Incident response: Detection and analysis

Course description

This training equips participants with the essential skills to detect and analyse cybersecurity incidents effectively. It focuses on identifying attack vectors, recognising security threats, analysing alerts and documenting incidents accurately. Participants will learn to work with detection sources such as SIEM tools, IDS/IPS, antivirus software and log analysis to distinguish real threats from false positives and make informed response decisions.

Learning outcomes

Designed for IT administrators, security analysts, incident responders and SOC teams, this course is also valuable for students, educators and anyone interested in cybersecurity. Participants will gain expertise in:

• Monitoring security events and identifying indicators of compromise
• Profiling networks and correlating security events to validate threats
• Applying forensic analysis techniques for effective threat detection
• Prioritising and documenting incidents to ensure a coordinated response

Further instructions

The training is free of charge and offered as self-paced e-learning available on demand from April 2025 to October 2025 with a duration of approximately 1 hour.