Threat Detection and Response (TDR) Training in Plovdiv

This instructor-led, live training in Plovdiv (online or onsite) is designed for intermediate-level cybersecurity professionals looking to implement CTEM within their organizations.

By the conclusion of this training, participants will be equipped to:

• Grasp the core principles and stages of CTEM.
• Identify and prioritize risks using established CTEM methodologies.
• Seamlessly integrate CTEM practices into current security protocols.
• Leverage tools and technologies for ongoing threat management.
• Develop strategies to continuously validate and enhance security measures.

This instructor-led, live training in Plovdiv (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to leverage DeepSeek for advanced threat detection and automation.

By the end of this training, participants will be able to:

• Utilize DeepSeek AI for real-time threat detection and analysis.
• Implement AI-driven anomaly detection techniques.
• Automate security monitoring and response using DeepSeek.
• Integrate DeepSeek into existing cybersecurity frameworks.

OpenEDR is an open-source endpoint detection and response platform that provides continuous telemetry, detection, and analysis of adversarial activity on endpoints.

This instructor-led, live training (online or onsite) is aimed at beginner-level to intermediate-level IT and security professionals who wish to deploy, configure, and operate OpenEDR to detect and respond to cyber threats.

By the end of this training, participants will be able to:

• Deploy and configure OpenEDR agents and server components for telemetry collection.
• Perform basic detection and monitoring using OpenEDR dashboards and event views.
• Analyze endpoint events to identify suspicious activity and potential threats.
• Integrate OpenEDR alerts into incident response workflows and reporting.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

OpenEDR is an open-source endpoint detection and response platform that offers analytic detection with MITRE ATT&CK visibility for event correlation and root cause analysis of adversarial activity in real time.

This instructor-led, live training (online or onsite) is designed for advanced-level SOC analysts, threat hunters, and incident responders who want to design and operate threat-hunting programs using OpenEDR and map detections to the MITRE ATT&CK framework.

By the end of this training, participants will be able to:

• Deploy and configure OpenEDR agents and server components for telemetry collection and analysis.
• Map observable endpoint telemetry to MITRE ATT&CK techniques and build detection logic accordingly.
• Design and execute threat-hunting workflows that use behavioral analytics and event correlation to identify adversarial activity.
• Integrate OpenEDR findings into incident response playbooks and perform root cause analysis.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Ransomware constitutes a type of malicious software engineered to encrypt data and extort organizations.

This instructor-led, live training, available both online and onsite, targets intermediate-level security professionals seeking to enhance their negotiation strategies and intelligence capabilities during ransomware incidents.

Upon completing this training, participants will be equipped to:

• Evaluate the structure, behavior, and lifecycle of contemporary ransomware campaigns
• Apply established negotiation frameworks to real-world ransomware situations
• Collect, analyze, and utilize threat intelligence for ransomware defense
• Coordinate effectively with stakeholders, law enforcement, and external partners during an attack

Course Format:

• Expert-led presentations backed by real-case studies
• Interactive exercises simulating ransomware negotiations
• Hands-on practice with intelligence tools in a controlled lab environment

Course Customization Options:

• For organizations requiring a tailored version of this training, please contact us to explore customization options.

This instructor-led, live training in Plovdiv (online or onsite) is designed for advanced cyber security professionals who wish to understand Cyber Threat Intelligence and develop skills to effectively manage and mitigate cyber threats.

By the end of this training, participants will be able to:

• Understand the fundamentals of Cyber Threat Intelligence (CTI).
• Analyze the current cyber threat landscape.
• Collect and process intelligence data.
• Perform advanced threat analysis.
• Leverage Threat Intelligence Platforms (TIPs) and automate threat intelligence processes.

Detection engineering involves the design, implementation, and continuous refinement of methods to identify malicious activities across systems and networks.

This instructor-led live training, available online or onsite, is designed for beginner-level cybersecurity professionals seeking to acquire practical skills in creating and fine-tuning security detections.

Upon completing this training, participants will possess the following capabilities:

• Create effective detection rules and signatures using standard security tools.
• Analyze logs and telemetry data to pinpoint suspicious behaviors.
• Leverage threat intelligence to enhance detection logic.
• Refine alerts and minimize false positives within a SOC workflow.

Course Format

• Guided instruction accompanied by practical demonstrations.
• Scenario-based exercises and hands-on analysis.
• Building real-world detections in an interactive lab environment.

Customization Options

• If your organization requires a customized version of this program, please reach out to discuss your needs.

The Certified Incident Handler program offers a systematic methodology for effectively and efficiently managing and responding to cybersecurity incidents.

Delivered by an instructor via live online or onsite sessions, this training targets intermediate IT security professionals seeking to build the tactical expertise required to plan, categorize, contain, and oversee security incidents.

Upon completion, participants will be equipped to:

• Comprehend the incident response lifecycle and its distinct phases.
• Implement procedures for incident detection, classification, and notification.
• Effectively apply strategies for containment, eradication, and recovery.
• Create post-incident reports and continuous improvement initiatives.

Course Format

• Engaging lectures and interactive discussions.
• Practical application of incident handling procedures in simulated environments.
• Facilitated exercises concentrating on detection, containment, and response workflows.

Customization Options

• For tailored training aligned with your organization’s specific incident response protocols or tools, please contact us to make arrangements.

Bug Bounty: Advanced Techniques and Automation offers an in-depth exploration of high-impact vulnerabilities, automation frameworks, reconnaissance methodologies, and the strategic tooling employed by elite bug bounty hunters.

This instructor-led live training, available both online and onsite, targets intermediate to advanced security researchers, penetration testers, and bug bounty hunters who aim to automate their workflows, scale reconnaissance efforts, and uncover complex vulnerabilities across diverse targets.

Upon completing this training, participants will be capable of:

• Automating reconnaissance and scanning processes for multiple targets.
• Utilizing state-of-the-art tools and scripts essential for bounty automation.
• Identifying complex, logic-based vulnerabilities that go beyond standard scanning capabilities.
• Developing custom workflows for subdomain enumeration, fuzzing, and report generation.

Course Format

• Interactive lectures and discussions.
• Practical application of advanced tools and scripting techniques for automation.
• Guided labs focusing on real-world bounty workflows and sophisticated attack chains.

Customization Options

• For tailored training based on specific bounty targets, automation requirements, or internal security challenges, please contact us to arrange a customized session.

Bug Bounty Hunting involves identifying security weaknesses in software, websites, or systems and responsibly reporting them to receive rewards or recognition.

This instructor-led, live training (available online or onsite) is designed for beginner-level security researchers, developers, and IT professionals who wish to learn the fundamentals of ethical bug hunting and how to participate in bug bounty programs.

By the end of this training, participants will be able to:

• Understand the core concepts of vulnerability discovery and bug bounty programs.
• Use key tools like Burp Suite and browser dev tools for testing applications.
• Identify common web security flaws such as XSS, SQLi, and CSRF.
• Submit clear, actionable vulnerability reports to bug bounty platforms.

Format of the Course

• Interactive lecture and discussion.
• Hands-on use of bug bounty tools in simulated testing environments.
• Guided exercises focused on discovering, exploiting, and reporting vulnerabilities.

Course Customization Options

• To request a customized training for this course based on your organization's applications or testing needs, please contact us to arrange.

This instructor-led live training in Plovdiv (available online or onsite) is tailored for intermediate-level duty managers and operational leaders who aim to develop robust cyber resilience strategies to safeguard their organizations against cyber threats.

By the end of this training, participants will be able to:

• Understand the core concepts of cyber resilience and their application to duty management.
• Develop incident response plans to maintain operational continuity.
• Identify potential cyber threats and vulnerabilities within their environment.
• Implement security protocols to minimize risk exposure.
• Coordinate team response during cyber incidents and recovery processes.

This instructor-led, live training in Plovdiv (online or on-site) is designed for IT security professionals at an intermediate level who wish to develop skills in security monitoring, analysis, and response.

Upon completion of this training, participants will be able to:

• Comprehend the role of the Blue Team within cybersecurity operations.
• Utilize SIEM tools for security monitoring and log analysis.
• Identify, analyze, and respond to security incidents.
• Conduct network traffic analysis and gather threat intelligence.
• Implement best practices in Security Operations Center (SOC) workflows.

This instructor-led, live training in Plovdiv (online or onsite) is aimed at intermediate-level to advanced-level cybersecurity professionals who wish to elevate their skills in AI-driven threat detection and incident response.

By the end of this training, participants will be able to:

• Implement advanced AI algorithms for real-time threat detection.
• Customize AI models for specific cybersecurity challenges.
• Develop automation workflows for threat response.
• Secure AI-driven security tools against adversarial attacks.

This instructor-led, live training in Plovdiv (online or onsite) is designed for beginner-level cybersecurity professionals eager to learn how to utilize AI for enhanced threat detection and response capabilities.

Upon completion of this training, participants will be able to:

• Grasp AI applications within cybersecurity.
• Deploy AI algorithms for threat identification.
• Automate incident response using AI tools.
• Incorporate AI into current cybersecurity infrastructure.

This instructor-led live training in Plovdiv (online or on-site) is intended for beginner to intermediate-level security analysts and system administrators aiming to establish a foundational understanding of Cyber Defence (SOC) analysis.

By the conclusion of this training, participants will be able to:

• Understand the principles of Security Management in a Cyber Defence context.
• Execute effective Incident Response strategies to mitigate security incidents.
• Implement Security Education practices to enhance organizational awareness and preparedness.
• Manage and analyze Security Information for proactive threat identification.
• Utilize Event Management techniques to monitor and respond to security events.
• Implement Vulnerability Management processes to identify and address system vulnerabilities.
• Develop skills in Threat Detection to identify and respond to potential cyber threats.
• Participate in Simulated Attacks to test and improve incident response capabilities.

The vendor-neutral Certified Digital Forensics Examiner certification is designed to equip Cyber Crime and Fraud Investigators with skills in electronic discovery and advanced investigative methodologies. This course is indispensable for professionals who encounter digital evidence during their investigative work.

Training for the Certified Digital Forensics Examiner covers the systematic approach to conducting computer forensic examinations. Students will master forensically sound techniques to evaluate crime scenes, collect and document pertinent data, interview relevant personnel, preserve the chain of custody, and compile comprehensive findings reports.

The Certified Digital Forensics Examiner course offers significant value to organizations, individuals, government entities, and law enforcement agencies seeking to pursue litigation, establish proof of guilt, or implement corrective actions grounded in digital evidence.

This course provides an in-depth look at managing an incident response team. Given the increasing frequency and complexity of modern cyber attacks, incident response has become a vital function for organizations. First responders play a crucial role in mitigating risks.

As the final line of defense, effective incident response relies on detecting and addressing incidents efficiently through robust management processes. Leading an incident response team demands specialized skills and comprehensive knowledge.

This instructor-led, live training in Plovdiv (online or onsite) covers various aspects of enterprise security, from AI to database security. It also includes the latest tools, processes, and mindset needed to protect against attacks.

This course covers the fundamental principles and methodologies of digital forensic investigation, along with an overview of the various computer forensics tools available. Participants will gain insight into core forensic procedures necessary to ensure the admissibility of evidence in court, as well as the associated legal and ethical considerations.

You will learn how to conduct forensic investigations on both Unix/Linux and Windows systems, handling different file systems. The curriculum includes advanced topics such as investigations into wireless, network, web, database, and mobile-related crimes.

This course immerses students in an interactive learning environment where they learn how to scan, test, hack, and secure their own systems. The lab-intensive setting provides each student with in-depth knowledge and practical experience with essential current security systems. Students start by understanding how perimeter defenses function, then progress to scanning and attacking their own networks—ensuring no real network is harmed. They also learn how intruders escalate privileges and what measures can be taken to secure a system. Additional topics include Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows, and Virus Creation. Upon completion of this intensive 5-day course, students will possess hands-on understanding and experience in Ethical Hacking.

The purpose of the Ethical Hacking Training is to:

• Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
• Inform the public that credentialed individuals meet or exceed these minimum standards.
• Reinforce ethical hacking as a unique and self-regulating profession.

Audience:

The course is ideal for professionals working in positions such as, but not limited to:

• Security Engineers
• Security Consultants
• Security Managers
• IT Director/Managers
• Security Auditors
• IT Systems Administrators
• IT Network Administrators
• Network Architects
• Developers

This instructor-led, live training in Plovdiv (online or onsite) is designed for computer users who wish to understand malware and take appropriate measures to minimize its threat.

By the end of this training, participants will be able to:

• Understand the concept of malware.
• Identify the different types of malware.
• Take necessary steps to mitigate malware (procedural, technological, awareness, etc).

The Certified Ethical Hacker certification is a globally recognized cybersecurity credential.

This comprehensive program combines theoretical instruction with practical exercises to prepare students for both the CEH certification exam and the CEH Practical Exam. Candidates who successfully pass both examinations earn the CEH Master credential alongside their CEH certification.

Participants have the option to enhance their package by including either the CPENT or the CHFI course.

Training for either the Certified Penetration Testing Professional (CPENT) course or the Computer Hacking Forensic Investigator (CHFI) course is delivered to each student through EC-Council’s online, self-paced, streaming video platform.

CPENT (Pen-test):
Instructs students on applying the concepts and tools from the CEH program within a penetration testing methodology in a live cyber range environment.

CHFI (Computer Forensics):
Teaches students a structured approach to computer forensics, covering search and seizure, chain-of-custody procedures, data acquisition, preservation, analysis, and reporting of digital evidence.

Course Description

The CEH program offers a deep understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It reveals how hackers think and operate maliciously, enabling you to better configure your security infrastructure and defend against future attacks. By understanding system weaknesses and vulnerabilities, organizations can strengthen their security controls to minimize incident risks.

Designed to incorporate a hands-on environment and systematic process across every ethical hacking domain and methodology, CEH provides the opportunity to demonstrate the knowledge and skills required to achieve the CEH credential. You will be exposed to a completely different perspective on the responsibilities and measures necessary for maintaining security.

Who Should Attend

• Law enforcement personnel
• System administrators
• Security officers
• Defense and military personnel
• Legal professionals
• Bankers
• Security professionals

About the Certified Ethical Hacker Master

To earn the CEH Master certification, you must pass the CEH Practical exam. This exam is designed to allow students to prove they can execute the principles taught in the CEH course. It requires demonstrating the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, and more.

The CEH Practical exam does not rely on simulations. Instead, you will tackle challenges in a live range designed to mimic a corporate network using live virtual machines, networks, and applications.

Successfully completing the challenges in the CEH Practical Exam is the next step after obtaining the Certified Ethical Hacker (CEH) certification. Passing both the CEH exam and the CEH Practical Exam earns you the additional CEH Master certification.

About the Certified Ethical Hacker Practical

To prove your ethical hacking skills, we test your abilities against real-world challenges in a real-world environment. Using labs and tools, you must complete specific ethical hacking challenges within a time limit, mirroring the pressures of actual scenarios.

The EC-Council CEH (Practical) exam involves a complex network that replicates a large organization’s real-life infrastructure, including various network systems (such as DMZ, Firewalls, etc.). You must apply your ethical hacking skills to discover and exploit real-time vulnerabilities while simultaneously auditing the systems.

About CPENT

EC-Council’s Certified Penetration Tester (CPENT) program focuses on penetration testing, teaching you to perform in enterprise network environments that must be attacked, exploited, evaded, and defended. If you have only worked in flat networks, CPENT’s live practice range will elevate your skills by teaching you to penetration test IoT and OT systems, write your own exploits, build custom tools, conduct advanced binary exploitation, perform double pivots to access hidden networks, and customize scripts and exploits to infiltrate the innermost segments of a network.

About CHFI

The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. It is a comprehensive course covering major forensic investigation scenarios, enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools required to successfully conduct computer forensic investigations.

This instructor-led, live training in Plovdiv (online or onsite) is designed for information system analysts looking to leverage MITRE ATT&CK to reduce the likelihood of a security breach.

Upon completion of this training, participants will be able to:

• Establish the required development environment to begin implementing MITRE ATT&CK.
• Categorize how attackers interact with systems.
• Document adversary behaviors within systems.
• Monitor attacks, identify patterns, and evaluate existing defense tools.

This instructor-led, live training in Plovdiv (available online or onsite) is designed for information analysts aiming to learn the techniques and processes underlying social engineering to protect sensitive corporate information.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start creating custom malware.
• Backdoor legitimate web applications undetected.
• Deliver evil files as normal file types.
• Use social engineering techniques to lead targets into a fake website.