Most organisations do not exercise their defences, so they are uncertain about their capabilities and unprepared for identifying and responding to cyber-attacks. In this Course we will:

• Answer the questions, and provide an overview on how your organisation can be benefit through Hands-On-Training, testing, good practice and Cyber Defence Exercises (CDX)

• Demonstrate the latest Tactics, Techniques & Procedures (TTPs) used by threat actors to target your systems in a “capture the flag” scenario.

• Minimise your incident response time from detection to containment (Blue/Red Team scenario) by practicing the cyber tools, procedures, tactics and techniques, providing best practices on how to identify, detect and respond in a timely manner.

Leveraging our Threat Intel, we simulate the latest cyber attacks that hacking groups utilise, explaining you how to detect and respond to these attacks.

Red Team’s Experience

· Penetration Testers / Ethical hackers with over 15 years experience

· Leading Red/Blue Teams in International Organisations

· Many years of experience in NATO Cyber Defence and in Best Practices, Tactics & Techniques

Target Audience

Ethical hackers, penetration testers, IT security professionals.

After completing the Course, you will be able to:

• Evaluate strategies, tools and procedures

• Apply System Administration and prevention of attack

• Monitoring of networks, detecting and responding to attacks

• Handling cyber incidents

• Create a playbook for incident response

• Identify blind spots in your current processes

Opening of first day of CyberHOT (8:30-9:00)

9:00 -9:10 Welcome by the Organisers

9:10 -9:30 Keynote Speaker Tejas Patel (DARPA Program Manager) - Cyber Hunting at Scale

9:30 – 12:00 Defensive Strategies - Interactive Training

The session begins with a presentation about incident response principles and phases, and continues with an interactive tabletop exercise. The attendees participate in a simulated Critical Infrastructure protection scenario and are asked to defend their organization against sophisticated attacks within escalating geopolitical climate. Suggested responses & advice on how to evaluate strategies, tools, procedures and how to effectively collaborate with other team members.

We will use Simulated Critical Infrastructure Protection Scenarios (SCIPS), an interactive configurable serious gaming environment. SCIPS requires participants to make strategic decisions based on potential real-world cyberattack scenarios where antagonistic decisions made may have financial implications relating to the share price and projected dividend payments to investors in a publicly-quoted company. The presented scenario centers on a credible cyber threat that requires participants to balance numerous competing priorities concerning shareholders, industry regulators and security requirements.

12:00 – 13:00 Lunch Break

13:00 – 17:00 Defensive Strategies - Hands-On Training

• During the "hands-on" training phase, we will provide live & technical demonstrations of Cyber Attacks on a virtual infrastructure (Cyber Range).

• Leveraging our Threat Intel, we simulate the latest cyber attacks that hacking groups utilise, explaining you how to detect and respond to these attacks.

• Participants will be trained on how to recognize the cyber attack and develop cyber situational awareness.

• Participants will “try’’ the effectiveness of their suggested responses and defensive scenarios on the Cyber Range.

NOTE: The participants will break into small teams (Blue Teams) of about five (5) members each and discuss the cyber inject for few minutes, brainstorming, analyzing, comparing the suggested security solutions in order to identify the preferable ones. At the end of this process each group will share their thoughts and the preferable actions.

End of day 1 (17:00)

Opening of second day of CyberHOT (8:30-9:00)

9:00 – 12:00. Offensive Techniques - Hands-On Training

CyberHOT’s Red Team will demonstrate to participants how to handle a set of different scenarios on the "Hack the Box" platform. An instance of each virtual machine will be available for each team of attendees along with an attacking vm (Parrot OS) which can be managed through a browser. An introduction will be offered before each challenge, then the attendees will attempt to solve it and finally a short solution and explanation will be offered. The purpose of this course is to bring the participants in touch with some active security challenges that might be encountered throughout their organizational services in the context of red team exercises. Additionally, we offer an overview in a variety of penetration testing tools that will be utilized in this Hands-on Training.

Through the utilization of seven virtual machines which will act as “capture the flag” scenarios, a series of distinct attacks will be showcased including:

• Web application attacks

• Injection Attacks

• Network Enumeration

• Deserialisation

12:00 – 13:00 Lunch Break

13-00 – 17:00 Offensive Techniques - Hands-On Training

The second part of the offensive Techniques-Hands-On Training is targeted towards

• Remote File Inclusion

• sqli

• Command Injection

• Local File Inclusion

End of summer school - Certifications (17:00)