网络保安工作坊:红/蓝队 渗透测试功夫系列
在这瞬息万变的网络世界中,保护您的网络和资产的最好方法就是了解您的对手所运用的战术和技术!
这课程的主要目的是让您学习到网络保安中不可缺少的攻防技巧:红队(Red Team)和蓝队(Blue Team)。
红队将专注学习在不同系统和保安程序中进行渗透测试,以检测、预防和消除网络漏洞;而蓝队则学习进行防守,并寻找调整和重组防御机制的方法,以加强网络事故回应的能力。
(课程内容介绍以英文为准)
In the ever-changing cyber world today, a better way to protect your network and defence-in-depth of your assets is to understand your adversary tactics and techniques.
The primary aim of this workshop is to equip the participants with the necessary cyber security skill sets from both sides of the world: the RED Team and the BLUE Team. The RED Team focuses on penetration testing of different systems and the levels of security programmes, to detect, prevent and eliminate vulnerabilities, while the BLUE Team finds ways to defend, change and regroup defence mechanisms making incident response much stronger!
Date and Time
10-11 & 17-18 May 2023, 09:30 – 17:00
Venue
1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong
Medium
Cantonese with English terminology
Course Outline
Day 1: Hands on Red Team and Metasploit KungFu
A lab with different types of clients and servers (e.g. web servers, mail servers, DNS servers, log servers, Windows client, etc.) is built to simulate real-life environment for Red Team and Blue Team to experience how attacks are launched and logs server / alert system will react.
- Lab Infrastructure and Environment Setup
- Red Team Exercise
Day 2: Hands on Blue Team and Final Challenge
- Blue Team Exercise
- Final Challenge
Day 3: Malware and Targeted Attack Analysis & Simulation
- Introduction and Simulation
- From indicators to deep analysis
Day 4: Advanced Blue Team Techniques: Attack
- Malware Detection with Machine Learning
Fee
Early bird price on or before 10 April 2023
- Staff of Organiser or Member of Supporting Organisation: HK$16,800 per person
- Non-member: HK$17,200 per person
Regular Price
- Staff of Organiser or Member of Supporting Organisation: HK$17,200 per person
- Non-member: HK$17,600 per person
Trainers
Trainer
Mr Anthony LAI
Founder & Security Researcher, VX Research Limited
Anthony LAI is the holder of SANS GREM (Gold Paper) since 2010 (Level 3 in Incident Response Management) and SANS GXPN (Level 3 of Penetration Test). He has over 15 years of experience in information security and quality assurance, including penetration test, exploitation research, malware analysis, threat analysis, reverse engineering, and incident response and management.
Assistant Trainer
Mr Alan HO
Red Team Engineer, VX Research Limited
Alan HO is the holder of OSCP and SANS GWAPT certified security professional. He has over 10 years of experience in the information security industry, including penetration testing, security assessment, incident response, security operation planning, and investigation.
Target Audience
Participants desire to acquire in-depth technical knowledge:
- lBlue Team Members
- lRed Team Members
- lIT Auditor
- lPenetration Tester
- lIncident Responder
Certificate of Training
Participants who have attained 75% or more attendance of lecture will be awarded an Attendance Certificate.