Blue Team – Incident Management




Course Start Dates

January 2022

Enroll in now

May 2022

Pre-Order Available

Course Start Dates

2 Days (Online)

09:00 - 17:00 CET


Our priority, your satisfaction!

A commitment on quality at all levels to ensure the best training experience, from the design of the courses to their execution.


Experts in Action!

Our trainers share their experience and feedback with the participants, make them work on real practical cases, and offer them real-life scenarios.

Blue Team – Incident Management

provided by Swiss Cyber Academy and Airbus CyberSecurity

Work in teams to identify and analyze adversaries' behaviours within an information system. In these realistic scenarios, participants face a computer threat carried by a series of attack phases.

From the presentation of the tools made available during the exercise to the support in the operational phases simulated on the CyberRange platform, Airbus CyberSecurity's coaches provide comprehensive support in the training of SOC operators.



  • Experience in the supervision of information systems



Practical exercise on CyberRange

Course Objectives

  • Understand the issues of an NCS and the perspective of the opponent
  • Identifying security incidents on an information system
  • Investigate and qualify different attack sequences
  • Conduct a tactical situation assessment using the ATT&CK Mitre model
  • Setup detection means
Airbus CyberRange

The proposed training modules are designed to provide operable knowledge and operational skills to the participants. Our pedagogy is based on a set of concrete and practical scenarios. Multiples roles are managed in the Airbus CyberRange platform in order to perform various kinds of training sessions: blue team, red team and others. It is possible to customize groups and rules in the Airbus CyberRange platform to fit end-user needs on execution and creation. Each training is provided by Airbus CyberSecurity trainer that brings expertise in their respective fields of business to direct benefit to the trainees.

Course Content
  • At least 80% of trainings content is made of practical exercises

  • Training content developed and run by active Cyber experts, with cybersecurity professional activities in Airbus CyberSecurity that also brings experience and references to the trainees already encountered examples.

  • Dedicated and realistic simulation environment including real security products and Cyber attacks


With operational designed trainings, our courses are continuously updated by our educational engineers and expert trainers to adapt to needs. They focus on a direct practice of the concepts presented by alternating theory and practical exercises.

What you will learn

Phase 1: Guided Information System Defense Exercise

Presentation of the Information System and the key points to protect it

Configuration of detection tools

Identification and qualification of attacks

Implementation of containment, eradication and restoration of normalcy procedures

Adaptation of detection tools and rules


Phase 2: Autumn Exercise

Work in Blue team and defend your Information System

Training Fee

3,600 CHF

2 Days Training Fee
With 30 days Access


After the session, training certificates will be provided by Swiss Cyber Academy and Airbus CyberSecurity for each participant, in an electronic format and hard copy.


Contact us to ask about special offers for Teams

+41 44 501 40 73

available from 09:00 - 18:00


Sihlstrasse 38, 8001 Zurich


Contact Us

Discover our other courses