Loading…
NoNameCon has ended
Thursday, May 17 • 14:00 - 17:00
Night in Defense Workshop: Hunting for a needle in a haystack

Log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Attention! To take part in the workshop you have to register first! Registration: https://goo.gl/forms/VoaXdmL450Usj5QR2.
To download VM for the workshop: https://nnc.underdefense.com/HAYSTACK.zip

Penetration testers as well as criminals are really good in breaking legacy and vulnerable IT components, apps, getting a reverse shell on the server and think that they won a battle. But, often they stuck and in many cases are easily detected and blocked, because of lack skill-set and knowledge about latest protection techniques and tools. Not always, but often. And often the reason of successful defense is the right combination of people skills, response processes, and simple tools. So we want to help you practice in modern Incident detection and Response.

During this workshop we allows our students to hack organization with a common architecture, infect hosts with ransomware and run few exploits to get privileged access, establish persistence and clean-up to cover our tracks.
Then we will let them hunt down for logs collected to SIEM. You will feel how it is to be a SOC Analyst, utilizing Splunk as SIEM tool, it's best tips and tricks, using open-source and commercial defense arsenal and trying to meet 30 min initial incident detection and response SLA. Also during next exercises, we will practice automation for Adaptive response and divide on red and blue team play more games to polish both - offense and defense techniques & tactics.

Speakers
OS

Oksana Safronova

UnderDefense
avatar for Nazar Tymoshyk

Nazar Tymoshyk

UnderDefense
DZ

Daniel Zhuravchak

UnderDefense