Blue Team – Incident Management


Advanced level


Cyber professional


English language

Course Start Dates

January 2022

Enroll now

May 2022

Pre-order available

2 Days Live Interactive Learning

09:00 - 17:00 CET

Blue Team – Incident Management

About the course

Work in teams to identify and analyze adversaries' behaviors within an information system. In these realistic scenarios, participants face a computer threat carried by a series of attack phases.

From the presentation of the tools made available during the exercise to the support in the operational phases simulated on the CyberRange platform, Airbus CyberSecurity's coaches provide comprehensive support in the training of SOC operators.

icon (11)

Prerequisites / Equipments

  • Experience in the supervision of information systems

icon (11)


  • Practical exercise on CyberRange

Blue Team – Incident Management course
by Airbus CyberSecurity

icon (13)

Course Objectives

  • Understand the issues of an NCS and the perspective of the opponent
  • Identifying security incidents on an information system
  • Investigate and qualify different attack sequences
  • Conduct a tactical situation assessment using the ATT&CK Mitre model
  • Setup detection means
icon (14)

What you will learn

  • Presentation of the Information System and the key points to protect it
  • Configuration of detection tools
  • Identification and qualification of attacks
  • Implementation of containment, eradication and restoration of normalcy procedures
  • Adaptation of detection tools and rules
  • Work in a Blue team and defend your Information System

Training Fee

1,800 CHF

2 Days Training Fee
With 30 days Access


After the session, training certificates will be provided by the Swiss Cyber Institute and Airbus CyberSecurity for each participant, in an electronic format and hard copy.

Corporate Offer

Contact us to ask about special offers for Teams

Discover our courses

Not sure which course suit you the best?

By taking quiz, you will be able to see which one of our courses suits with your requirements and needs more

Frequently Asked Questions

What is Airbus CyberRange?

The proposed training modules are designed to provide operable knowledge and operational skills to the participants. Our pedagogy is based on a set of concrete and practical scenarios. Multiple roles are managed in the Airbus Cyberrange platform in order to perform various kinds of training sessions: blue team, red team, and others. It is possible to customize groups and rules in the Airbus Cyberrange platform to fit end-user needs on execution and creation. Each training is provided by Airbus Cybersecurity trainer that brings expertise in their respective fields of business to direct benefit to the trainees.

Course Content
  • At least 80% of training content is made of practical exercises

  • Training content developed and run by active Cyber experts, with cybersecurity professional activities in Airbus CyberSecurity that also brings experience and references to the trainees already encountered examples.

  • Dedicated and realistic simulation environment including real security products and cyberattacks


With operational designed trainings, our courses are continuously updated by our educational engineers and expert trainers to adapt to needs. They focus on a direct practice of the concepts presented by alternating theory and practical exercises.

Contact us for more information

+41 44 501 40 73

available from 09:00 - 18:00


Sihlstrasse 38, 8001 Zürich