SNS I515: Active Defense and Incident Response (GRID)
 
Course Description
The SNS I515: Active Defense and Incident Response (GRID) course delivers advanced, hands-on training focused on protecting industrial control systems and operational technology environments through active defense and intelligence-driven incident response. This course equips practitioners with the skills needed to detect, respond to, and recover from attacks targeting critical infrastructure.
Participants learn how to identify industrial assets, segment and defend networks, analyze malicious activity, and coordinate response actions in environments where availability and safety are paramount. The course emphasizes proactive defense strategies, threat intelligence integration, and real-world response workflows tailored to operational systems.
 
What You Will Learn
Active defense strategies for industrial and operational environments
Asset discovery, classification, and visibility across OT networks
Network segmentation and secure architecture for critical systems
Incident response processes tailored to operational constraints
Malware triage and analysis in industrial environments
Integrating cyber threat intelligence into defense and response
Coordinating response actions to minimize operational disruption
Best practices for resilience and recovery in critical infrastructure
 
Who This Course Is For
OT and industrial security professionals
Incident responders working with critical infrastructure
Industrial network engineers and security architects
Cybersecurity practitioners preparing for advanced industrial security roles
 
Hands-On Training Experience
Learners complete extensive lab exercises simulating real-world industrial attack scenarios. These labs reinforce active defense techniques, live incident response decision-making, malware analysis, and coordinated response efforts in operational environments.
 
Course Outcomes
By the end of this course, you will be able to implement active defense strategies, identify and protect critical industrial assets, respond effectively to operational cyber incidents, and integrate threat intelligence into defensive operations—fully aligned with the objectives of the SNS I515: Active Defense and Incident Response (GRID) program.