MGT414 is an intensive, comprehensive course designed to prepare professionals for the Certified Information Systems Security Professional (CISSP) certification exam. This globally recognized certification validates an individual’s expertise in designing, implementing, and managing a top-tier cybersecurity program. The course provides an in-depth exploration of the eight CISSP domains, equipping participants with the knowledge and skills needed to succeed.
SEC460 is a comprehensive course designed to equip information security professionals with the skills necessary to effectively secure large-scale enterprise environments, including cloud infrastructures. The course focuses on building technical vulnerability assessment capabilities and introduces a holistic methodology tailored to address the challenges faced by organizations managing extensive systems.
SEC583: Crafting Packets is a one-day, lab-intensive course designed to teach security analysts, network engineers, and system administrators the powerful skill of crafting and manipulating packets. This capability is essential for testing firewall policies, IDS/IPS rules, host/server settings, application configurations, and more.
SEC579 is a comprehensive course designed to equip security professionals with the knowledge and skills necessary to secure virtualized and software-defined infrastructures. As organizations increasingly adopt virtualization technologies and software-defined networking (SDN) to enhance efficiency and scalability, they also face new security challenges. This course addresses these challenges by providing in-depth coverage of securing virtual environments and SDN architectures.
SEC545 is a comprehensive course designed to equip security professionals with the knowledge and skills necessary to secure cloud infrastructures effectively. As organizations increasingly migrate to cloud environments, understanding how to design, implement, and manage security measures in these settings becomes crucial.
As a cyber security defender and investigator, we often just get to analyze an environment that suffered a ransomware attack after the ransomware execution, where we are trying to make our way back in time to understand the scope and initial infection vectors of a breach. However, knowing how attackers operate and having an understanding of their tools can help tremendously to conduct a more effective analysis and response and ultimately lower the impact of such attacks. This is why in this workshop we will teach you how to perform the common steps of every phase in a ransomware attack scenario as the attacker, from initial infection to impact.
We will set up a basic C2 infrastructure with PowerShell Empire, and execute attack phases such as initial access and reconnaissance, persistence mechanisms, privilege escalation, credential dumping, lateral movement, defense evasion, data exfiltration, and encryption with ransomware. In every step you will also learn about the fundamental concepts that are required to conduct the attack and defend against those including hands-on analysis using Splunk, Velociraptor and forensic tools as needed. In the last part of the workshop, you will learn best practices on how to effectively conduct investigations of the attacked environment using various tools that are part of the lab setup. Upon completion of the workshop, participants will have a better understanding of the steps ransomware threat actors take to achieve their objectives, as well as the best practices for detecting and ultimately preventing ransomware attacks.
Antisyphon: Ransomware Attack Simulation and Investigation for Blue Teamers
