Two-day training course - Live Fire Incident Response and Threat Hunting
Facilitator:
Dr. Almerindo Graziano
CEO, Silensec | CYBER RANGES
Online registration opens at 08:45. The training will run from 09:00 to 16:30 each day with appropriate intervals for breaks and lunch.
Many companies lack a fully functioning SOC due to various reasons, such as the shortage of trained security professionals, cost management, or inappropriate tools. Many organizations believe that they are not susceptible to cyber-attacks because they have not experienced one yet. The reality is that they do not probably know whether they are compromised or not. Incident response teams and SOC analysts need to constantly refresh their knowledge and skills to remain updated with the everlasting changes in the cyber security threat landscape. Delivering hyper-realistic scenario-based exercises updated with the most relevant and current threats improves incident handling, teamwork, compliance skills, workflows, runbook usage, and other operational skills which are crucial to the success of the incident response operation.
Your organization’s cybersecurity preparedness relies on your Incident Response and Blue Teams’ ability to train in a deep-dive simulated environment with real-life attack scenarios. Using the world-renowned simulation-based cyber security capability development platform developed by CYBER RANGES™, this two-day course will provide you with the opportunity to experience and handle a wide range of cyber-attacks, while equipping you with the ability to sharpen your skills in detecting, investigating, mitigating and recovering from cyber events.
REGISTRATION FEES:
* If you are interested in a group registration discount, please contact Lerato Mathize lerato@itweb.co.za
This training course has been designed to expose students to a number of real cyberattacks, simulating a range of cyber threats and threat actors that students are likely to come across in their day-to-day incident response and threat-hunting operations.
During this course, students will be given access to a simulated infrastructure containing a number of standard systems, processes and applications to be found in a typical corporate environment. This simulated environment will be powered by next-generation CYBER RANGES by Silensec.
Each cyberattack is simulated through the CYBER RANGES Injector Engine, reproducing both the cyberattacks and the associated Indicators of Compromise (IoC). For each of the simulated attacks students will be trained on how to detect, prepare for and respond. After each attack simulation, student will also receive an expert debrief showing the sample solution and providing an opportunity to further discuss the response of similar security incidents.
This training course will be delivered over 2 (two) days, as outlined:
DAY 1
The first day programme focuses on the tools and methodologies for incident response and threat hunting, preparing the students for the live fire attack simulations. Students will be given access to a realistic corporate environment, which they have to defend.
- Introduction to the target environment
- Incident Response Process
- Threat Hunting tools and Methodologies
- Cyber Threats and Threat Actors
- MITRE Framework.
DAY 2
The second day will continue with more live attacks where students experience a number of cyberattacks simulating different threat actors with different motivations and capabilities. Different attacks will be simulated addressing different stages of the MITRE ATT&CK framework.
- Phishing attacks and Business Email Compromise
- Ransomware attacks
- Driveby malware
- Data exfiltration
- Insider Threats
On completion all the students will receive a confidential individual performance report and a personal Certificate of Completion.
By attending this course you will be able to:
Give every member of your security team the ability to learn how to identify and defend against attack vectors in a safe virtual SOC environment using real-world security tools.
Stay up to date on specific skills for emerging threat vectors.
Receive metrics reflecting actual detection, investigation and response times for each team member.
Hone skills using licensed versions of your actual security tools.
Take advantage of skills training in multiple SOC functions for professional development.
Overcome employee complacency by having consistent training on the most current attack vectors.
Select and onboard people more quickly and effectively.
Measure and Improve responsiveness (quality, speed) of your SOC and IR teams.
Keep team members engaged using a gamified environment.
Competitively challenge your SOC team in CYBER RANGES-powered SOCathons.
Assess the SOC impact of planned changes to the existing security network architecture.
Enable hands-on assessment of products/services before making informed investment decisions.
C-Suite and Board members; Corporate Function Heads; Operations teams; Security Engineers, Analysts, Managers; SOC Analysts; Incident Response teams
More information on what will be required will be communicated on completion of the registration process.
Agenda
CYBER RANGES™ is the world-renowned simulation-based cyber security capability development platform, which is used to deliver varied and complex scenario-driven exercises and team-based events to small and large numbers of SOC analysts, Incident Responders, Operations teams, corporate function heads and even C-Suite and Board members from national CERTs and industry CSIRTs all over the world. CYBER RANGES™ gives you the benefits of enjoying true-to-life environments with trainers, observers, administration and support, where you as individual professionals or as teams (even in very large numbers) can train and practise in a continuum through up-to-date simple or complex scenario-based training programmes and cyber exercises and trying new technologies as well.
WOLFPACK
A PROUDLY SOUTH AFRICAN INFORMATION RISK COMPANY
We provide specialist information and cyber threat consulting, training, awareness & incident support services to governments and organisations in Africa.
Wolfpack can help protect your organisation and its people as you launch into the digital age.
Advisory Consulting Services | Wolfpack Information Risk (wolfpackrisk.com)
