Active Defense and Cyber Deception

Another great course from John Strand, this time on Active Defense and Cyber Deception. Like SOC Core Skills, this was a 4-day intensive hands-on event, concluding on the certification date. The idea here is to make the attacker’s life miserable once they are inside. I extensively utilized John Strand’s IntroLabs GitHub repository within the metaCTF.com environment to actually deploy these defenses. I spent hands-on time configuring and launching tools like HoneyPorts, Canarytokens, Cowrie (SSH honeypot), Portspoof, and Spidertrap. It really changes the way you think about network defense when you move past just building walls and start actively laying traps and generating high-fidelity alerts through cyber deception.

View the official training page here

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top