Offense for Defense with Jason Downey and Tim Medin
Overview
- Course Length: 16 hours
- Support from expert instructors
- Includes a certificate of completion
- 12 months access to Cyber Range
Welcome to “Offense for Defense,” presented by Red Siege Information Security. A specialized course tailored for information security blue teamers, or defenders, aiming to fortify their skills in offensive security strategies.
Throughout this program, participants will delve into the fundamentals of offensive security, gaining insight into the tactics, techniques, and procedures employed by adversaries. By understanding the attacker’s mindset and methodologies, defenders will be better equipped to anticipate and defend against common cyber threats effectively. Through practical exercises and real-world scenarios, participants will learn to proactively identify vulnerabilities, assess risks, and implement robust defensive measures to safeguard against potential attacks. Join us as we empower defenders with the knowledge and tools needed to strengthen their cybersecurity posture and protect critical assets from evolving threats.
Key Takeaways:
Strategic Mindset Shift – Participants will learn to think like attackers to strengthen their defensive strategies. This includes understanding the psychology behind attacks, the tactics employed by adversaries, and how these insights can be used to anticipate and mitigate potential security threats effectively.
Practical Defense Skills – Through hands-on workshops, participants will gain practical skills in identifying vulnerabilities, implementing defensive speedbumps, securing service accounts, and managing Active Directory and AD Certificate Services. These skills are essential for proactively protecting against and responding to cyber threats.
Adaptive Defense Mechanisms – Learners will be equipped with the knowledge to use advanced tools and techniques, such as Atomic Red Team and the MITRE ATT&CK framework, for simulating attacks and testing defenses. This prepares participants to adapt their security measures to evolving threats and ensure their organizations’ resilience against cyber attacks.
Introduction
- Learn the value of offensive knowledge in strengthening defensive strategies.
- Understand the psychology and tactics of attackers to better defend against them.
Implementing Defensive Speedbumps
- Discover techniques to slow down attackers, making it harder for them to navigate your systems undetected.
Attack Emulation Tools
- Gain hands-on experience with Atomic Red Team and the MITRE ATT&CK framework to simulate attacks and test defenses.
OSINT And Reconnaissance
- An in-depth look at identifying public information about a target organization and how it is used by attackers.
Attack Methodologies
- Dive into various attack vectors such as password attacks, phishing, and exploitation tactics to understand how attackers gain access.
Initial Access
- A deep dive into the most common methods for initial access used by attackers, including phishing, password guessing, and exploitation.
Password Attacks and Password Security
- Explore how attackers guess passwords and for initial access, privilege escalation, and lateral movement, as well as strategies to detect and prevent these types of attacks.
Evasion
- Examine common tools and tricks used by threat actors to evade defensive tools to evade common defenses, such as AntiVirus and EDR
Persistence
- Discuss how attackers maintain access via various persistence mechanisms and examine ways to identify these persistence mechanisms to eradicate an embedded attacker.
Privilege Escalation (PrivEsc)
- Understand how and why attackers extend their reach by escalation privileges, commonly from a low privileged user to system or root level access, or even via a more privileged domain user.
Lateral Movement
- Learn to identify and block lateral movement within networks and understand how and why attackers need to move throughout the network.
File Share Exploration and Auditing
- File shares often contain a treasure trove of information useful to attackers and are too often improperly secured or at risk due to data being stored in the incorrect location. You’ll learn how to examine these prevalent and large shares to easily identify risky information that can expose sensitive information or lead to privilege escalation or lateral movement.
Active Directory (AD) and Kerberos
- Examine how Active Directory and Kerberos work to provide authentication and authorization, and common high-impact attacks used by threat actors, as well as defenses for these attacks.
Active Directory Certificate Services (AD CS) Security
- Delve into securing AD CS, identifying common misconfigurations which can lead to simple privilege escalation or persistence and the tools to identify and attack these issues.
Hands-On Workshops
- Each key section includes practical exercises, allowing participants to apply what they’ve learned in simulated environments to reinforce their understanding and skills.
Course Conclusion
- Summarize key takeaways, engage in an open Q&A to clarify doubts, and discuss strategies for continued learning in cybersecurity defense.
Wild West Hackin’ Fest at Mile High (Feb 4th – Feb 5th, 2025) – Denver, CO
- February 4th – 8:30 AM to 5:00 PM MDT
- February 5th – 8:30 AM to 5:00 PM MDT
This class is being taught at Wild West Hackin’ Fest at Mile High 2025.
For more information about our conferences, visit Wild West Hackin’ Fest!
Clicking on the button above will take you
to our registration page on the website.