OffSec IR-200 - Foundational Incident Response (OSIR) - Self-paced

Length 90 days access
Price NZD 3100 exc GST
Inclusions OSIR exam

Course overview

Book now

Why study this course

OffSec’s Incident Response Essentials (IR-200) course provides cybersecurity professionals with practical training to prepare for, identify, and handle security incidents effectively. The course focuses on core incident response concepts and explores how organisations manage and mitigate cyber threats in real-world situations. Participants will learn to understand the incident response lifecycle, develop comprehensive incident response plans, and utilise tools and techniques for efficient detection and analysis of security events.

Upon successfully completing the hands-on exam, learners earn the OffSec Certified Incident Responder (OSIR) certification. This credential validates expertise in foundational incident response practices, positioning you as a valuable asset to incident response teams, Security Operations Centres (SOCs), and organisations committed to strengthening their cybersecurity defenses.

Throughout the online training course, you’ll have access to:

A virtual lab environment for hands-on practice
The IR-200 curriculum: extensive course information and materials, including videos and exercises
A vibrant online community of students and OffSec professionals
One exam attempt

Request Course Information

What you’ll learn

Upon completing the IR-200 course and successfully passing the OSIR exam, you’ll gain a strong foundation in:

Incident response concepts and methodologies
Preparation and planning for security incidents
Detection and analysis of security events
Containment, eradication, and recovery techniques

OffSec at Lumify Work

Security professionals from top organisations rely on OffSec to train and certify their personnel. Lumify Work is an Official Training Partner for OffSec.

View all OffSec at Lumify Work courses

Who is the course for?

The IR-200 course is designed for individuals seeking to build a strong foundation in incident response. It’s ideal for:

Aspiring incident responders
Security Operations Centre (SOC) analysts
IT security specialists
Professionals aiming to transition into specialised cybersecurity roles focused on incident management

Course subjects

Incident Response Overview

Introduces the concepts of incident response with the main focus being NIST Special Publication 800-61

Fundamentals of Incident Response

The roles and responsibilities of incident response teams
The main frameworks used by incident responders (CREST, SANS, NIST)

Phases of Incident Response

NIST SP800-61 provides a four-phase model of Incident Response
Describing what each phase comprises

Incident Response Communication Plans

The value and contents of incident response communications plans
Review examples of good and bad external communications

Common Attack Techniques

Opportunistic attacks
Targeted attacks

Incident Detection and Identification

Detection of malicious activities
Analysis of malicious activities

Initial Impact Assessment

The first thing to do when an incident occurs
How to conduct an initial assessment of the scope and impact of the incident

Digital Forensics for Incident Responders

Forensic measures and evidence handling considerations

Incident Response Case Management

Case management theory with an IRIS lab

Active Incident Containment

How to isolate and neutralise detected threats
Explore techniques such as design-led isolation and dynamic containment during incidents
Isolation techniques, containment strategies, and their implications for businesses

View the full syllabus here.

Prerequisites

There are no strict prerequisites for IR-200, but a basic understanding of networking concepts and operating systems (Windows and Linux) is recommended. Familiarity with fundamental cybersecurity principles will help you grasp the course material more effectively.

THIRD PARTY REGISTRATION

Lumify Work offers certification and training through our partnership with OffSec. This arrangement requires Lumify Work to provide your details to OffSec for course and/or exam registration purposes.

Downloads

Learn Subscriptions

Terms & Conditions

The supply of this course by Lumify Work is governed by the booking terms and conditions. Please read the terms and conditions carefully before enrolling in this course, as enrolment in the course is conditional on acceptance of these terms and conditions.