Professional Certification in Tactical Cyber Defense & Response Skills
2 Days “Live” Simulation Blue Team Vs Red Team Masterclass. In today’s advanced digital world, cyber threats are growing in scale and sophistication. Organisations are increasingly vulnerable to attacks due to technology advancement such as remote access, big data cloud computing and more. Security incidents may occur any day, any time and anywhere. These security incidents can heavily impact organisation’s reputation, bottom line and market standing.
Why Red on Blue Is a Crucial Component of Cyber Skills and Incident Response Training?
As more companies look into cyber exercises and capture the flag events to improve their incident response effectiveness, up-skill their staff and tackle the cyber-security talent gap, a red on blue experience provides a safe sandbox environment for participating companies to stress test their business processes and challenge their capabilities in responding to real-world cyber incidents through a realistic simulation
Through these training, organisations will be well-prepared for the unforeseen cyber security incident. Organisations must test their own systems and know if it is vulnerable. In this highly productive 2-day Masterclass, participants will learn the techniques to test systems against commonly known vulnerabilities, and how to fix and remove the vulnerabilities from systems.
2 Days Hand-On Simulation and Learning with Cyber-Security Specialist, Ronald Shiflet
This Professional Certificate programme focuses on letting participants gain an exposure to and knowledge of practical cyber security in a real environment. They will learn how to use a comprehensive approach to gain insight into an organisation’s overall security to test its ability to detect, respond to, and recover from an attack. Knowing Your Enemy, when engaging in the red on blue exercise, participants will assume both its usual defense role and the attacking role. This can help the security professionals understand how attackers think and operate, thereby better equipping them to deal with incidents.
All Hands-on Deck for Incident Response Training
Security is not just an IT responsibility — everyone across the organization has a duty to protect its data, network and systems. Taking this into consideration, this incident response training exercise incorporates other potential scenarios in a cyber incident, as well as the impact on company reputation and regulatory requirements. All participants will be provided with the necessary data to get started performing the attacks and defences (though you will have the tutor and step-by-step instructions present to guide you through the processes towards knowledge and mastery).
Participants, wherever possible, should bring in their own laptops with power supplies, capable of running Oracle VirtualBox virtualization software effectively throughout all 2 days (all other hardware and software will be provided).
These experiences will be critical in helping SOC teams to identify potential attacks earlier and make better decisions within their defensive systems.
DAY 1: RECONNAISSANCE AND SCANNING (AM)
Whether online or in a bank lobby, most crimes begin with a thorough investigation and review of the target site. On the morning of Day 1, we learn to scan the network, find (enumerate) the services, determine (fingerprint) the operating systems and locate their vulnerabilities so that we can later exploit them (which we most certainly will, on Day 2).
AM (Red Team – Attack Mode)
- Network Mapping (NMAP)
- Vulnerability Scanning (NESSUS)
AM (Blue Team – Prevent Mode)
- Intrusion Detection (SNORT)
DAY 1: RECONNAISSANCE AND SCANNING (PM)
On the afternoon of Day 1, we get into the exciting world of eavesdropping and cracking. We will sniff network traffic, locate and decrypt passwords where possible, and bash down the door with brute force where not.
PM (Red Team – Attack Mode)
- Sniffing Network Data/Passwords (Wireshark)
- Password Cracking (John the Ripper)
PM (Blue Team – Prevent Mode)
- Encryption (Secure Shell and Secure Sockets)
DAY 2 – EXPLOITATION AND EXFILTRATION
It all comes together on Day 2. We take all the knowledge gained of our target systems’ vulnerabilities and exploit them. We will exfiltrate their databases through SQL Injection and totally infiltrate their operating systems with the infamous Metasploit framework.
AM (Red Team – Attack Mode)
- Exfiltration (SQL Injection)
- Infiltration (Metasploit Framework)
PM (Blue Team – Prevent Mode)
- Parameterized SQL
“Ronald is a highly qualified and experienced Trainer for ITIL Courses. A strategic thinker who makes complex knowledge and theories seems so relatively easy. It was always a joy engaging him in training and discussion.” – Fan Yu Project Director at KTK GROUP SINGAPORE PTE LTD
“Ronald has been a great mentor and provided great insights to the current and future industry trends. He has provided many out-of-the-box ideas and allow further refinement to create a comprehensive implementation plan.” – Victor Yeo PMP, Technology Project Manager at InterContinental Hotels Group (IHG®)
“Ron has many years of IT experiences in various areas and is able to quickly pick up a new technology when required. He puts in hard work to complete the projects assigned, even if it means working overnight.” – Terence Ng. Project Manager at ECS and Information Technology and Services Consultant
“Ronald has been an inspiring teacher whose classes and discussions I’ve occasionally sat in on. He has the knack for explaining complex concepts without simplifying them but guiding through each step.” – Dale Edmonds, Director at Riverkids Project
Cyber-Security Specialist: Ronald Shiflet (Director, Secure Information Technologies)
Ronald is the Director of Secure Information Technologies, a leading cyber security agency that specialized in Project Management, Security, Networking and IT Service Level Management. Ronlad has over 20 years of industry experience in information technology across Europe and Asia. Ronald holds a BSc Degree in Computer Information Systems from DeVry University and a Master of Technology, Telecommunications from DePaul University. He is a highly experience and innovative Security Consultant, whose work in mainly based on his over 20 years’ experience running his security consulting firm. He has extensive experience in digital forensic investigation, anti-forensic, penetration testing, mobile forensics and network security.