Case management Hardening Clinic
RCCE students will learn security incident case management including ticket creation, case assignment, evidence tracking, investigation workflow management, and case closure procedures. RCCE students will learn to configure and operate security case management platforms, define case severity and priority classifications, manage evidence chain of custody within case records, track investigation progress and analyst workload, escalate cases based on defined criteria, generate case metrics and reporting dashboards, integrate case management with SIEM and SOAR platforms, and maintain comprehensive case documentation that supports legal proceedings and regulatory inquiries. This hands-on hardening course focuses on reducing attack surface through practical configuration changes and security guardrails. At an expert level, RCCE students will learn to apply hardening baselines, validate configurations, and measure the security improvement achieved. Students walk away with actionable hardening checklists and the skills to maintain hardened configurations as environments evolve.
- SOC Analysts and Incident Responders
- Detection Engineers and SIEM Content Authors
- Threat Hunters improving adversary coverage
- Security Operations Team Leads
- Professionals implementing Case management Hardening Clinic
- Execute hands-on tasks for case management
- Execute hands-on tasks for hardening clinic
- Explain Course Overview fundamentals
- Integrate privilege controls with identity providers and SIEM telemetry
- Execute hands-on tasks for hardening focus — covering Ticket creation &, SIEM & SOAR connectivity.
- Execute hands-on tasks for topic map — 16 domains
- Execute hands-on tasks for 01 case management fundamentals
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for 10 threat landscape & failure modes
- Execute hands-on tasks for 03 ticket creation & intake
- Execute hands-on tasks for 04 severity & priority classification
- Build detections and response workflows for privilege escalation
| Module 01 | Case Management |
| Module 02 | Hardening Clinic |
| Module 03 | Course Overview |
| Module 04 | Platform Integration |
| Module 05 | Hardening Focus |
| Module 06 | Topic Map — 16 Domains |
| Module 07 | 01 Case Management Fundamentals |
| Module 08 | 02 Platform Architecture |
| Module 09 | 10 Threat Landscape & Failure Modes |
| Module 10 | 03 Ticket Creation & Intake |
| Module 11 | 04 Severity & Priority Classification |
| Module 12 | 12 Detection & Protection Controls |
| Module 13 | 05 Case Assignment & Workload |
| Module 14 | Case Management Fundamentals |
All hands-on labs run on Rocheston Rose X OS. Students practice case management hardening clinic by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for case management
- Lab 2: Execute hands-on tasks for hardening clinic
- Lab 3: Explain Course Overview fundamentals
- Lab 4: Integrate privilege controls with identity providers and SIEM telemetry
- Lab 5: Execute hands-on tasks for hardening focus
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Case management Hardening Clinic, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI