|
EVENT DETAILS |
|
Date: |
16 Sep 2020 (Wed) |
or |
14 Oct 2020 (Wed) |
|
Time: |
9:00AM – 6:00PM |
|
Venue: |
ACW Office |
Room 2108, Island Place Tower |
510 King's Road |
North Point |
|
Medium of Instruction: |
Cantonese with
English terminology |
|
Trainers: |
|
Eric Moy |
|
|
Technical Manager of UDS and Range Instructor of Cyber Range Training Centre Limited |
|
|
|
Paul Chow |
|
Senior Consultant |
|
UDS Data Systems Ltd |
|
Matthew Wan |
|
Channel Systems Engineer |
|
Palo Alto Networks |
|
|
|
|
|
Confirmation email with details will be sent after successful registration. |
|
|
|
|
|
|
This Next-Generation Blue Team (NGBT) training workshop provides a unique experience for the participants to learn individually and as a team by actually battling an adversary in real time, in a technical terrain emulating a realistic enterprise environment. |
|
Under various attack scenarios, the participants will get hands-on experience working with various tools to analyze and respond to cyberattacks happening in the environment. Our instructors will direct the blue team step by step in uncovering the attacker’s techniques and footprints, and then work to eradicate the adversary from the compromised system. Moreover, participants will have firsthand experience with the latest security operations (SecOps) technologies like SOAR*, which can be utilized to take incident response to the next level. |
* Security Orchestration, Automation and Response |
|
|
Objectives |
|
Through real-time attack
scenarios like “web
defacement” and
ransomware, we will demonstrate how cyberattack incidents should be handled. |
|
|
|
|
During this workshop, participants will: |
|
• |
Learn the standard incident response (IR) process |
|
|
• |
Find out how to respond when an incident occurs |
|
|
• |
Share knowledge and responsibilities within a team |
|
|
• |
Advance their skills on servers and network forensics |
|
|
• |
Gain hands-on experience with brute-force, web defacement, ransomware, etc. |
|
|
• |
Understand how to use tools like Cortex™ XSOAR improve the (IR) process |
|
|
|
|
Agenda: |
|
AM Session: |
|
• |
Introduction by CyberRange |
• |
Web defacement & ransomware showcase |
• |
Product
Introduction of
Palo Alto
Networks |
|
|
PM Session: |
|
• |
Hands-on Lab with XSOAR playbook design |
|
|
|
|
|
|
|