1. ?

    Detection Engineering for Windows

    This training will take place on further notice. Signing up is possible. We will notify you afterwards with the new date. 

    Detection engineering is a method to build and improve your detection capabilities. The Detection Engineering for Windows training brings you up-to-speed in two days.

    To help building proper analytics and automated detection capabilities requires an understanding of the techniques and tooling an attacker utilizes, the various options they can use, and what kind of indicators can be extracted from them. This process is called Detection Engineering and it is a *crucial* factor in the whole chain to be truly effective in being able to catch any attacker in your network.

    Additional to a solid prevention program, you will have the need for visibility of attacks. This requires developing solid detections. Regardless of the form (a hunt, an alert rule, or some other form of risk-based trigger), detection engineering entails a lot more than randomly digging through data or copy pasting queries you've found on the internet.

    This 2-day training focuses on the whole detection engineering cycle, from defining an analytic to researching the relevant techniques to building the detection logic, researching which logs can be utilized and validating its resilience in attempts to bypass it.

    Log data obviously has a very important role here; getting to know your data in-depth and understanding what a system can generate will allow you to focus your detective capabilities as well as utilize your data as efficient as possible. After executing multiple variants of an attack, we will examine all available data to see what kind of indicators were generated and which ones are of use with an acceptable false positive rate. This might involve more data than an organization generally onboards. In some cases, the data can be onboarded while in other cases the risk will have to be accepted due to a high volume or false positive rate.

    This training consists of several hands-on exercises for the students to get used to the detection engineering methodology and to start implementing this in their organizations.

    This training is powered and delivered by FalconForce

  2. ?

    Hands-on Threat Modeling aka Whiteboard Hacking

    This training will take place on further notice. Signing up is possible. We will notify you afterwards with the new date. 

    As highly skilled professionals with years of experience under our belts we know that there is a gap between academic knowledge of threat modeling and the real world.

    To minimize that gap we have developed a 2-day course with practical use cases, based on real world projects. Each use case includes a description of the environment, together with questions and templates to build a threat model. Students will be challenged in groups of 3 to 4 people to perform the different stages of threat modeling on the following:

    • B2B web and mobile applications, sharing the same REST backend
    • An Internet of Things (IoT) deployment with an on-premise gateway and a cloud-based update service
    • OAuth scenarios for an HR application
    • Privacy of a new face recognition system in an airport

    After each hands-on workshop, the results are discussed, and students receive a documented solution. Based on our successful trainings in the last years, we released this advanced threat modeling training at Black Hat USA 2019.

    This course is aimed at software developers, architects, system managers or security professionals. Before attending this course, students should be familiar with basic knowledge of web and mobile Applications, databases & Single sign on (SSO) principles. The students should bring their own laptop to the course.

    This course is powered and delivered by the experts of Toreon

  3. Jouw event bij ons op de agenda?

  4. ?

    Hands On Threat Hunting

    This training has been postponed due to the corona crisis until further notice when we have found a new date.

    'Threat Hunting' is all the new buzz.. 

    But what defines Threat Hunting, and what doesn't?

    This technical training is the right choice for everybody interested in getting beyond the buzzwords. Combining a large and private hands-on lab and having instructors experienced in both offensive and defensive security, you will leave this training excited and prepared for Threat Hunting.

    This course is powered and delivered by the experts of Outflank

  5. ?

    Defend Against Modern Targeted Attacks

    Unfortunately cancelled due to the development of Covid

    Get ready for a 3-day knowledge intensive training that teaches you how to defend against the modern offensive techniques that red teams and targeted attackers use.

    We’re not going to bother you with the default tools of penetration testers. And you should forget about the out-of-the-box rules in your SIEM that trigger endless false positives. But we are going to feed you with the latest knowledge, tools and techniques of modern targeted attacks that help you become a better defender.

    This course is powered and delivered by the experts of Outflank