The calendar year isn't quite done yet, and we've squeezed a slew of new modules and some platform enhancements into 2023. Read on to learn more.
New Threat-Centric: Email Service Compromise
Teams can now assess their preparedness against Email Service Compromise. Teams proficient in defending against this threat have demonstrated skills in user behavior analysis, message analysis, and platform and message hardening. Admins can track their team's progress in this area by going to Threat-Centric reporting on the Admin dashboard, selecting the gear, and then selecting the "Email Service Compromise" threat. A customized Readiness Plan for this threat is also available.
Now in Beta: Google Cloud Platform Security Essentials
This Learning Path, currently in beta, provides a comprehensive understanding of Google Cloud's structure and services crucial for effective incident handling. Modules now available include Incident Response with Google Cloud Netflow Logging, Google Cloud Data Access Logging in IR, and Google Cloud VM Forensics.
Recently Released Modules
AWS
- Introduction to AWS Identity and Access Management
- Implementing Multi-Factor Authentication in AWS
- AWS Organizations and Service Control Policies
- Identity Federation and Single Sign-On in AWS
- Securing AWS APIs
Azure
- Microsoft Entra ID: Sign-in Logs Analysis
- Microsoft Entra ID: Audit Logs Analysis
- Unified Audit Log Overview
- Unified Audit Log Overview
- OAuth Security Overview
- OAuth App Analysis
- Introduction to Azure Hierarchy
- Azure Compute Overview
- Azure Network Overview
- Mailbox Audit Log Overview
- Microsoft 365 Forwarding Rules Overview
- Microsoft 365 Inbox Rules Analysis
- Microsoft 365 Transport Rules Analysis
- Introduction to Azure Storage Account Security
Cloud
- Message Trace Logs Overview
- Introduction to Google Cloud for Incident Response
CVEs
- CVE-2023-38831 WinRAR - Arbitrary Code Execution
- CVE-2023-23397 Microsoft Outlook: Privilege Elevation
- CVE-2023-29357 SharePoint Server: Privilege Elevation
Digital Forensics
- Evidence Acquisition and Preservation
Ransomware
- Analyzing LockBit Ransomware