eLearnSecurity - IHRPv1 - Incident Handling and Reponse

averageguy72averageguy72 Member Posts: 323 ■■■■□□□□□□
eLearnSecurity is launching a new course focused on Incident Handling

Registration for the overview webinar is below.

https://www.elearnsecurity.com/resources/webinars/ihrpv1_preview
CISSP / CCSP / CCSK / CRISC / CISM / CISA / CASP / Security+ / Network+ / A+ / CEH / eNDP / AWS Certified Advanced Networking - Specialty / AWS Certified Security - Specialty / AWS Certified DevOps Engineer - Professional / AWS Certified Solutions Architect - Professional / AWS Certified SysOps Administrator - Associate / AWS Certified Solutions Architect - Associate / AWS Certified Developer - Associate / AWS Cloud Practitioner
Tagged:
«13456

Comments

  • r3nzsecr3nzsec Member Posts: 39 ■■■□□□□□□□
    Excited about this course launch!!
  • SylabicumaSylabicuma Member Posts: 26 ■■■□□□□□□□
    Just registered. Thanks for this!
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    I am very curious. I just hired a kid fresh out of college for my IR team and this has potential. 
  • r3nzsecr3nzsec Member Posts: 39 ■■■□□□□□□□
    I am very curious. I just hired a kid fresh out of college for my IR team and this has potential. 
    kudos to those hiring managers who are giving chance to these young fellows. Give him eLearnSecurity courses and he will be good for sure!
  • u1trasu1tras Member Posts: 81 ■■■□□□□□□□
    Really want to see the syllabus of the course! 
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • impelseimpelse Member Posts: 1,237 ■■■■□□□□□□
    Look interesting

    Stop RDP Brute Force Attack with our RDP Firewall : http://www.thehost1.com
    It is your personal IPS to stop the attack.

  • DatabaseHeadDatabaseHead Member Posts: 2,757 ■■■■■■■■■■
    edited November 2018
    For junior and intermediate roles I prefer freshers from quality schools.  In regards to the course look promising!  Thanks for sharing

  • r3nzsecr3nzsec Member Posts: 39 ■■■□□□□□□□
    Can't wait for the syllabus to come out. Just received an email from ELS last night and they said they got a thousand of registrants 48 hours after releasing the webinar invite. They also revealed that this IR course is based on standard framework (NIST) with cutting edge and proven real life experience. :)
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    I'm interested in seeing it too, FWIW they always say they got a thousand registrants and to register quickly. At this point it just sounds like a sales tactic  :wink:
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    Cost will be my number 1 decision factor to consider and also what types of labs it offers.
  • PenguineerPenguineer Member Posts: 16 ■■■□□□□□□□
    Price is a big factor for me as well. I'm predicting that it is going to be priced similarly to eCPPT (1,199 - 1,599) because they're calling it "the eCPPT of IR" 
  • u1trasu1tras Member Posts: 81 ■■■□□□□□□□
    Will be available any discounts for existing courses? That's an interesting question too.
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • wd40wd40 Member Posts: 1,017 ■■■■□□□□□□
    They usually give discounts to existing students.
  • u1trasu1tras Member Posts: 81 ■■■□□□□□□□
    wd40 said:
    They usually give discounts to existing students.
    Do you mean to those who was previosly completed some other their courses?
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • r3nzsecr3nzsec Member Posts: 39 ■■■□□□□□□□
    u1tras said:
    wd40 said:
    They usually give discounts to existing students.
    Do you mean to those who was previosly completed some other their courses?
    They do provide normally 40% off to the existing students. Meaning, those who we were able to purchased at least one of their courses. 
  • u1trasu1tras Member Posts: 81 ■■■□□□□□□□
    edited December 2018
    That's interesting. If I purchase a new IHRP course with launch discount then I become an ELS student. And if I purchase another one course - will I get 40% off as a student? :) 
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • TimBakerTimBaker Registered Users Posts: 14 ■■■□□□□□□□
    The 40% discount usually applies only to newly launched courses. 
  • TimBakerTimBaker Registered Users Posts: 14 ■■■□□□□□□□
    I'm just curious how this will differ in content to THP since threat hunting is a part of incident response. I will wait and see what the course syllabus is like but I'm not so sure at the moment if it will offer any depth.

  • chrisonechrisone Member Posts: 2,278 ■■■■■■■■■□
    TimBaker said:
    I'm just curious how this will differ in content to THP since threat hunting is a part of incident response. I will wait and see what the course syllabus is like but I'm not so sure at the moment if it will offer any depth.

    Just make sure you watch the Webinar because they go into the syllabus and they do demonstrations. Sometime just looking at the syllabus may not do the content justice. A syllabus does not show "HOW" the subject is taught, only that the subject is taught. 
    Certs: CISSP, EnCE, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, SC-300, AZ-900, AZ-500, VHL:Advanced+
    2023 Cert Goals: SC-100, eCPTX
  • u1trasu1tras Member Posts: 81 ■■■□□□□□□□
    Just checked out last year's discounts from eLS. There was about 40% off for the new launched THP course and $200 gift card for other courses. Hope they'll repeat it again:) 
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • SylabicumaSylabicuma Member Posts: 26 ■■■□□□□□□□
    Did anyone attend this webinar? I wasn't able to attend.
  • Danielm7Danielm7 Member Posts: 2,310 ■■■■■■■■□□
    I got a bit in and then someone came in and I had to run out. Beginning was all hype so I didn't get to see actual content yet. 
  • r3nzsecr3nzsec Member Posts: 39 ■■■□□□□□□□
    I was able to attend and I was impressed. They are giving 50% off up to this month. If you are a current els student, you will get 50% off plus unlimited lab time. Regarding the syllabus, the content looks very competitive and helpful to soc team members. I always encounter all those topics in interview for a senior soc position. I would definitely purchase this one. 
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    It's hard to say no when given a 50% discount off and unlimited lab time.... haha

    But I will need a weekend to seriously think about it though and look at what others have to say in the forum before flashing my credit card.
  • PenguineerPenguineer Member Posts: 16 ■■■□□□□□□□
    edited December 2018
    So I just compared the syllabus of IHRP to a couple of SANS courses and there is A LOT of overlap between this course and SANS SEC504/SANS SEC555.

    IHRP Section: Practical Incident Handling
    Aligns with: SEC 504 heavily.
    25 bullet points in this section align with the bullet points in the SANS 504 course. Don't believe me? Crack open your books and have a look for yourself. I found it interesting that IHRP is covering BGP hijacking as one of the exploitation techniques. I also found it interesting that war driving/war dialing is covered in the Reconnaissance section.

    IHRP Section: SOC3.0 Operations and Analytics
    Aligns with: SANS SEC 555 heavily.

    I think that this course is definitely worth it just based off of the Table of Contents alone and the alignment to the above SANS courses. It also comes with downloadable materials, videos, and unlimited lab time at a fraction of the price of SANS. I was on the fence about buying it until I saw the similarities that it had with 504/555. 

    What do you guys think about these similarities?
  • Skyyyyy2001Skyyyyy2001 Member Posts: 57 ■■■□□□□□□□
    edited December 2018
    So I just compared the syllabus of IHRP to a couple of SANS courses and there is A LOT of overlap between this course and SANS SEC504/SANS SEC555.

    IHRP Section: Practical Incident Handling
    Aligns with: SEC 504 heavily.
    25 bullet points in this section align with the bullet points in the SANS 504 course. Don't believe me? Crack open your books and have a look for yourself. I found it interesting that IHRP is covering BGP hijacking as one of the exploitation techniques. I also found it interesting that war driving/war dialing is covered in the Reconnaissance section.

    IHRP Section: SOC3.0 Operations and Analytics
    Aligns with: SANS SEC 555 heavily.

    I think that this course is definitely worth it just based off of the Table of Contents alone and the alignment to the above SANS courses. It also comes with downloadable materials, videos, and unlimited lab time at a fraction of the price of SANS. I was on the fence about buying it until I saw the similarities that it had with 504/555. 

    What do you guys think about these similarities?
    Wow that is great to know. 
  • TimBakerTimBaker Registered Users Posts: 14 ■■■□□□□□□□
    So I just compared the syllabus of IHRP to a couple of SANS courses and there is A LOT of overlap between this course and SANS SEC504/SANS SEC555.

    IHRP Section: Practical Incident Handling
    Aligns with: SEC 504 heavily.
    25 bullet points in this section align with the bullet points in the SANS 504 course. Don't believe me? Crack open your books and have a look for yourself. I found it interesting that IHRP is covering BGP hijacking as one of the exploitation techniques. I also found it interesting that war driving/war dialing is covered in the Reconnaissance section.

    IHRP Section: SOC3.0 Operations and Analytics
    Aligns with: SANS SEC 555 heavily.

    I think that this course is definitely worth it just based off of the Table of Contents alone and the alignment to the above SANS courses. It also comes with downloadable materials, videos, and unlimited lab time at a fraction of the price of SANS. I was on the fence about buying it until I saw the similarities that it had with 504/555. 

    What do you guys think about these similarities?
    That's an interesting observation you've made there. I too was on the fence, I thought it wouldn't cover much especially since they have a threat hunting course. I actually expected some fluff and then some overlap with THP content but as @chrisoneadvised, I looked at the content, saw the topics you've highlighted and concluded that there's definitely a lot of value in this course especially with the 50% discount.

    Has anyone here bought or done the THP course?  Which would you rather do, THP or IHRP and why?
  • u1trasu1tras Member Posts: 81 ■■■□□□□□□□
    edited December 2018
    50% off for sure is very good. But what about practical labs? When we'll be able to see the list? I'll definitely enroll in THP course (thanks to $200 gift card), but without labs can't make a decision about IHRP.
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • SleepyLCTLSleepyLCTL Member Posts: 28 ■■■□□□□□□□
    The practical labs are going to be published later. I guess they have finished barely half of the course so far. Also it's end of the year, so it's marketing move to do this pre-order.

    I think I am going to buy this, the content looks really nice, I think as a pentester, SOC T2 I could learn a lot, as I have basic usage of SIEM however I haven't seen anything like those "Practical anti-reconnaissance, exploitation" SIEM stuff...

    I am just concerned about the way how it's learned... Do we get only shitload of .pcaps? > very bad idea, would sue them. :| Or are going to do everything via Splunk > Awesome. Or ELK > also really good.
  • u1trasu1tras Member Posts: 81 ■■■□□□□□□□
    I hope this "later" will be before 31th December)
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
Sign In or Register to comment.