Education Services

From the front lines to the front of the classroom

In today’s threat landscape, the tools, techniques and procedures (TTPs) of attackers continuously evolve. To keep pace with attackers, security experts must invest time and effort in continuing education.



Mandiant offers a variety of courses as part of our mission to share what we know with the security professionals who need it most. We equip Fortune 500 executives, law enforcement officials and independent security consultants with the knowledge and skill they need to face the latest cyber threats. Courses are available for security professionals at all levels, from beginner to expert.

All courses are taught by experts with hundreds, or even thousands of hours of first-hand experience responding to and defending against aggressive and sophisticated cyber crimes. In fact, much of the material for exercises and operational scenarios are based on actual security incidents for maximum impact.

Upcoming Courses

Creative Red Teaming

2 Day Course | October 13-14, 2017 | Cyber Defense Summit 2017
This intense two-day course is designed to teach advanced offensive techniques to provide you with the ultimate skillset to test your existing security controls. You will learn proven Mandiant Red Team methodologies that start with the successful TTPs we see used by advanced attackers and builds upon them to be even more effective and stealthy. You will even learn how to successfully complete your mission even if part of your team is caught. This course makes heavy use of labs so that you get to practice everything you learn in a realistic scenario. By learning how to implement and protect against effective TTPs you learn how to help your organization best prevent, detect, and respond to cyber threats.

Enterprise Incident Response

2 Day Course | October 13-14, 2017 | Cyber Defense Summit 2017
Attacks against computer systems continue to increase in frequency and sophistication. In order to effectively defend data and intellectual property, organizations must have the ability to rapidly detect and respond to threats. This intensive three-day course is designed to teach the fundamental investigative techniques needed to respond to today’s landscape of threat actors and intrusion scenarios. The class is built upon a series of hands-on labs that highlight the phases of a targeted attack, key sources of evidence, and the forensic analysis know-how required to analyze them. Students will learn how to conduct rapid triage on a system to determine if it is compromised, uncover evidence of initial attack vectors, recognize persistence mechanisms, develop indicators of compromise to further scope an incident, and much more.

Private courses

We offer private courses for groups of 10-20 students. For more information, please email us at