SANS recently taught a course designed to take cyber security training to the next level: Team-Based Training 570. 'In this course, we cover several topics to help blue teams up their game. 'In this webcast, we'll share some of the most practical tips and tools from the whole course. 'In particular, we'll look at some of the dynamics associated with task hand-off while dealing with a widespread enterprise attack. 'Also, it is getting harder and harder to identify host compromises using network-based analysis, given data hiding in innocuous protocols, exfiltration through common Internet relay 'points, and transport encryption mechanisms attackers are using every day. 'Fortunately, defensive tools are also evolving, giving 'us new opportunities to catch bad guys at work. 'Join Ed and Josh as they review the power of free network-based analysis tools including RITA and Microsoft Message 'Analyzer as a sophisticated mechanism to detect attacker activity in your network. 'And, to top it off, we'll include some additional previews of Holiday Hack Challenge 2019!