Threat landscape Incident Response: Basics
RCCE students will learn the current cybersecurity threat landscape including advanced persistent threats, cybercrime ecosystems, hacktivism, insider threats, and emerging attack techniques. RCCE students will learn to track threat landscape changes through intelligence sources, assess organizational exposure to prevailing threats, map threats to specific business assets and processes, prioritize security investments based on threat-informed risk analysis, brief leadership on threat landscape developments, and continuously update security strategies as the threat landscape evolves across geopolitical, technological, and criminal dimensions. This incident response course prepares students to act decisively during security incidents with structured workflows and clear decision frameworks. Starting from foundational concepts, RCCE students will learn containment, evidence collection, eradication, and recovery procedures specific to this domain. Students practice incident scenarios that build the composure, coordination, and documentation skills essential for effective incident handling.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Threat landscape Incident Response: Basics
- Execute hands-on tasks for threat landscape &
- Build detections and response workflows for privilege escalation
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for threat landscape mapping
- Execute hands-on tasks for intelligence sources — covering Identify APTs, cybercrime, hacktivism, insider.
- Execute hands-on tasks for risk-based prioritization
- Execute hands-on tasks for module roadmap
- Execute hands-on tasks for what is the threat landscape? — covering Sum of all active threats to an, Geopolitical tensions drive nation-state.
- Execute hands-on tasks for threat landscape dimensions
- Execute hands-on tasks for advanced persistent threats
- Execute hands-on tasks for notable groups — covering APT28/29 (Russia) espionage ops.
- Execute hands-on tasks for intelligence and ip theft objectives — covering APT28/29 (Russia) espionage ops.
| Module 01 | Threat Landscape & |
| Module 02 | Incident Response: Basics |
| Module 03 | Learning Objectives |
| Module 04 | Threat Landscape Mapping |
| Module 05 | Intelligence Sources |
| Module 06 | Risk-Based Prioritization |
| Module 07 | Module Roadmap |
| Module 08 | What Is the Threat Landscape? |
| Module 09 | Threat Landscape Dimensions |
| Module 10 | Advanced Persistent Threats |
| Module 11 | Notable Groups |
| Module 12 | Intelligence and IP theft objectives |
| Module 13 | Threat intelligence feeds provide early warning of APT TTPs |
| Module 14 | Cybercrime Ecosystems |
All hands-on labs run on Rocheston Rose X OS. Students practice threat landscape incident response: basics by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for threat landscape &
- Lab 2: Build detections and response workflows for privilege escalation
- Lab 3: Execute hands-on tasks for learning objectives
- Lab 4: Execute hands-on tasks for threat landscape mapping
- Lab 5: Execute hands-on tasks for intelligence sources
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Threat landscape Incident Response: Basics, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI