Join us for Wild West Hackin’ Fest Deadwood virtual conference! Register Here

Offense for Defense with Red Siege

Course Authored by , , , and .

Offense for Defense with Red Siege

Welcome to “Offense for Defense,” presented by Red Siege Information Security. A specialized course tailored for information security blue teamers, or defenders, aiming to fortify their skills in offensive security strategies.

Course Length: 16 Hours

Includes a Certificate of Completion



Enroll Now

Next scheduled date: WWHF Deadwood 2025 - Link at bottom.

Description

Welcome to “Offense for Defense,” presented by Red Siege Information Security. A specialized course tailored for information security blue teamers, or defenders, aiming to fortify their skills in offensive security strategies.

Throughout this program, participants will delve into the fundamentals of offensive security, gaining insight into the tactics, techniques, and procedures employed by adversaries. By understanding the attacker’s mindset and methodologies, defenders will be better equipped to anticipate and defend against common cyber threats effectively. Through practical exercises and real-world scenarios, participants will learn to proactively identify vulnerabilities, assess risks, and implement robust defensive measures to safeguard against potential attacks. Join us as we empower defenders with the knowledge and tools needed to strengthen their cybersecurity posture and protect critical assets from evolving threats.

Syllabus

Introduction

    • Learn the value of offensive knowledge in strengthening defensive strategies.

    • Understand the psychology and tactics of attackers to better defend against them.

Implementing Defensive Speedbumps

    • Discover techniques to slow down attackers, making it harder for them to navigate your systems undetected.

Attack Emulation Tools

    • Gain hands-on experience with Atomic Red Team and the MITRE ATT&CK framework to simulate attacks and test defenses.

OSINT And Reconnaissance

    • An in-depth look at identifying public information about a target organization and how it is used by attackers.

Attack Methodologies

    • Dive into various attack vectors such as password attacks, phishing, and exploitation tactics to understand how attackers gain access.

Initial Access

    • A deep dive into the most common methods for initial access used by attackers, including phishing, password guessing, and exploitation.

Password Attacks and Password Security

    • Explore how attackers guess passwords and for initial access, privilege escalation, and lateral movement, as well as strategies to detect and prevent these types of attacks.

Evasion

    • Examine common tools and tricks used by threat actors to evade defensive tools to evade common defenses, such as AntiVirus and EDR

Persistence

    • Discuss how attackers maintain access via various persistence mechanisms and examine ways to identify these persistence mechanisms to eradicate an embedded attacker.

Privilege Escalation (PrivEsc)

    • Understand how and why attackers extend their reach by escalation privileges, commonly from a low privileged user to system or root level access, or even via a more privileged domain user.

Lateral Movement

    • Learn to identify and block lateral movement within networks and understand how and why attackers need to move throughout the network.

File Share Exploration and Auditing

    • File shares often contain a treasure trove of information useful to attackers and are too often improperly secured or at risk due to data being stored in the incorrect location. You’ll learn how to examine these prevalent and large shares to easily identify risky information that can expose sensitive information or lead to privilege escalation or lateral movement.

Active Directory (AD) and Kerberos

    • Examine how Active Directory and Kerberos work to provide authentication and authorization, and common high-impact attacks used by threat actors, as well as defenses for these attacks.

Active Directory Certificate Services (AD CS) Security

    • Delve into securing AD CS, identifying common misconfigurations which can lead to simple privilege escalation or persistence and the tools to identify and attack these issues.

Hands-On Workshops

    • Each key section includes practical exercises, allowing participants to apply what they’ve learned in simulated environments to reinforce their understanding and skills.

Course Conclusion

    • Summarize key takeaways, engage in an open Q&A to clarify doubts, and discuss strategies for continued learning in cybersecurity defense.

FAQ

Key Takeaways:
Strategic Mindset Shift – Participants will learn to think like attackers to strengthen their defensive strategies. This includes understanding the psychology behind attacks, the tactics employed by adversaries, and how these insights can be used to anticipate and mitigate potential security threats effectively.

Practical Defense Skills – Through hands-on workshops, participants will gain practical skills in identifying vulnerabilities, implementing defensive speedbumps, securing service accounts, and managing Active Directory and AD Certificate Services. These skills are essential for proactively protecting against and responding to cyber threats.

Adaptive Defense Mechanisms – Learners will be equipped with the knowledge to use advanced tools and techniques, such as Atomic Red Team and the MITRE ATT&CK framework, for simulating attacks and testing defenses. This prepares participants to adapt their security measures to evolving threats and ensure their organizations’ resilience against cyber attacks.

About the Instructors

Pixel splash background
Tim Medin
Tim Medin
"Hacker, instructor, and Kerberoast Guy"
Bio

Tim is the CEO and founder of Red Siege Information Security. He is the creator of the Kerberoasting. Tim was a Senior Instructor and course author (SEC560) at The SANS Institute. Tim has performed penetration tests on a wide range of organizations and technologiesTim is an experienced international speaker, having presented to organizations around the world.

Pixel splash background
Jason Downey
Jason Downey
"I am a full time Penetration Tester and a part time Domain Admin."
Bio

Jason Downey has over ten years of professional experience in IT and information security ranging in a variety of roles in network security roles with additional experience in systems administration. Jason has spoken in front of various audiences ranging from youth initiatives to major security conferences, while creating informational content on SiegeCasts and forward-facing marketing channels.

Pixel splash background
Mike Saunders
Bio

Mike Saunders is Red Siege Information Security’s Principal Consultant. Mike has over 25 years of IT and security expertise, having worked in the ISP, banking, insurance, and agriculture businesses. Mike gained knowledge in a range of roles throughout his career, including system and network administration, development, and security architecture. Mike is a highly regarded and experienced international speaker and BlackHat Trainer.

Pixel splash background
Corey Overstreet
Corey Overstreet
Bio

Corey has been engaged with Fortune 500 organizations across a variety of industries, including financial services, government services, and healthcare and is widely recognized for his in-depth OSINT talks and workshops. Additionally, he is a Black Hat trainer and has spoken at conferences such as Wild West Hackin’ Fest, Texas Cyber Summit, and CypherCon. He has over five years of systems administration and extensive VMWare administration experience. Corey was a member of the SECCDC Red Team and is one of the top Red Team Operators at Red Siege.
Certifications:
CRTO, OSEP, OSCE, OSCP, and OSEE

This class is being taught at Wild West Hackin’ Fest – Deadwood 2025 with Mike Saunders and Corey Overstreet.

For more information about our conferences, visit Wild West Hackin’ Fest!

REGISTER HERE

Clicking on the button above will take you to our registration page

Related products

Shopping Cart

No products in the cart.