I just recently finished this course ‘Blue Team Boot Camp: Defending Against Hackers’ over on CodeRed which was taught by the excellent Jonathan Elliott.
Recently I started a new job, I think I mentioned previously and in it I am being given the chance to learn some security stuff which I absolutely love, the dream is to one day transition over to security full time. So, being given the opportunity to already be working on blue team stuff is excellent and it made me want to focus more on this side of things for a while as a lot of the previous ones other than the fantastic four part The Complete Cyber Security Course! 1, 2, 3 & 4 I done at Station X there hasn’t been much blue team focus.
Along with this course I am away to review I’ve been working through the ‘Become a Microsoft Defender ATP Ninja’ page put together by Heike Ritter which has been fantastic too but if anyone is aware of any others that would be good for me please do feel free to share.
“Are you interested in becoming a cybersecurity professional? Unfortunately, the market is saturated with courses and text that pertain to becoming a penetration tester, red teamer, and ethical hacker. That concept motivated me to create a comprehensive course that is geared towards the exact opposite. Defensive cybersecurity is just as in-demand as the offensive counterpart and provides the same type of rewarding career. Unlike the red team, defensive cybersecurity has many more sub-fields that allow you to explore different aspects of this career path. In this comprehensive condensed course, you will learn all of the information security principles alongside new technologies that professionals are using to stop hackers from breaching their network.
Who this course is for:
- People interested in starting a career in cybersecurity
- People who desire to learn about effective defense tactics that can mitigate average threat actors and hackers
- People who are passionate about cybersecurity, defensive security, and information security.
- Experience with Microsoft Windows and/or Linux operating systems
- Experience with computer networking is also preferred, but not required.
What you’ll learn
- Students will learn fundamental cyber-security principles that will allow them to defend their network against hackers of all skill sets.
- Students will obtains hands-on knowledge that is applicable to real-world environments.”
There are four chapters in the course:-
Chapter 1: Risk Analysis and Threat Intelligence
- Risk Analysis 00:10:22
- Threat Intelligence 00:10:42
- Asset Management 00:09:22
- Patch Management 00:06:00
- Security Policies 00:03:53
- Cyber Kill Chain 00:06:19
Chapter 2: Endpoint Security
- Passwords 00:12:39
- Application Whitelisting 00:21:55
- EDR 00:09:49
- Basic Windows Hardening 00:13:25
- Windows Fundamentals 00:16:46
- Additional Windows Security Measures 00:13:27
- CIS Benchmarks (Windows 10) 00:08:46
- Persistence 00:06:32
- Basic WMI 00:07:03
- OSQuery 00:04:17
- PowerShell 00:16:11
- FIM in Windows 00:05:48
- HIDS in Windows 00:05:31
- Quick Wins in Windows 00:06:07
- Basic Linux Hardening 00:19:51
- CIS Benchmarks (Linux) 00:09:00
- Linux Fundamentals 00:18:59
- SELinux 00:19:16
- ClamAV and Chkrootkit 00:05:47
- Native Linux Firewalls 00:24:36
- HIDS in Linux 00:02:19
- FIM in Linux 00:22:19
- Lynis 00:02:55
- MITRE ATT&CK 00:18:51
- Golden Images 00:03:27
- Supply Chain Attacks 00:07:14
Chapter 3: Network Security
- Firewalls 00:05:29
- Encryption 00:07:51
- VLAN 00:04:33
- IDS 00:46:51
- Packet Sniffer 00:03:48
- Active Directory 00:26:41
- Proxy Servers 00:06:16
- Lateral Movement 00:12:13
- Command and Control 00:10:11
- DNS 00:15:02
- Password Spraying 00:07:23
- Pass the Hash 00:06:55
- Critical Thinking Question 00:03:28
Chapter 4: Log Aggregation and Correlation
- Log Aggregation 00:06:36
- Windows Logs 00:05:40
- Linux Logs 00:04:52
- Agent vs. Agentless 00:07:07
- Shipping Logs 00:05:46
- Log Correlation 00:08:34
- Incident Manager 00:01:51
- General Workflow Example 00:01:32
- Aggregation and Correlation 00:04:00
- Additional Information 00:06:42
I actually reached out to Jon on LinkedIn to say I had taken and enjoyed the course and he was fantastic enough to email me two remaining slide sets on ‘Email Security’ and ‘Malware Analysis’ which was great so thank you Jon if you are reading this.
Coming out at the end of this course I genuinely feel combined with the Complete Cyber Security Course set that I have levelled up in my skills which feels good as I feel I have a better understanding of how it all comes together.
I loved the section in chapter 1 talking about the patch management as I currently do patching in my team through SCCM and other methods so it was great to see how it fits into things from a security standpoint.
The whole course is excellent filled with blue team essentials taught by a great teacher, it’s just a shame he only has the one course out.
Highly recommended if you want to see things from a defensive standpoint and not an attacking one.
This is Jonathon:-
I’ve been using computers since the early age of six. When I was 13, I began to study certain computing topics more in-depth. I started learning the concept of packet-switched networks while writing scripts in a Pascal-based language via an IDE known as SCAR Divi.
I then began to focus on common web-based vulnerabilities. From there I transitioned into learning general cyber security topics and started to become proficient in different programming languages, network security, and endpoint hardening. Over the years I continued to assimilate these topics, while I acquired more knowledge in generalized networking, penetration testing, and risk analysis alongside my primary focus of defensive security.
To this day, I continue to further my education in every possible way including but not limited to attending conferences, listening to podcasts, and actively participating in the information security community. I also participate in cyber security clubs and regularly engage in non-competitive CTF challenges such as Hack The Box. My passion for this field only continues to grow stronger.
Find him here:-
- Website = https://jonelliott.info/
- Twitter = https://twitter.com/jelliott5_
- LinkedIn = https://www.instagram.com/jelliott27/
Take it easy.