Perched offers commercial support, education, custom development, and enterprise deployment of the RockNSM and CAPES platforms

Our Services

Education

We provide a variety of education services designed to get your team up and running quickly, so they can start catching bad guys.

Development

We like to think that ROCK and CAPES are pretty great out of the box, but we are here to help tailor it to your needs.

Consulting

Developing a successful Intelligence driven Security program is no small feat. Leverage our team's experience to develop a program that meets your needs.

Support

Deploying sensors at scale doesn't always go as planned. We're here to help when you need us.

Our Partners

Our Newest Partner

We look forward to starting the process of making ROCK a certified Red Hat ready solution.



Our First Partner

We are grateful that Elastic has agreed to partner with us during the founding days of our startup. Elastic is a core element of many large-scale NSM ecosystems and a leader in data search and analytics platform technologies.

Education Tracks

Foundations

This is the jumping off point for all other tracks and is the basis for all other specialized education.

Analyst

If you love collecting data and using it to tell a story, this is probably the track for you.

Operator

Operators love catching bad guys and are experts at figuring out where they are hiding in the data.


Engineer

Engineers are the wrench turners that deploy security sensors and keep them running in the heat of the battle.

Click on the course titles below to learn more about each course
Kibana for Operators

This course builds on the Kibana education from the Foundations track and teaches operators how to use Kibana at an intermediate level to support them in their hunting.


Duration: 1 Day

Syllabus

  • Building Dashboards to Visualize Anomalies (w/ lab)
  • Using Graph to Find The Enemy Footprint (w/ lab)
  • Using Machine Learning for Hunting (w/ lab)

Prerequisites

Kibana For Analysts or experience using Kibana is recommended.

Follow-On Courses

Guided Hunt

CAPES for Operators

This course builds on the CAPES education from the Foundations and Engineer tracks and teaches operators how to use CAPES to support them in their incident response and hunt operations -- what happens after the intrusion is detected?


Duration: 1 Day

Syllabus

  • Hunt and Incident Response Operations
  • Getting Started (w/ lab)
  • TheHive (w/ lab)
  • Cortex (w/ lab)
  • Mumble (w/ lab)
  • Gitea (w/ lab)
  • Etherpad (w/ lab)
  • Kibana (w/ lab)
  • Beats (w/ lab)

Prerequisites

Introduction to CAPES.

Follow-On Courses

Guided Hunt

Introduction to Stenographer

This course will introduce operators to Google Stenographer and teach them how to use it for supporting hunt operations


Duration: 4 Hours

Syllabus

  • Stenographer Overview
  • BPF Filters
  • BPF Exercises (w/ lab)
  • Stenoread (w/ lab)

Prerequisites

Linux CLI or basic familiarity of the Linux command line is recommended before attending this course.

Intrusion Detection Systems

This course will introduce operators to two popular intrusion detection systems (IDS), Suricata and Snort, and cover when and how to employ an IDS to support hunt operations.


Duration: 1 Day

Syllabus

  • Intrusion Detection Systems Overview
  • Humans over Hardware
  • Anatomy of a Signature (w/ lab)
  • Signature Writing (w/ lab)
  • Suricata vs. Snort

Prerequisites

There are no prerequisites for this course.

Advanced Bro

This course builds on the Introduction to Bro course from the Foundations track and teaches operators how to use the built-in frameworks and Bro Scripting Language for hunting.


Duration: 1 Day

Syllabus

  • Bro Scripting (w/ lab)
  • Bro Event Engine (w/ lab)
  • Frameworks Overview
  • Files Framework (w/ lab)
  • Intel Framework (w/ lab)

Prerequisites

Linux CLI or basic familiarity of the Linux command line is recommended before attending this course.

Bro Intro

Guided Hunt

This capstone course is designed to walk an operator through a series of hunt missions designed to expand their understanding of the hunt tools.


Duration: 2 Days

Syllabus

  • Selecting the Right Tool
  • When to Dig Deeper
  • Mission 1: Individual Hunt
  • Mission 1 Review
  • Mission 2: Team Hunt
  • Mission 2 Review
  • Mission 3: Capture the Flag

Prerequisites

This is a capstone course, so it is recommended to complete all other operator courses first.

Contact Us

Contact us and we'll get back to you as soon as we can.
inquiries@perched.io