• Online, Self-Paced
Course Description

Cloud storage is fast, affordable, and widely available. Adversaries take advantage of a tool that works well just like we do. It's even better when they can use a cloud storage provider your organization already uses, allowing them to exfiltrate data encrypted via HTTPS to a service that looks like normal traffic. Learn how to detect this today.

Learning Objectives

After completing MITRE ATT&CK TTP content, learners should be able to:
- Detect adversary usage of a technique or sub-technique in a hands-on environment.
- Explain possible approaches for setting up detection rules and recommending mitigations for the technique.
- Describe how an adversary might chain this technique together with adjacent or related techniques in order to accomplish objectives on goal.
- Provide examples of real-world procedures that illustrate the techniques.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Operations
  • Exploitation Analysis