiently. This requires robust management processes, along with specialized skills and knowledge for managing an incident response team.

This instructor-led, live training in Serbia (online or onsite) covers the different aspects of enterprise security, from AI to database security. It also includes coverage of the latest tools, processes and mindset needed to protect from attacks.

In this course, you will gain an understanding of the fundamental principles and methodologies behind digital forensics investigations, alongside a comprehensive overview of the various computer forensics tools available. The curriculum covers essential forensic procedures designed to ensure that evidence meets the standards for admissibility in court, as well as the associated legal and ethical considerations.

You will also learn how to conduct forensic investigations on both Unix/Linux and Windows environments utilizing diverse file systems, while exploring advanced topics such as investigations into wireless, network, web, database, and mobile-related crimes.

This course immerses participants in an interactive learning environment where they are taught how to scan, test, exploit, and secure their own systems. The lab-intensive setting provides each student with in-depth knowledge and practical experience with essential current security systems. Participants begin by understanding how perimeter defenses operate, then progress to scanning and attacking their own networks in a controlled environment where no real network is harmed. Students then learn how intruders escalate privileges and identify the steps necessary to secure a system. Additionally, students will gain insights into Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows, and Virus Creation. Upon completion of this intensive 5-day class, students will possess a hands-on understanding and practical experience in Ethical Hacking.

The purpose of the Ethical Hacking Training is to:

• Establish and govern minimum standards for credentialed professional information security specialists in ethical hacking measures.
• Inform the public that credentialed individuals meet or exceed these minimum standards.
• Reinforce ethical hacking as a unique and self-regulating profession.

Audience:

The course is ideal for professionals in roles such as, but not limited to:

• Security Engineers
• Security Consultants
• Security Managers
• IT Directors/Managers
• Security Auditors
• IT Systems Administrators
• IT Network Administrators
• Network Architects
• Developers

Why should you attend?

The Certified Lead Ethical Hacker training program empowers you with the essential expertise to execute information system penetration tests by leveraging recognized principles, procedures, and techniques. This approach helps identify potential threats within computer networks. Throughout this course, you will acquire the knowledge and skills required to manage a penetration testing project or team, as well as to plan and conduct both internal and external pentests. These activities will be aligned with various standards, including the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM). Additionally, you will develop a comprehensive understanding of how to draft reports and propose countermeasures. Through hands-on exercises, you will master penetration testing techniques and gain the skills necessary to lead a pentest team, effectively communicate with clients, and resolve conflicts.

This Certified Lead Ethical Hacking training offers a technical perspective on information security through ethical hacking, utilizing common techniques such as information gathering and vulnerability detection, both inside and outside of a business network.

The training is also aligned with the NICE (The National Initiative for Cybersecurity Education) Protect and Defend framework.

Upon mastering the necessary knowledge and skills in ethical hacking, you may take the exam to apply for the "PECB Certified Lead Ethical Hacker" credential. Holding a PECB Lead Ethical Hacker certificate demonstrates that you have acquired the practical skills to perform and manage penetration tests in accordance with best practices.

Who should attend?

• Individuals interested in IT security, particularly ethical hacking, who wish to learn more about the topic or begin a professional career shift.
• Information security officers and professionals aiming to master ethical hacking and penetration testing techniques.
• Managers or consultants seeking to understand how to oversee the penetration testing process.
• Auditors wishing to perform and conduct professional penetration tests.
• Personnel responsible for maintaining the security of information systems within an organization.
• Technical experts looking to learn how to prepare for a penetration test.
• Cybersecurity professionals and members of information security teams.

Course Format

• Interactive lectures and discussions.
• Extensive exercises and practical application.
• Hands-on implementation within a live-lab environment.

Customization Options

• To request customized training for this course, please contact us to arrange.

This instructor-led, live training in Serbia (online or onsite) is aimed at information system analysts who wish to use MITRE ATT&CK to decrease the risk of a security compromise.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start implementing MITRE ATT&CK.
• Classify how attackers interact with systems.
• Document adversary behaviors within systems.
• Track attacks, decipher patterns, and rate defense tools already in place.