網絡保安工作坊:紅/藍隊 滲透測試功夫系列
在這瞬息萬變的網絡世界中,保護您的網絡和資產的最好方法就是了解您的對手所運用的戰術和技術!
這課程的主要目的是讓您學習到網絡保安中不可缺少的攻防技巧:紅隊(Red Team)和藍隊(Blue Team)。
紅隊將專注學習在不同系統和保安程式中進行滲透測試,以檢測、預防和消除網絡漏洞;而藍隊則學習進行防守,並尋找調整和重組防禦機制的方法,以加強網絡事故回應的能力。
(課程內容介紹以英文為準)
In the ever-changing cyber world today, a better way to protect your network and defence-in-depth of your assets is to understand your adversary tactics and techniques.
The primary aim of this workshop is to equip the participants with the necessary cyber security skill sets from both sides of the world: the RED Team and the BLUE Team. The RED Team focuses on penetration testing of different systems and the levels of security programmes, to detect, prevent and eliminate vulnerabilities, while the BLUE Team finds ways to defend, change and regroup defence mechanisms making incident response much stronger!
Date and Time
10 – 11 & 17-18 May 2023, 09:30 – 17:00
Venue
1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong
Medium
Cantonese with English terminology
Course Outline
Day 1: Hands on Red Team and Metasploit KungFu
A lab with different types of clients and servers (e.g. web servers, mail servers, DNS servers, log servers, Windows client, etc.) is built to simulate real-life environment for Red Team and Blue Team to experience how attacks are launched and logs server / alert system will react.
- Lab Infrastructure and Environment Setup
- Red Team Exercise
Day 2: Hands on Blue Team and Final Challenge
- Blue Team Exercise
- Final Challenge
Day 3: Malware and Targeted Attack Analysis & Simulation
- Introduction and Simulation
- From indicators to deep analysis
Day 4: Advanced Blue Team Techniques: Attack
- Malware Detection with Machine Learning
Fee
Early bird price on or before 10 April 2023
- Staff of Organiser or Member of Supporting Organisation: HK$16,800 per person
- Non-member: HK$17,200 per person
Regular Price
- Staff of Organiser or Member of Supporting Organisation: HK$17,200 per person
- Non-member: HK$17,600 per person
Trainers
Trainer
Mr Anthony LAI
Founder & Security Researcher, VX Research Limited
Anthony LAI is the holder of SANS GREM (Gold Paper) since 2010 (Level 3 in Incident Response Management) and SANS GXPN (Level 3 of Penetration Test). He has over 15 years of experience in information security and quality assurance, including penetration test, exploitation research, malware analysis, threat analysis, reverse engineering, and incident response and management.
Assistant Trainer
Mr Alan HO
Red Team Engineer, VX Research Limited
Alan HO is the holder of OSCP and SANS GWAPT certified security professional. He has over 10 years of experience in the information security industry, including penetration testing, security assessment, incident response, security operation planning, and investigation.
Target Audience
Participants desire to acquire in-depth technical knowledge:
- lBlue Team Members
- lRed Team Members
- lIT Auditor
- lPenetration Tester
- lIncident Responder
Certificate of Training
Participants who have attained 75% or more attendance of lecture will be awarded an Attendance Certificate.