Free Incident Response Training Plan

This plan is based on what I wish I knew before starting in Incident Response and is divided into two parts. Just go to either Part 1 or Part 2 to start.

Part 1: The Core Training Plan

The Core Training Plan starts out with a course for complete beginners to IT and includes General IT/Cybersecurity, Linux, Networking & Programming/Scripting.

As far as programming/scripting goes, so far I am required to learn to read and write Python, be able to modify JSON, and be able to read assembly and other languages for malware analysis. For more information regarding coding and incident response, check out the SANS Whitepaper Coding For Incident Response: Solving the Language Dilemma by Shelly Giesbrecht

Part 2: The Training Plan for New (or aspiring) Incident Responders

I based this part of the plan on a talk I saw by Ryan Chapman about implementing an incident response training plan. This includes Digital Forensics, Incident Response, Malware Analysis and OSINT.

Note: Being relatively new, I keep coming across things I didn’t know I needed to know so I will update these accordingly.

Combined results of LinkedIn and Twitter Incident Response Polls

If you’re wondering exactly what Incident Response is, here are a couple of videos.

What is Incident Response? – Mossé Cyber Security Institute
Cybersecurity: What Is “Security Incident Response,” & Why Is It SO Important? – Cybersecurity Meg