eLearnSecurity - IHRPv1 - Incident Handling and Reponse

averageguy72averageguy72 Senior MemberPosts: 269Member ■■■□□□□□□□
eLearnSecurity is launching a new course focused on Incident Handling

Registration for the overview webinar is below.

https://www.elearnsecurity.com/resources/webinars/ihrpv1_preview
CISSP / CCSP / CCSK / CRISC / CISM / CISA / CASP / Security+ / Network+ / A+ / CEH / eNDP / AWS Certified Solutions Architect - Professional / AWS Certified SysOps Administrator - Associate / AWS Certified Solutions Architect - Associate / AWS Certified Developer - Associate
Tagged:
«134

Comments

  • r3nzsecr3nzsec Posts: 39Member ■■■□□□□□□□
    Excited about this course launch!!
  • SylabicumaSylabicuma Junior Member Posts: 25Member ■■■□□□□□□□
    Just registered. Thanks for this!
  • cyberguyprcyberguypr Senior Member Posts: 6,705Mod Mod
    I am very curious. I just hired a kid fresh out of college for my IR team and this has potential. 
  • r3nzsecr3nzsec Posts: 39Member ■■■□□□□□□□
    I am very curious. I just hired a kid fresh out of college for my IR team and this has potential. 
    kudos to those hiring managers who are giving chance to these young fellows. Give him eLearnSecurity courses and he will be good for sure!
  • u1trasu1tras Member MoscowPosts: 81Member ■■■□□□□□□□
    Really want to see the syllabus of the course! 
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • impelseimpelse Posts: 1,227Member ■■■■□□□□□□
    Look interesting

    Blog: learn-security.net

    Computer Support Houston Area: thehost1.com
  • DatabaseHeadDatabaseHead Senior Member Posts: 2,411Member ■■■■■■■■□□
    edited November 2018
    For junior and intermediate roles I prefer freshers from quality schools.  In regards to the course look promising!  Thanks for sharing

  • r3nzsecr3nzsec Posts: 39Member ■■■□□□□□□□
    Can't wait for the syllabus to come out. Just received an email from ELS last night and they said they got a thousand of registrants 48 hours after releasing the webinar invite. They also revealed that this IR course is based on standard framework (NIST) with cutting edge and proven real life experience. :)
  • Danielm7Danielm7 Posts: 2,226Member ■■■■■■■□□□
    I'm interested in seeing it too, FWIW they always say they got a thousand registrants and to register quickly. At this point it just sounds like a sales tactic  :wink:
  • Skyyyyy2001Skyyyyy2001 Posts: 57Member ■■■□□□□□□□
    Cost will be my number 1 decision factor to consider and also what types of labs it offers.
  • PenguineerPenguineer Posts: 16Member ■■■□□□□□□□
    Price is a big factor for me as well. I'm predicting that it is going to be priced similarly to eCPPT (1,199 - 1,599) because they're calling it "the eCPPT of IR" 
  • u1trasu1tras Member MoscowPosts: 81Member ■■■□□□□□□□
    Will be available any discounts for existing courses? That's an interesting question too.
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • wd40wd40 Senior Member Posts: 985Member ■■■■□□□□□□
    They usually give discounts to existing students.
  • u1trasu1tras Member MoscowPosts: 81Member ■■■□□□□□□□
    wd40 said:
    They usually give discounts to existing students.
    Do you mean to those who was previosly completed some other their courses?
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • r3nzsecr3nzsec Posts: 39Member ■■■□□□□□□□
    u1tras said:
    wd40 said:
    They usually give discounts to existing students.
    Do you mean to those who was previosly completed some other their courses?
    They do provide normally 40% off to the existing students. Meaning, those who we were able to purchased at least one of their courses. 
  • u1trasu1tras Member MoscowPosts: 81Member ■■■□□□□□□□
    edited December 2018
    That's interesting. If I purchase a new IHRP course with launch discount then I become an ELS student. And if I purchase another one course - will I get 40% off as a student? :) 
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • TimBakerTimBaker Junior Member Posts: 8Registered Users ■■□□□□□□□□
    The 40% discount usually applies only to newly launched courses. 
  • TimBakerTimBaker Junior Member Posts: 8Registered Users ■■□□□□□□□□
    I'm just curious how this will differ in content to THP since threat hunting is a part of incident response. I will wait and see what the course syllabus is like but I'm not so sure at the moment if it will offer any depth.

  • chrisonechrisone Senior Member Posts: 1,807Member ■■■■■■■■□□
    TimBaker said:
    I'm just curious how this will differ in content to THP since threat hunting is a part of incident response. I will wait and see what the course syllabus is like but I'm not so sure at the moment if it will offer any depth.

    Just make sure you watch the Webinar because they go into the syllabus and they do demonstrations. Sometime just looking at the syllabus may not do the content justice. A syllabus does not show "HOW" the subject is taught, only that the subject is taught. 
    2019 Goals:
    Courses: Real World Red Team Attacks- AppSec Cali 2019 (complete), Active Directory Attacks for Red and Blue Teams Advanced Edition - BlackHat,
    Certs: SLAE, Certified Red Team Professional - Pentester Academy (in progress), Certified Red Team Expert - Pentester Academy
  • u1trasu1tras Member MoscowPosts: 81Member ■■■□□□□□□□
    Just checked out last year's discounts from eLS. There was about 40% off for the new launched THP course and $200 gift card for other courses. Hope they'll repeat it again:) 
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • SylabicumaSylabicuma Junior Member Posts: 25Member ■■■□□□□□□□
    Did anyone attend this webinar? I wasn't able to attend.
  • Danielm7Danielm7 Posts: 2,226Member ■■■■■■■□□□
    I got a bit in and then someone came in and I had to run out. Beginning was all hype so I didn't get to see actual content yet. 
  • r3nzsecr3nzsec Posts: 39Member ■■■□□□□□□□
    I was able to attend and I was impressed. They are giving 50% off up to this month. If you are a current els student, you will get 50% off plus unlimited lab time. Regarding the syllabus, the content looks very competitive and helpful to soc team members. I always encounter all those topics in interview for a senior soc position. I would definitely purchase this one. 
  • Skyyyyy2001Skyyyyy2001 Posts: 57Member ■■■□□□□□□□
    It's hard to say no when given a 50% discount off and unlimited lab time.... haha

    But I will need a weekend to seriously think about it though and look at what others have to say in the forum before flashing my credit card.
  • PenguineerPenguineer Posts: 16Member ■■■□□□□□□□
    edited December 2018
    So I just compared the syllabus of IHRP to a couple of SANS courses and there is A LOT of overlap between this course and SANS SEC504/SANS SEC555.

    IHRP Section: Practical Incident Handling
    Aligns with: SEC 504 heavily.
    25 bullet points in this section align with the bullet points in the SANS 504 course. Don't believe me? Crack open your books and have a look for yourself. I found it interesting that IHRP is covering BGP hijacking as one of the exploitation techniques. I also found it interesting that war driving/war dialing is covered in the Reconnaissance section.

    IHRP Section: SOC3.0 Operations and Analytics
    Aligns with: SANS SEC 555 heavily.

    I think that this course is definitely worth it just based off of the Table of Contents alone and the alignment to the above SANS courses. It also comes with downloadable materials, videos, and unlimited lab time at a fraction of the price of SANS. I was on the fence about buying it until I saw the similarities that it had with 504/555. 

    What do you guys think about these similarities?
  • Skyyyyy2001Skyyyyy2001 Posts: 57Member ■■■□□□□□□□
    edited December 2018
    So I just compared the syllabus of IHRP to a couple of SANS courses and there is A LOT of overlap between this course and SANS SEC504/SANS SEC555.

    IHRP Section: Practical Incident Handling
    Aligns with: SEC 504 heavily.
    25 bullet points in this section align with the bullet points in the SANS 504 course. Don't believe me? Crack open your books and have a look for yourself. I found it interesting that IHRP is covering BGP hijacking as one of the exploitation techniques. I also found it interesting that war driving/war dialing is covered in the Reconnaissance section.

    IHRP Section: SOC3.0 Operations and Analytics
    Aligns with: SANS SEC 555 heavily.

    I think that this course is definitely worth it just based off of the Table of Contents alone and the alignment to the above SANS courses. It also comes with downloadable materials, videos, and unlimited lab time at a fraction of the price of SANS. I was on the fence about buying it until I saw the similarities that it had with 504/555. 

    What do you guys think about these similarities?
    Wow that is great to know. 
  • TimBakerTimBaker Junior Member Posts: 8Registered Users ■■□□□□□□□□
    So I just compared the syllabus of IHRP to a couple of SANS courses and there is A LOT of overlap between this course and SANS SEC504/SANS SEC555.

    IHRP Section: Practical Incident Handling
    Aligns with: SEC 504 heavily.
    25 bullet points in this section align with the bullet points in the SANS 504 course. Don't believe me? Crack open your books and have a look for yourself. I found it interesting that IHRP is covering BGP hijacking as one of the exploitation techniques. I also found it interesting that war driving/war dialing is covered in the Reconnaissance section.

    IHRP Section: SOC3.0 Operations and Analytics
    Aligns with: SANS SEC 555 heavily.

    I think that this course is definitely worth it just based off of the Table of Contents alone and the alignment to the above SANS courses. It also comes with downloadable materials, videos, and unlimited lab time at a fraction of the price of SANS. I was on the fence about buying it until I saw the similarities that it had with 504/555. 

    What do you guys think about these similarities?
    That's an interesting observation you've made there. I too was on the fence, I thought it wouldn't cover much especially since they have a threat hunting course. I actually expected some fluff and then some overlap with THP content but as @chrisone ;advised, I looked at the content, saw the topics you've highlighted and concluded that there's definitely a lot of value in this course especially with the 50% discount.

    Has anyone here bought or done the THP course?  Which would you rather do, THP or IHRP and why?
  • u1trasu1tras Member MoscowPosts: 81Member ■■■□□□□□□□
    edited December 2018
    50% off for sure is very good. But what about practical labs? When we'll be able to see the list? I'll definitely enroll in THP course (thanks to $200 gift card), but without labs can't make a decision about IHRP.
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
  • SleepyLCTLSleepyLCTL Posts: 24Member ■■■□□□□□□□
    The practical labs are going to be published later. I guess they have finished barely half of the course so far. Also it's end of the year, so it's marketing move to do this pre-order.

    I think I am going to buy this, the content looks really nice, I think as a pentester, SOC T2 I could learn a lot, as I have basic usage of SIEM however I haven't seen anything like those "Practical anti-reconnaissance, exploitation" SIEM stuff...

    I am just concerned about the way how it's learned... Do we get only shitload of .pcaps? > very bad idea, would sue them. :| Or are going to do everything via Splunk > Awesome. Or ELK > also really good.
  • u1trasu1tras Member MoscowPosts: 81Member ■■■□□□□□□□
    I hope this "later" will be before 31th December)
    Certs: OSCP, eCTHP
    2019 Goals:
    eCTHP (done), FOR578 (done), FOR555 (done), Python (in progress), ELK, eCIR, SEC599, NetWars DFIR, FOR610
«134
Sign In or Register to comment.