Early bird registration rate ends on the 30th of September
Get ready for a 2-day knowledge intensive and hands-on training that teaches you how to defend against the modern offensive techniques that red teams and targeted attackers use.
We’re not going to bother you with tools such as nmap and Nessus, and you should forget about the out-of-the-box rules in your SIEM that trigger endless false positives on brute force attacks. We are going to feed you with the latest knowledge, tools and techniques that help you become a better defender.
Based on many years of Red Teaming and hands-on SOC/incident response experience, we share with the you the essential concepts and techniques to better understand and defend against modern attacks. We have also prepared a massive online lab that represents true corporate IT environments, in which you will spend about half of your time diving into hands-on assignments on offensive and defensive actions.
This is a 2-day version of the full 3-day training. The most important items are discussed during these 2 days. However, attendees will receive the content, tools and slides of the full 3-day training to take home and optimize learning.
The training is optimally suited for:
The training is focussed on several key elements:
During the training, the participants have access to a personal lab environment that acts as a playground area. Having a personal lab is a key differentiator compared to many other labs. This environment is comparable to common enterprise networks as it contains Windows and Linux servers, an Active Directory domain, Windows desktops, multiple services, user accounts and service accounts. Furthermore, various detection and investigation measures are in place, e.g. central monitoring environments using open source and commercial tools (e.g. IDS, Splunk/ELK stack, GRR).
As part of the lab assignments you will attack this environment get a better understanding of offensive tools and techniques, and how learn defensive measures affect an attacker. In the defensive labs, you will investigate alerts in this lab to get a better understanding of security monitoring and investigation.
We do require participants to have a technical IT background and a basic level of security knowledge. Also, a large part of the training concerns Windows and Active Directory security. You do not want to subscribe to this training if you are afraid of the command line, only encounter Linux in your daily operations, or never heard of Golden Ticket and Command and Control traffic. But the training is setup in such a way that it can welcome both novices and veterans.
A laptop that has the ability to run a Remote Desktop Connection.
The following provides a rough outline, as the attack and defence landscape is constantly evolving topics are subject to change.