Dragon-Net Incident Response Workshop
In this workshop, students will learn and hone their incident detection and response skills against procedurally-generated computer networks and adversaries. Every workshop is unique and thus offers new and unique learnings to returning participants. Throughout the workshop, Mossé Security’s instructors will facilitate, teach, and help students identify and remediate security breaches within the networks.
Students will be able to use the lessons learned and the skills acquired from the workshop immediately upon returning to work at their own organisations.
How Does It Work?
Students connect to Mossé Security’s cloud environment and are provided with administrative access onto all machines in the network(s). The goal here is to hunt for compromised systems, respond to the breaches, remove the adversaries from the network, and hack them back.
Mossé Security facilitators will ensure the workshop optimally provides students with ample opportunity to make the most of the students' time. We will also offer tips and tricks throughout the event, assisting beginner students when necessary.
Through a guided, hands-on experience, you will learn from this workshop from exposure to the following:
Workshop Format and Complexity:
- Work as a team to respond to security incidents
- Communicate clearly and effectively for incident management
- Triage alerts and identify events that require immediate attention
- Test and automate incident detection techniques
- Reverse engineer procedurally generated malware
- Contain and recover from security breaches
- Analyse adversary infrastructure and hack them back
- Basic Level: 5 to 10 machines, 1 or 2 adversary groups
- Moderate Level: 25 to 60 machines, 2 to 4 adversary groups
- Complex: +250 machines, +10 adversary groups
Incident responders, security engineers, forensics analysts and security managers.
The course is also suitable for Red Teamers and penetration testers looking to learn from defensive techniques employed by Blue Teamers and defenders.
This course is taught by experienced Mossé Security’s instructors. Our instructors have over 10 years of experience delivering penetration testing, red teaming and incident response services for a multitude of industries that have involved complex and multi-faceted approaches. Our instructors each possess the right balance of corporate experience and are competently skilled in presenting and teaching to groups.
Beyond their technical abilities and years of professional experience, our instructors are also trained teachers and public speakers. Their manner of teaching easily conveys their passion for computer security to every one of our students.