Network Forensics Master Course

Network Forensics Master Course

Network forensics is a cornerstone activity of any security operations team. In this Master Course, we impart how to detect common and advanced attack techniques through a systematic review of network traffic and host logs. Dozens of exercises will be provided which will challenge and impart new knowledge to students of all skill level.
Theoretical knowledge makes up 40% of the class, and the other 60% consists of practical exercises. At the end of the course, a large-scale network forensics exercise is conducted that can be reproduced at your workplace.

Course Outcome
By the end of this course, students should be feel confident that they can deploy network security monitoring on any network (corporate, DMZ, OT, or in the Cloud) and detect attacks across the entire kill chain. Amongst the attack scenarios students would have learnt during the course are:
  • Detect data breaches due to web application vulnerabilities
  • Detect lateral movement into segmented networks and unauthorized access to critical devices
  • Detect stealthy espionage campaigns that make use of covert channels
  • Detect unauthorized privilege escalation and compromised user accounts
  • Detect man-in-the-middle attacks against local networks
  • Detect advanced taken-dow strategies
  • Reverse engineer custom network protocols and devise strategies to block adversaries
  • Build custom incident detection tools to automate the incident detection process

Intended Audience
Security analysts, forensics investigators, incident responders, and incident handlers with at least 2 years of professional experience detecting and responding to security incidents.


This course is taught by experienced Mossé Security’s instructors. Our instructors have over 10 years of experience delivering penetration testing, red teaming and incident response services for a multitude of industries that have involved complex and multi-faceted approaches. Our instructors each possess the right balance of corporate experience and are competently skilled in presenting and teaching to groups.

Beyond their technical abilities and years of professional experience, our instructors are also trained teachers and public speakers. Their manner of teaching easily conveys their passion for computer security to every one of our students.

What value do I receive when I attend a course with MCSI?

Notify Me!

We contact you next time this course runs