An advanced incident response certification that provides practical and strategic skills to detect, manage, and mitigate cyberattacks in real time. Designed for SOC teams, analysts, administrators, and any IT professional responsible for responding to cyber threats.
At the end of the course, participants will be able to:
- Detect, analyze, and respond to security incidents across multiple environments (cloud, network, endpoint)
- Implement an effective incident handling plan, based on standards such as NIST
- Execute containment, eradication, and rapid recovery in response to cyberattacks
- Apply basic forensic practices to preserve evidence
- Generate clear and structured post-incident reports
- Minimize impact and downtime during incidents
To fully benefit from the course, participants are required to have:
- Prior knowledge in networking, information security, or systems administration
- Experience in technical roles related to IT, SOC, or cybersecurity
| Certificación Internacional Incident Handler (E|CIH) – Versión 3 | Applies |
|---|---|
| Certificación Internacional Incident Handler (E|CIH) – Versión 3 | 24 hours |
Learning Methodology
The learning methodology, regardless of the modality (in-person or remote), is based on the development of workshops or labs that lead to the construction of a project, emulating real activities in a company.
The instructor (live), a professional with extensive experience in work environments related to the topics covered, acts as a workshop leader, guiding students' practice through knowledge transfer processes, applying the concepts of the proposed syllabus to the project.
The methodology seeks that the student does not memorize, but rather understands the concepts and how they are applied in a work environment.
As a result of this work, at the end of the training the student will have gained real experience, will be prepared for work and to pass an interview, a technical test, and/or achieve higher scores on international certification exams.
Conditions to guarantee successful results:
- a. An institution that requires the application of the model through organization, logistics, and strict control over the activities to be carried out by the participants in each training session.
- b. An instructor located anywhere in the world, who has the required in-depth knowledge, expertise, experience, and outstanding values, ensuring a very high-level knowledge transfer.
- c. A committed student, with the space, time, and attention required by the training process, and the willingness to focus on understanding how concepts are applied in a work environment, and not memorizing concepts just to take an exam.
Pre-enrollment
You do not need to pay to pre-enroll. By pre-enrolling, you reserve a spot in the group for this course or program. Our team will contact you to complete your enrollment.
Pre-enroll nowInfinity Payments
Make your payment quickly, safely and reliably
- For bank transfer payments, request the details by email
capacita@aulamatriz.edu.co.
- If you wish to finance your payment through our credit options
(Sufi, Cooperativa Unimos or Fincomercio), click on the following link:
Ver opciones de crédito.
Description
An advanced incident response certification that provides practical and strategic skills to detect, manage, and mitigate cyberattacks in real time. Designed for SOC teams, analysts, administrators, and any IT professional responsible for responding to cyber threats.
Objectives
At the end of the course, participants will be able to:
- Detect, analyze, and respond to security incidents across multiple environments (cloud, network, endpoint)
- Implement an effective incident handling plan, based on standards such as NIST
- Execute containment, eradication, and rapid recovery in response to cyberattacks
- Apply basic forensic practices to preserve evidence
- Generate clear and structured post-incident reports
- Minimize impact and downtime during incidents
To fully benefit from the course, participants are required to have:
- Prior knowledge in networking, information security, or systems administration
- Experience in technical roles related to IT, SOC, or cybersecurity
offers
| Certificación Internacional Incident Handler (E|CIH) – Versión 3 | Applies |
|---|---|
| Certificación Internacional Incident Handler (E|CIH) – Versión 3 | 24 hours |
Learning Methodology
The learning methodology, regardless of the modality (in-person or remote), is based on the development of workshops or labs that lead to the construction of a project, emulating real activities in a company.
The instructor(live), a professional with extensive experience in work environments related to the topics covered, acts as a workshop leader, guiding students' practice through knowledge transfer processes, applying the concepts of the proposed syllabus to the project.
La metodología persigue que el estudiante "does not memorize", but rather "understands" the concepts and how they are applied in a work environment."
As a result of this work, at the end of the training the student will have gained real experience, will be prepared for work and to pass an interview, a technical test, and/or achieve higher scores on international certification exams.
Conditions to guarantee successful results:
- a. An institution that requires the application of the model through organization, logistics, and strict control over the activities to be carried out by the participants in each training session.
- b. An instructor located anywhere in the world, who has the required in-depth knowledge, expertise, experience, and outstanding values, ensuring a very high-level knowledge transfer.
- c. A committed student, with the space, time, and attention required by the training process, and the willingness to focus on understanding how concepts are applied in a work environment, and not memorizing concepts just to take an exam.
Infinity Payments
Make your payment quickly, safely and reliably
- For bank transfer payments, request the details by email
capacita@aulamatriz.edu.co.
- If you wish to finance your payment through our credit options
(Sufi, Cooperativa Unimos or Fincomercio), click on the following link:
Ver opciones de crédito.
Course Modules
Module I: Introduction to Incident Handling and Response
Fundamentals of incident management, legal framework, and best practices.
Module II: Incident Handling and Response Process
Phases: preparation, identification, containment, eradication, recovery, and lessons learned.
Module III: Forensic Readiness and First Response
Preparation for forensic investigation and initial response steps.
Module IV: Handling and Responding to Malware Incidents
Analysis, containment, and mitigation of malware such as trojans, ransomware, etc.
Module V: Handling and Responding to Email Security Incidents
Identification and response to phishing attacks, BEC, and other email vectors.
Module VI: Handling and Responding to Network Security Incidents
Response to scans, intrusions, DDoS, and other network threats.
Module VII: Handling and Responding to Web Application Security Incidents
Management of vulnerabilities in web applications: injections, XSS, CSRF, etc.
Module VIII: Handling and Responding to Cloud Security Incidents
Procedures for identifying and mitigating incidents in cloud environments.
Module IX: Handling and Responding to Insider Threats
Identification and control of internal threats, both malicious and negligent.
Module X: Handling and Responding to Threats to IoT and OT Platforms
Incident management in connected devices (IoT) and industrial environments (OT).