Training: Security Boost

Incident Response Training

In this lecture-style course, designed and delivered by experts from the Truesec Incident Response team, you’ll learn how to configure your IT environment for greater resilience against cyber threats.

Drawing from extensive real-world experience in responding to incidents, our team will share proven strategies that work—and highlight common missteps to avoid. This session is packed with practical insights to help you strengthen your defenses and better prepare your organization to withstand cyberattacks.

cyber incident preparation

Four Expert-Led Sessions

The training is structured into four distinct sessions, each addressing key areas for enhancing environmental resilience. These sessions are based on our extensive experience in incident response engagements over the years.

After these sessions, you will know about common pitfalls we have experienced during our incident response engagements, and how to avoid them. Helping you to better understand how to improve resilience in your IT environment and better prepare it for when the worst happens. The sessions will be held online from 3 pm to 5 pm CET, and presented in English.

Dates: 17, 18, 24, and 25 nov

Times: 15:00-17:00 (CET)

Place: Online

Price: 7,900 SEK excl. VAT

2025-11-17

Session 1

The first session focuses on securing identities – one of the most critical assets in any modern environment. We’ll cover best practices for both Active Directory and Entra ID to strengthen your identity posture

2025-11-18

Session 2

The second session will cover how to protect the hypervisor layer without compromising business functionality. We’ll explore practical strategies to secure virtual environments effectively.

2025-11-24

Session 3

The third session will focus on how to configure your network to avoid common pitfalls and enhance security. The session emphasizes practical, balanced approaches without overcomplicating your setup.

2025-11-25

Session 4

The fourth session will dive into proven practices for securing your backup solutions, ensuring immutability, and preventing unauthorized access. The focus is on resilience and recovery readiness.

Course Description

Session 1 – Identity & Access

In this session you will learn the most common misconfigurations in Active Directory and Entra ID leading to a breach and what you can do to fix it.

  • Direct and indirect Administrators – How many Domain Admins do you have?
  • Certificate Templates – Everyone can become a Domain Admin!
  • Undertaking a Zero Trust mindset toward Active Directory and Entra ID administration.
  • Protecting Active Directory joined systems from accidental credential exposure.

Speakers: Viktor Hedberg and Ted Molin

 

 

Session 2 – Virtualization

In this session you will learn how threat actors abuse your virtualization configuration to complete the breach and finally reach their end-goal. This session will also include ways to effectively combat this issue.

  • The virtualization platform should be protected.
  • The issue with domain joined virtualization hosts.
  • Correctly segmenting the virtualization from production Active Directory, Backup, and Storage.
  • The use of privileged access workstations to manage your infrastructure components – Why it is a must!
  • Enable Self Service will minimize security and operational risks

Speakers: Viktor Hedberg, Jörgen Brandelius and Anders Olsson

 

 

Session 3 – Network segmentation

In this session you will learn how to configure your network to avoid common mistakes witnessed in several incidents in the past.

  • How, and when to use micro-segmentation.
  • Next Generation Firewall features.
  • Ensuring administration of the environment can only be performed from correct machines, on the correct network.
  • Remote Access best practices.

Speakers: Viktor Hedberg and Heresh Zaremand

Session 4 – Backup/Restore configuration

In this session you will learn and understand how a backup/restore solution should be configured to provide a solution to prevent data loss.

  • Backup is not the same as a disaster/recover.
  • Backup must be encrypted, by you, not the attacker.
  • Restore speed needs to be pre-calculated.
  • Backup must be performed before doing a restore.
  • You really need to reinstall the exact same version of your backup application to be able to restore.
  • Escape room exercises will train the team to perform complete restore

Speakers: Viktor Hedberg and Anders Axhake

 

 

Don’t Wait — Sign Up to Strengthen Your Skills

What Our Previous Security Boost Attendees Have to Say

"At Truesec, you are professional and competent, and it's enjoyable to take a course with you."

Security Boost - IR

Quick facts / FAQ

What language will be used?

All sessions are held in English.

How much does the training cost?

The price is 7 900 SEK excl. VAT.

Will you receive a recording after the sessions?

Yes, a recording of the session will be available for download after the session.

We are a couple of colleagues who would like to participate, can we purchase one ticket and join from a conference room?

Tickets are priced per person, so all participants need to purchase their own. But joining from a conference room with colleagues sounds great!