All courses
Resource hub
Featured resource
Tech Upskilling Playbook 2025
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Learn more
Hamburger Icon
  • Path icon Learning Path
    • Libraries: This path is only available in the libraries listed. To access this path, purchase a license for the corresponding library.
  • Security
    •

Incident Response

8 Courses
4 Labs
14 Hours
Skill IQ

## This path covers the knowledge and skills required to operate as an Incident Responder.

Additionally, the skills covered directly align to the following CSWF, DCWF and Industry Roles:

**Workforce Framework for Cybersecurity (NICE Framework) & DoD Cyber Workforce Framework Roles:** - Cyber Defense Incident Responder (PR-CIR-001)

**Industry Job Roles:** - Incident Response Analyst - Cyber Incident Responder - Incident Response Engineer

These courses will take you through a full, adrenaline-filled scenario where the international conglomerate, Globomantics, have reportedly been hit with ransomware! Be prepared to go through the roller-coaster ride of incident response as we assess and analyze the threat and remediate their systems.

This path is for incident responders working the hands-on-keyboard, technical aspects of a reported security incident. The target audience for this path is practitioners at entry level to two years of experience in the field.

Get started

Content in this path

Incident Response

This skill path works through the methodological phases of incident response. These phases consist of: - Initial analysis and detection of a security event - Collecting data and containment of the threat - Full network and host analysis to identify root cause - Post incident activity, including remediation and recovery

Course

Incident Response: Detection and Analysis

  • by Aaron Rosenmund
  • 2h 19m
  • Dec 16, 2021
Course

Incident Response: Network Analysis

  • by Brandon DeVault
  • 1h 10m
  • Mar 09, 2022
Course

Incident Response: Host Analysis

  • by Aaron Rosenmund
  • 1h 37m
  • Jun 14, 2022
Course

Incident Response: Containment, Eradication and Recovery

  • by Aaron Rosenmund
  • 1h 6m
  • May 12, 2023

Specialized Digital Forensics and Incident Response

After learning about incident response and recovery, dive into the world of digital forensics! In our advanced Specialized DFIR (Digital Forensics and Incident Response) courses, analysts and incident responders can expand their skillset by learning forensics pertaining to an incident and how to extract IOCs from different environments.

Course

Specialized DFIR: Windows Event Log Forensics

  • by Tyler Hudak
  • 38m
  • Dec 12, 2023
Course

Specialized DFIR: Windows File System and Browser Forensics

  • by Tyler Hudak
  • 54m
  • Sep 25, 2023
Course

Specialized DFIR: Windows Registry Forensics

  • by Tyler Hudak
  • 1h 10m
  • Apr 13, 2023

Incident Response Labs

Hands-on Incident Response Labs

Course

Getting Started in the Lab Environment

  • by Aaron Rosenmund
  • 6m
  • Oct 07, 2021
Lab

Respond to a Website Defacement

  • by Wes Novack
  • 1h 25m
  • Aug 05, 2025
Lab

Respond to a Data Leak

  • by Sahil Gupta
  • 1h
  • Aug 05, 2025
Lab

Respond to Ransomware

  • by Shimon Brathwaite
  • 1h 45m
  • Jul 30, 2025
Lab

Respond to an ICS Attack

  • by Angel Sayani
  • 1h
  • Aug 04, 2025
Try this learning path for free
Access this learning path and other top-rated tech content with a free trial.
Free individual trial Free team trial
What You'll Learn
Prerequisites
Related topics
  • Incident Response
  • Incident Handling
  • Continuous Monitoring
  • Malware
  • Ransomware
  • Threat Detection
Not sure where to start?
With over 500 assessments to choose from, you can see where your skills stand and receive adaptive learning recommendations to fill knowledge gaps in as little as 10 minutes.
Learn more

Learn with the best

Aaron Rosenmund
Aaron Rosenmund
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber secur...
Brandon DeVault
Brandon DeVault
Brandon DeVault is a Security Researcher focused on threat hunting at CrowdStrike. He is also a member of the Florida Air National Guard with a variety of offensive and defensive experience. Prior to joining CrowdStrike, Brandon worked full-time as an author with Pluralsight and at Elastic, creating and delivering security content. He also worked with Special Operations Command, where he had two deployments to Afghanistan on deployable communications teams. His experience spans incident response...
Tyler Hudak
Tyler Hudak
Tyler Hudak has more than 15 years of extensive real-world experience in incident handling, malware analysis, computer forensics, and information security for multiple Fortune 500 firms. He has spoken and taught at a number of security conferences on the topics of malware analysis, incident response, and penetration testing, and brings his frontl ine experience and proven techniques to bear in his training.
Wes Novack
Wes Novack
Wes is a Technology Leader, Architect and Engineer specializing in public cloud systems and web scale SaaS Operations. He has designed, built, and managed applications and systems that enable highly-available infrastructure, continuous delivery pipelines, and rapid releases in large, polyglot microservice ecosystems. Wes uses a variety of languages, frameworks, and tooling to build applications, define Infrastructure as Code, drive automation, and eliminate toil. He is vocal in the tech communit...
Sahil Gupta
Sahil Gupta
Sahil Gupta is a skilled cybersecurity professional with a focus on Product Security. Their expertise lies in implementing DevSecOps practices such as SAST, SCA, DAST, IAST, RASP, WAF, Cloud Native Security, and Supply Chain Security. With certifications including Certified Ethical Hacker (CEHv10), IBM Cybersecurity Analyst Professional, and Fortify DAST and SAST Certified Specialist, they excel in conducting comprehensive Penetration testing for Web and API applications. Renowned for their pro...
Shimon Brathwaite
Shimon Brathwaite
Shimon Brathwaite is a seven-year cybersecurity professional with extensive experience in Incident Response, Vulnerability Management, Identity and Access Management and Consulting. He has worked at one of the Big Four consulting firms, multiple of Canada’s largest banks and in startup environments. In addition to his full-time work, he runs a blog securitymadesimple.org, a consulting company and is a published author with four books on cybersecurity. He is open for engagements related to cybers...
Angel Sayani
Angel Sayani
Angel Sayani is a tech prodigy who holds over 35 advanced and prestigious IT certifications, including CompTIA Advanced Security Practitioner™ (CASP+), Certificate of Cloud Security Knowledge (CCSK) and Certified Forensics Analyst (CFA). She conducted advanced research on quantum computing and cryptography at New York University. She has been spotlighted in prominent business magazines and earned awards of “10 Most Ambitious Leaders to Watch in 2024” for innovation and leadership. She is the Fou...

Join our learners and upskill
in leading technologies