Hero Banner

Foundation in Security Analytics

Discover how hackers exploit vulnerabilities to successfully launch their attacks


Explore attack manifestations & scenarios

Active Directory-based attacks

DNS, APTs, LAN, DDos & DoS attacks

Triage, detection & monitoring

Foundation in Security Analytics

It is essential to train and educate your team on the most relevant network threats and how hackers exploit vulnerabilities to successfully launch their attacks.

This two-day course is based on evidential information about cybersecurity attacks facing various organisations today. The course is based on our experience and interaction with our clients and other industry attack victims.  

This course is delivered by a very experienced senior leader and trainer. The trainer has extensive knowledge and expertise to manage and deliver a successful workshop, and he has experience in dealing with different verticals. Collectively, CMA and its specially-selected associates have an excellent track record of delivering engagements, small and large, supporting the information security and cyber incident management subjects. 


All attendees should have a basic understanding of information technology and must be able to understand the course content from a basic technology point of view.

Delegates will be able to:

  • Review the current threat landscape and cover the common attack vectors hackers are exploiting.
  • Analyse recent known and some unknown attacks and dive into the technical details on how they avoided detection.
  • Review the basic application of incident Triage, OODA and Diamond Methodology, and deep dive into the Cyber Kill Chain.
  • Understand the role log management plays in network-based attacks followed by a review of the most common log types and log sources in an organisation.
  • Review the most common SIEM products and technologies including security analytic approaches to SIEM.  We will also review NBAC – the Network Behaviour Anomaly Detection approach to identifying attacks.
  • Deep dive into some of the most relevant attack scenarios, analysing each attack with a technical and business focus.
  • Understand the critical role that vulnerability management and penetration testing play in understanding network-based attacks.
  • Produce a profile of attackers, their motivations and their capabilities.
  • Identify and review results of the current state of existing controls. This will include controls such as SIEM, identity and access management, logging and monitoring, and other relevant controls.

  New Call-to-action


Triage, Detection & Monitoring

Diamond Methodology
- Log Management
- Log Types
Deception Technology
- Visibility
Cyber Kill Chain

Attackers & Motivations

- Types of Attackers
- Privileges Insider
- Types of Attack Motivations
- Impact of Actions
- Attack Vectors

Define Normal

- Processes
- People 
- Technology

Attack Manifestation & Scenarios

Active Directory-Based Attacks & The Privileged User
- LAN-Based Attacks
- DDoS & DoS
- Advanced Persistent Threats

Host Based Attacks
  • testimonial_img.png

    Most of the networking aspects I already knew quite well, but the security concepts and in particular your anecdotes and commentary were very useful. I think you did a great job.

    Network Engineer

    Wynard Group

"We have to understand what the adversery is doing in order to be able to start thinking about how the organisation should look to respond."
Amar Singh, CEO & Founder

Book your Anatomy of a Network Attack course. 

This course is available as internal training course delivered on client site or alternatively you can attend one of our public courses. Please fill in the form below and one of our team will get in touch to discuss your requirments. 

  • callOr call us on:
  • +44 (0) 203 189 1422