(HANDS-ON) - Day 1
This class focuses on the "purple team" approach which focuses on attacking and working on building detections based on the attacks applied. Participants will be provided with everything they need to understand how to conduct attacks as well as how to best detect them in a large environment. This class will go through the tactics, techniques, and procedures (TTPs) of attacks while building knowledge around how to write rules that focus on the behavior exhibited by them to better refine detections within an organization.
Workshop description coming soon!
Enhance your cloud security knowledge to defend AWS & Azure infrastructure and apps through building automated detection, alerting, and response systems. This training offers hands-on lab exercises & CTF challenges (metal coins to win) for a practical learning experience.
This hands-on CTF-style training includes content for builders, security practitioners and architectects focused on implementing large scale security programs. You will Learn to defend AWS & Azure cloud infrastructure by building automated detection, alerting and response pipelines for your workloads by using native cloud services. This training focuses on building security knowledge on the cloud and for the cloud. It teaches you the fundamentals of cloud infrastructure security and focuses on building highly scalable threat detection, monitoring, and response tools by using cloud-native services like serverless, containers, object stores, IAM/AD, logic apps, SQL/KQL queries and much more.
By the end of this training, we will be able to (applies to both AWS & Azure):
* Use cloud technologies to detect & build automated responses against IAM & AD attacks.
* Understand and mitigate advanced identity based attacks like pivoting and privilege escalation and build defense techniques against them.
* Use serverless functions to perform on-demand threat scans.
* Deploy containers to build threat detection services at scale.
* Build notification services to create detection alerts.
* Architecting multi-account log collection and alerting strategy.
* Define step functions & logic apps to implement automated forensic artifacts collection for cloud resources.
* Building cloud security response playbooks for defense evasion, persistence and lateral movements.
* Perform advanced security investigations through architecting and deploying security data-lake for real-time threat intelligence and monitoring.
* Enforce multi-cloud security strategy through assessments, compliance checks and benchmarking automation.