// course
Blue Team Tactics Workshop
Detection engineering basics, log triage, and tabletop exercises without exploit glamor.
Cybersecurity Instructor-led cohort · 5 weeks ₫9,800,000 (info only)
Overview
Uses sanitized logs and open detection rules. Offensive tooling is out of scope to keep cohorts compliant with employer policies.
Included modules
- Detection rule readability critiques
- Triage checklist for noisy alerts
- Tabletop: credential stuffing scenario
- Vendor log format comparison
- Runbook skeleton workshop
- Privacy boundaries for analysts
- Executive summary writing drill
Outcomes
- Author a detection note peers can follow
- Run a 30-minute tabletop with your team
- Produce a one-page exec summary sample
FAQ
Not taught; we focus on detect and respond preparation.
Participant notes
Blue Team Tactics Workshop reframed alert noise as a communication problem — helpful lens.