Just in time for ShmooCon Trainer Exchange, we’re happy to say that we’ve added another class from MITRE’s “School of SOC” (Security Operations Center) curriculum. The previous School of SOC class was dedicated to analysis of netflow data, and this one naturally enough focuses on full packet captures (pcaps). It also includes training on a MITRE-developed-and-open-sourced tool called ChopShop. This has been used to great effect for quickly applying decoding transforms over attacker C2 traffic (something SOC operators often have to do a lot.)







We also updated the class map relation between this class and the other classes based on our current understanding of which ones should be released eventually and which ones probably won’t (based primarily on instructor preferences). That means if you see a class like the Red Teaming class which you have materials for, we’d love to have you share them with the world, and fill out the curriculum further, so we can train more defenders faster.







Check out the new pcap class materials here:



http://opensecuritytraining.info/Pcap.html

