Sat, May 18 2019, 8:00 AM - Sun, May 19 2019, 6:00 PM [EST]

20065 Lakeview Center Plaza, Ashburn, Virginia, 20147, United States

Register Now

1. Select Seats

2. Review and Proceed



Sale ended


NOTE: Please understand this is a lottery entry and there is no guarantees on being selected for the course. All selections are done in random!

APPROVALThis ticket / registration type requires you to submit a request for approval by the organizer

Enter your discount code

  • Fee
  • Total amount

Sat, May 18 2019, 8:00 AM - Sun, May 19 2019, 6:00 PM [EST]

SpringHill Suites Ashburn Dulles North, 20065 Lakeview Center Plaza, Ashburn, Virginia, 20147, United States.


Course Metadata

Course Abbreviation: SIT

Course Length: 5 Days

Course Category: Intermediate

Price Per Student: FREE (Normal 5-day SIT pricing $5,250)

Training catalog:

Training website and Curriculum:  


Course Details

Please PAY CLOSE attention to the details of this offering:

  • Obscurity Labs is offering a free seat to the SIT-BC class starting on May 18, 2019
  • You must be able to be at the venue on Saturday and Sunday to complete the course
  • Please don't sign up if you can't make it 
  • Seats will be chosen at random lottery style
  • Winners will be emailed on May 11, 2019 to confirm their lottery selection for a free seat

Course Summary

SOC Immersion Training is a deep dive into Hunt Teaming & Intrusion Analysis. Actions taken by an adversary can be generally defined as a collection of TTPs and Tradecraft Core Concept (TCCs) to achieve specific objectives. SOC Immersion Training will deep dive into the analysis and detection of both threat actor TTPs and TCCs. This course will identify and explain the critical data points that drive the creation of the forensic artifacts necessary for analysis of TTPs & TCCs.

Course Core Objectives

SOC Immersion Training is designed for Intermediate level cybersecurity and/or hunt team analysts to increase their functional knowledge of analytical thinking & analysis concepts. By using demonstrated real-world attack methodologies in a step by step manner, SIT provides analysts with an in-depth understanding of how to analyze attack TTPs, and the ability to construct complex IOCs derived from environment-specific threats and constraints. SOC Immersion Training will accomplish these course goals by providing labs taught from an attack specific perspective, coupled with well-designed detection & analysis capabilities to produce forensic evidence from multiple emulated advanced adversary attacks.

SIT will teach you to:

  • Layered Analysis Methodology
  • Understand capabilities & analysis instead of any particular tool
  • Understand and create hard Indicators of Compromise (IOCs) for detection
  • Identify artifact and evidence locations to answer critical questions, including application execution, file access, data theft, external device usage, cloud services, geolocation, file download, anti-forensics, and detailed system usage

Hands-on laboratory exercises:

  • Windows 7,8,10
  • Sharepoint, exchange, outlook
  • Windows File Structures
  • Application File Structures 
  • Windows Registry Essentials
  • ID Suspect Files
  • Sensor Tunning 
  • Memory Analysis 
  • Infection Vectors
  • Malware Behavior and Anti-Forensics
  • Hard & Soft IOCs

Following tools will be used during this course

  • SecurityOnion
  • Sysinternals Suite
  • OSSEC/Wazuh
  • Winlogbeat
  • Auditbeat
  • Filebeat
  • ELK
  • Redline
  • Memoryze
  • Sysmon
  • Netsnif-NG
  • Bro
  • Suricata
  • Tcpdump

Course Differentiators 

  • Cyber Range: Custom range with complete coverage into each of the key data points required to provide each student with access to a range representative of an enterprise security stack.
  • Lab Driven: Course focused around labs, providing short blocks of instruction followed by instructor-led demonstrations.
  • Tangible Metrics: Students will be able to decrease their mean time to detection and show improvements by determining the difference between their pre & post course statistics
  • Personnel: Each course will be taught with an active Red Team and Blue Team SMEs


Cancellation policy

This is a FREE event (lottery selection), no payments will be collected. We ask if selected please let us know if you need to cancel!

Obscurity Labs LLC

Obscurity Labs is a veteran-owned cybersecurity firm. Collaborating with public and private sector clients to solve their most difficult security challenges through a combination of contracting, consulting, analytics, cyber mission operations, threat emulation, technology, cybersecurity, engineering, advanced security research & development, and innovative expertise.

Contact the Organizer View other events

Keelyn Roberts
Senior Security Engineer & Co-Founder

Keelyn is an active Red Team Operator and cybersecurity researcher. He develops both offensive and defensive cybersecurity tool-sets. His prior experience includes roles as a senior information system analyst and a senior cybersecurity analyst. He has spent over 13 years working within the DoD and a fortune 100 company.

About Keelyn Roberts

Senior Security Engineer & Co-Founder
Alexander Rymdeko-Harvey
Senior Security Engineer & Co-Founder

Alex has extensive experience in the cyber security field. He has worked in the specialized field of adversary emulation in both Government and private organizations. Alex brings extensive knowledge from his experience on the Defense and Counter Infiltration Team for the Department of Defense (DoD) and as a senior cyber-security engineer on the Red Team for a Fortune 100 company.

About Alexander Rymdeko-Harvey

Senior Security Engineer & Co-Founder