Range Days are to security analysts, incident responders, and threat hunters what flight simulators are to fighter pilots: the best way to build experience without catastrophic consequence. They are opportunities for hunters and their teams to grow their experience, stay current with the latest threat actors, and keep their security operations teams sharp.
Range Days give students hands-on experience with significant threat groups and attacker techniques in an open, more autonomous format. Our live enterprise network enables students to hunt within a complex multi-user environment, coordinate as a team, and systematically assess efforts.
The day starts with a threat intelligence brief and/or a SOC alert to provide a starting point for students to begin hunting and responding to incidents throughout the environment. The rest of the day is a blend of adversary hunting, investigative build-out, and personal dissections of observed activity.
Instructors are available for support and provide detailed after actions and assessment at the end of the day. This course is intended to be an "open play" style event, where students have an opportunity to gain individual experience hunting and exploring specific scenarios, in a self-directed format.
By the end of a NDR Range Day, students will have gained additional experience in specific components of threat hunting and incident response. They will leave the course with practiced detection capabilities, tools for incident tracking, collaboration and enrichment, and new approaches to hunt evil in their networks.