Blue Team – Incident Management
Advanced level
Cyber professional
English language
Course Start Dates
January 2022
Enroll now
May 2022
Pre-order available
2 Days Live Interactive Learning
09:00 - 17:00 CET

About the course
Work in teams to identify and analyze adversaries' behaviors within an information system. In these realistic scenarios, participants face a computer threat carried by a series of attack phases.
From the presentation of the tools made available during the exercise to the support in the operational phases simulated on the CyberRange platform, Airbus CyberSecurity's coaches provide comprehensive support in the training of SOC operators.
Prerequisites / Equipments
-
Experience in the supervision of information systems
Methodology
- Practical exercise on CyberRange
Blue Team – Incident Management course
by Airbus CyberSecurity
Course Objectives
- Understand the issues of an NCS and the perspective of the opponent
- Identifying security incidents on an information system
- Investigate and qualify different attack sequences
- Conduct a tactical situation assessment using the ATT&CK Mitre model
- Setup detection means
What you will learn
- Presentation of the Information System and the key points to protect it
- Configuration of detection tools
- Identification and qualification of attacks
- Implementation of containment, eradication and restoration of normalcy procedures
- Adaptation of detection tools and rules
- Work in a Blue team and defend your Information System
Certificate
After the session, training certificates will be provided by the Swiss Cyber Institute and Airbus CyberSecurity for each participant, in an electronic format and hard copy.
Our Partners





Discover our courses
Not sure which course suit you the best?
By taking quiz, you will be able to see which one of our courses suits with your requirements and needs more
Frequently Asked Questions
The proposed training modules are designed to provide operable knowledge and operational skills to the participants. Our pedagogy is based on a set of concrete and practical scenarios. Multiple roles are managed in the Airbus Cyberrange platform in order to perform various kinds of training sessions: blue team, red team, and others. It is possible to customize groups and rules in the Airbus Cyberrange platform to fit end-user needs on execution and creation. Each training is provided by Airbus Cybersecurity trainer that brings expertise in their respective fields of business to direct benefit to the trainees.
-
At least 80% of training content is made of practical exercises
-
Training content developed and run by active Cyber experts, with cybersecurity professional activities in Airbus CyberSecurity that also brings experience and references to the trainees already encountered examples.
-
Dedicated and realistic simulation environment including real security products and cyberattacks
With operational designed trainings, our courses are continuously updated by our educational engineers and expert trainers to adapt to needs. They focus on a direct practice of the concepts presented by alternating theory and practical exercises.
Contact us for more information

+41 44 501 40 73
available from 09:00 - 18:00
Address
email@swisscyberinstitute.com