Threat Detection and Response (TDR) Training in Transylvania

This instructor-led, live training in Transylvania (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to implement CTEM in their organizations.

By the end of this training, participants will be able to:

• Understand the principles and stages of CTEM.
• Identify and prioritize risks using CTEM methodologies.
• Integrate CTEM practices into existing security protocols.
• Utilize tools and technologies for continuous threat management.
• Develop strategies to validate and improve security measures continuously.

This instructor-led, live training in Transylvania (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to leverage DeepSeek for advanced threat detection and automation.

By the end of this training, participants will be able to:

• Utilize DeepSeek AI for real-time threat detection and analysis.
• Implement AI-driven anomaly detection techniques.
• Automate security monitoring and response using DeepSeek.
• Integrate DeepSeek into existing cybersecurity frameworks.

OpenEDR is an open-source endpoint detection and response platform that provides continuous telemetry, detection, and analysis of adversarial activity on endpoints.

This instructor-led, live training (online or onsite) is aimed at beginner-level to intermediate-level IT and security professionals who wish to deploy, configure, and operate OpenEDR to detect and respond to cyber threats.

By the end of this training, participants will be able to:

• Deploy and configure OpenEDR agents and server components for telemetry collection.
• Perform basic detection and monitoring using OpenEDR dashboards and event views.
• Analyze endpoint events to identify suspicious activity and potential threats.
• Integrate OpenEDR alerts into incident response workflows and reporting.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

OpenEDR is an open-source endpoint detection and response platform that provides analytic detection with MITRE ATT&CK visibility for event correlation and root cause analysis of adversarial activity in real time.

This instructor-led, live training (online or onsite) is aimed at advanced-level SOC analysts, threat hunters, and incident responders who wish to design and operate threat-hunting programs using OpenEDR and map detections to the MITRE ATT&CK framework.

By the end of this training, participants will be able to:

• Deploy and configure OpenEDR agents and server components for telemetry collection and analysis.
• Map observable endpoint telemetry to MITRE ATT&CK techniques and build detection logic accordingly.
• Design and execute threat-hunting workflows that use behavioral analytics and event correlation to identify adversarial activity.
• Integrate OpenEDR findings into incident response playbooks and perform root cause analysis.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Ransomware is a form of malicious software designed to encrypt data and extort organizations.

This instructor-led, live training (online or onsite) is aimed at intermediate-level security professionals who wish to strengthen their negotiation strategies and improve their intelligence capabilities during ransomware incidents.

After completing this training, participants will be able to:

• Assess the structure, behavior, and lifecycle of modern ransomware campaigns
• Apply proven negotiation frameworks to real-world ransomware scenarios
• Gather, analyze, and operationalize threat intelligence for ransomware defense
• Coordinate effectively with stakeholders, law enforcement, and external partners during an attack

Format of the Course:

• Expert-led presentations supported by real case studies
• Interactive exercises simulating ransomware negotiations
• Hands-on practice with intelligence tools in a controlled lab environment

Course Customization Options:

• If your organization requires a tailored version of this training, please contact us for customization options.

This instructor-led, live training in Transylvania (online or onsite) is aimed at advanced-level cyber security professionals who wish to understand Cyber Threat Intelligence and learn skills to effectively manage and mitigate cyber threats.

By the end of this training, participants will be able to:

• Understand the fundamentals of Cyber Threat Intelligence (CTI).
• Analyze the current cyber threat landscape.
• Collect and process intelligence data.
• Perform advanced threat analysis.
• Leverage Threat Intelligence Platforms (TIPs) and automate threat intelligence processes.

Detection engineering is the practice of designing, implementing, and refining methods to identify malicious behavior across systems and networks.

This instructor-led, live training (online or onsite) is aimed at beginner-level cybersecurity practitioners who wish to gain practical skills in building and tuning security detections.

Upon completion of this training, participants will have the skills needed to:

• Develop effective detection rules and signatures using common security tools.
• Interpret logs and telemetry to identify suspicious behaviors.
• Apply threat intelligence to strengthen detection logic.
• Optimize alerts and reduce false positives within a SOC workflow.

Format of the Course

• Guided instruction with practical demonstrations.
• Scenario-driven exercises and hands-on analysis.
• Real-world detection building within an interactive lab environment.

Course Customization Options

• If your organization requires a tailored version of this program, please contact us to discuss customization options.

Certified Incident Handler is a course that provides a structured approach to managing and responding to cybersecurity incidents effectively and efficiently.

This instructor-led, live training (online or onsite) is aimed at intermediate-level IT security professionals who wish to develop the tactical skills and knowledge needed to plan, classify, contain, and manage security incidents.

By the end of this training, participants will be able to:

• Understand the incident response lifecycle and its phases.
• Execute incident detection, classification, and notification procedures.
• Apply containment, eradication, and recovery strategies effectively.
• Develop post-incident reporting and continuous improvement plans.

Format of the Course

• Interactive lecture and discussion.
• Hands-on use of incident handling procedures in simulated scenarios.
• Guided exercises focused on detection, containment, and response workflows.

Course Customization Options

• To request a customized training for this course based on your organization's incident response procedures or tools, please contact us to arrange.

Bug Bounty: Advanced Techniques and Automation is a deep dive into high-impact vulnerabilities, automation frameworks, recon techniques, and the tooling strategies used by elite bug bounty hunters.

This instructor-led, live training (online or onsite) is aimed at intermediate-level to advanced-level security researchers, penetration testers, and bug bounty hunters who wish to automate their workflows, scale reconnaissance, and discover complex vulnerabilities across multiple targets.

By the end of this training, participants will be able to:

• Automate reconnaissance and scanning for multiple targets.
• Leverage cutting-edge tools and scripts used in bounty automation.
• Discover complex, logic-based vulnerabilities beyond standard scans.
• Build custom workflows for subdomain enumeration, fuzzing, and reporting.

Format of the Course

• Interactive lecture and discussion.
• Hands-on use of advanced tools and scripting for automation.
• Guided labs focused on real-world bounty workflows and advanced attack chains.

Course Customization Options

• To request a customized training for this course based on your bounty targets, automation needs, or internal security challenges, please contact us to arrange.

Bug Bounty Hunting is the practice of identifying security vulnerabilities in software, websites, or systems and responsibly reporting them for rewards or recognition.

This instructor-led, live training (online or onsite) is aimed at beginner-level security researchers, developers, and IT professionals who wish to learn the fundamentals of ethical bug hunting and how to participate in bug bounty programs.

By the end of this training, participants will be able to:

• Understand the core concepts of vulnerability discovery and bug bounty programs.
• Use key tools like Burp Suite and browser dev tools for testing applications.
• Identify common web security flaws such as XSS, SQLi, and CSRF.
• Submit clear, actionable vulnerability reports to bug bounty platforms.

Format of the Course

• Interactive lecture and discussion.
• Hands-on use of bug bounty tools in simulated testing environments.
• Guided exercises focused on discovering, exploiting, and reporting vulnerabilities.

Course Customization Options

• To request a customized training for this course based on your organization's applications or testing needs, please contact us to arrange.

This instructor-led, live training in Transylvania (online or onsite) is aimed at intermediate-level duty managers and operational leaders who wish to build robust cyber resilience strategies to safeguard their organizations against cyber threats.

By the end of this training, participants will be able to:

• Understand cyber resilience fundamentals and their relevance to duty management.
• Develop incident response plans to maintain operational continuity.
• Identify potential cyber threats and vulnerabilities within their environment.
• Implement security protocols to minimize risk exposure.
• Coordinate team response during cyber incidents and recovery processes.

This instructor-led, live training in Transylvania (online or onsite) is aimed at intermediate-level IT security professionals who wish to develop skills in security monitoring, analysis, and response.

By the end of this training, participants will be able to:

• Understand the role of a Blue Team in cybersecurity operations.
• Use SIEM tools for security monitoring and log analysis.
• Detect, analyze, and respond to security incidents.
• Perform network traffic analysis and threat intelligence gathering.
• Apply best practices in security operations center (SOC) workflows.

This instructor-led, live training in Transylvania (online or onsite) is aimed at intermediate-level to advanced-level cybersecurity professionals who wish to elevate their skills in AI-driven threat detection and incident response.

By the end of this training, participants will be able to:

• Implement advanced AI algorithms for real-time threat detection.
• Customize AI models for specific cybersecurity challenges.
• Develop automation workflows for threat response.
• Secure AI-driven security tools against adversarial attacks.

This instructor-led, live training in Transylvania (online or onsite) is aimed at beginner-level cybersecurity professionals who wish to learn how to leverage AI for improved threat detection and response capabilities.

By the end of this training, participants will be able to:

• Understand AI applications in cybersecurity.
• Implement AI algorithms for threat detection.
• Automate incident response with AI tools.
• Integrate AI into existing cybersecurity infrastructure.

This instructor-led, live training in Transylvania (online or onsite) is aimed at beginner to intermediate-level security analysts and system administrators who wish to establish a foundational understanding of Cyber Defence (SOC) analysis.

By the end of this training, participants will be able to:

• Understand the principles of Security Management in a Cyber Defence context.
• Execute effective Incident Response strategies to mitigate security incidents.
• Implement Security Education practices to enhance organizational awareness and preparedness.
• Manage and analyze Security Information for proactive threat identification.
• Utilize Event Management techniques to monitor and respond to security events.
• Implement Vulnerability Management processes to identify and address system vulnerabilities.
• Develop skills in Threat Detection to identify and respond to potential cyber threats.
• Participate in Simulated Attacks to test and improve incident response capabilities.

The Certified Digital Forensics Examiner vendor neutral certification is designed to train Cyber Crime and Fraud Investigators whereby students are taught electronic discovery and advanced investigation techniques. This course is essential to anyone encountering digital evidence while conducting an investigation.

The Certified Digital Forensics Examiner training teaches the methodology for conducting a computer forensic examination.  Students will learn to use forensically sound investigative techniques in order to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain chain-of-custody, and write a findings report.

The Certified Digital Forensics Examiner course will benefit organizations, individuals, government offices, and law enforcement agencies interested in pursuing litigation, proof of guilt, or corrective action based on digital evidence.

This course discusses how to manage an incident response team. how the first responder act, given the frequency and complexity of today's cyber attacks, incident response is a critical function for organizations.

Incident response is the last line of defense, detecting and efficiently responding to incidents requires strong management processes, and managing an incident response team requires special skills and knowledge

This instructor-led, live training in Transylvania (online or onsite) covers the different aspects of enterprise security, from AI to database security. It also includes coverage of the latest tools, processes and mindset needed to protect from attacks. 

In this course, you will learn the principles and techniques for digital forensics investigation and the spectrum of available computer forensics tools. You will learn about core forensics procedures to ensure court admissibility of evidence, as well as the legal and ethical implications.

You will learn how to perform a forensic investigation on both Unix/Linux and Windows systems with different file systems. with many advanced topics like wireless, network, web, DB and Mobile crimes investigation    
 

This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

The purpose of the Ethical Hacking Training is to:

• Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
• Inform the public that credentialed individuals meet or exceed the minimum standards.
• Reinforce ethical hacking as a unique and self-regulating profession.

Audience:

The Course is ideal for those working in positions such as, but not limited to:

• Security Engineers
• Security Consultants
• Security Managers
• IT Director/Managers
• Security Auditors
• IT Systems Administrators
• IT Network Administrators
• Network Architects
• Developers

This instructor-led, live training in Transylvania (online or onsite) is aimed at computer users who wish to understand malware and take appropriate measures to minimize its threat.

By the end of this training, participants will be able to:

• Understand the concept of malware.
• Identify the different types of malware.
• Take necessary steps to mitigate malware (procedural, technological, awareness, etc).

The Certified Ethical Hacker certification is a sought-after cybersecurity certification around the world.

This program incorporates instruction and practice to get students ready to take the CEH certification exam as well as the CEH Practical Exam. Candidates who successfully pass both exams earn the CEH Master credential as well as their CEH certification.

Students are given the choice to add either the CPENT or the CHFI course to their package.

Training for either the Certified Penetration Testing Professional (CPENT) course or the Computer Hacking Forensic Investigator (CHFI) course will be given to each student via EC-Council’s online, self-paced, streaming video program.

CPENT (Pen-test):
Teaches students how to apply the concepts and tools taught in the CEH program to a pen-test methodology in a live cyber range.

CHFI (Computer Forensics):
Teaches students a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence.

Course Description

CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to set up your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident.

CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure.

Who Should Attend

• Law enforcement personnel
• System administrators
• Security officers
• Defense and military personnel
• Legal professionals
• Bankers
• Security professionals

About the Certified Ethical Hacker Master

To earn the CEH Master certification, you must pass the CEH Practical exam. The CEH Practical Exam was designed to give students a chance to prove they can execute the principals taught in the CEH course. The practical exam requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, and more.

The CEH Practical does not contain simulations. Rather, you will be challenging a live range which was designed to mimic a corporate network through the use of live virtual machines, networks, and applications.

Successfully completing the challenges found in the CEH Practical Exam is the next step after attaining the Certified Ethical Hacker (CEH) certification. Successfully passing both the CEH exam and the CEH Practical will earn you the additional certification of CEH Master.

About the Certified Ethical Hacker Practical

To prove that you are skilled in ethical hacking, we test your abilities with real-world challenges in a real-world environment, using labs and tools requiring you to complete specific ethical hacking challenges within a time limit, just as you would face in the real world.

The EC-Council CEH (Practical) exam is comprised of a complex network that replicates a large organization’s real-life network and consists of various network systems (including DMZ, Firewalls, etc.). You must apply your ethical hacking skills to discover and exploit real-time vulnerabilities while also auditing the systems.

About CPENT

EC-Council’s Certified Penetration Tester (CPENT) program is all about the pen test and will teach you to perform in an enterprise network environment that must be attacked, exploited, evaded, and defended. If you have only been working in flat networks, CPENT’s live practice range will teach you to take your skills to the next level by teaching you to pen test IoT systems, OT systems, as well as how to write your own exploits, build your own tools, conduct advanced binaries exploitation, double pivot to access hidden networks, and customization of scripts and exploits to get into the innermost segments of the network.

About CHFI

The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation.

This instructor-led, live training in Transylvania (online or onsite) is aimed at information system analysts who wish to use MITRE ATT&CK to decrease the risk of a security compromise.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start implementing MITRE ATT&CK.
• Classify how attackers interact with systems.
• Document adversary behaviors within systems.
• Track attacks, decipher patterns, and rate defense tools already in place.

This instructor-led, live training in Transylvania (online or onsite) is aimed at information analysts who wish to learn the techniques and processes behind social engineering so as to protect sensitive company information.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start creating custom malware.
• Backdoor legitimate web applications undetected.
• Deliver evil files as normal file types.
• Use social engineering techniques to lead targets into a fake website.