(Free Workshop)
Learn Purple Teaming With Adversary Emulation
© Copyright CISO Platform
By Sachin Deodhar - ex-CTO, Government Of India
8:30 to 9:00 AM
Registration
9:00 to 11:00 AM
(1 Day Workshop) : Artificial Intelligence & Machine Learning
Introduction to Machine Learning - demystifying reality from hype and alphabet soup. This will include:
a. taxonomy of machine learning
b. model
c. algorithms
d. brief introduction to ML mathematics
e. data
f. architecture
g. methodologies,
h. measurement
i. deployment
11:00 to 11:30 AM
Break
11:30 to 1:00 PM
(1 Day Workshop) : Artificial Intelligence & Machine Learning
Description of the project
a. problem statement
b. expected outcome
c. data description and analysis
d. challenges
e. design model
f. algorithm selecction
g. technology selection
h. report design
CALL FOR SPEAKERS
SACON 4th edition - International Conference on Security Architecture. Here are some points to keep in mind while submitting the form:
- We are looking for highly technical talks (demonstrations,code-level examples..etc are always welcome)
- The CXO track can have some high level strategic talks which can include Real Case Studies
Submit asap. Submission may close if enough good papers are received
Who Should Attend: CISO, CRO, CIO, Information Security Experts, IT Risk Professionals, Appsec Professionals ....
AGENDA AT A GLANCE
Don't Forget The Deadline For Submission Is 30th June
Overview of AI & Machine Learning for CISOs and how they're impacting the security landscape
Summary of Top Talks from prominent security conferences like RSAC, BlackHat, Defcon etc.
Overview of Deception Technology, Architecture & Key Components, Deployment Guidelines
Designing Multiple layers of Security Architecture, from Business Architecture to Technical Security Architecture
AI & Machine Learning for CISOs
Top talks from global conferences
Deception
Cybersecurity Reference Architecture Design
Understanding Business / Management
& Communicating with the Board
Understanding key management concepts so that you can align your security program with business priorities & Creating a reference board presentation template which you can use for 2018
Managing insider threats using behavioural analytics
Insider Threats
Security Threats Landscape for 2017
Evolution of Security Threats landscape & top 10 threats that were new in 2017
Top 10 Security Predictions for 2018
Based on our research, we'll be presenting top 10 predictions for 2018 for you to consider when making your plans
SOC
Reference architecture and overview of key components of a SOC, e.g.: SIEM, Honeypots, Data Sources, Integrations, Threat Intelligence, EDR, Forensics Tools etc.
IR - Incident Response
Building a framework & processes for managing cybersecurity incidents
Security Architecture Workshop
Designing Multiple layers of Security Architecture, from Business Architecture to Technical Security Architecture
Cyber Range Drills
Wargame on responding to various types of security incidents at a strategic and operational level
Threat Hunting
Here we'll discuss the Key Components, Tool Set, Learning "Hunter" Skills and a Case Study
Cloud Security
Overview of Amazon’s approach to cybersecurity
AppSec
Creating a scenario of an organization and then use controls from OpenSAMM and BSIMM to choose the right elements of the AppSec program
Security Tech Landscape
Overview of new & emerging security technologies in the market and how the security tech landscape is shaping up
Overview of the IoT technology architecture and modelling threats & controls against different components (e.g.: Gateway)
Forensics
Workshop on how to do a comprehensive forensics examination post an incident, at endpoint & network level
SecDevOps
Leveraging the opportunity provided by DevOps to embed & automate security in the CI/CD processes
Startup Security
Startup Security Stack: Using 80-20 rule to build effective security strategy for a startup
Who Should Attend: CISO, CRO, Information Security Experts, IT Risk Professionals, Appsec Professionals ....
AGENDA AT A GLANCE
IOT
SOC
Reference architecture and overview of key components of a SOC, e.g.: SIEM, Honeypots, Data Sources, Integrations, Threat Intelligence, EDR, Forensics Tools etc.
IR - Incident Response
Building a framework & processes for managing cybersecurity incidents
Security Architecture Workshop
Designing Multiple layers of Security Architecture, from Business Architecture to Technical Security Architecture
Cyber Range Drills
Wargame on responding to various types of security incidents at a strategic and operational level
AGENDA AT A GLANCE
Who Should Attend: CISO, CRO, CIO, Information Security Experts, IT Risk Professionals, Appsec Professionals ....
Threat Hunting
Here we'll discuss the Key Components, Tool Set, Learning "Hunter" Skills and a Case Study
Cloud Security
Overview of Amazon’s approach to cybersecurity
AppSec
Creating a scenario of an organization and then use controls from OpenSAMM and BSIMM to choose the right elements of the AppSec program
Security Tech Landscape
Overview of new & emerging security technologies in the market and how the security tech landscape is shaping up
Forensics
Workshop on how to do a comprehensive forensics examination post an incident, at endpoint & network level
SecDevOps
Leveraging the opportunity provided by DevOps to embed & automate security in the CI/CD processes
Startup Security
Startup Security Stack: Using 80-20 rule to build effective security strategy for a startup
AI & Machine Learning for CISOs
Overview of AI & Machine Learning for CISOs and how they're impacting the security landscape
Top talks from global conferences
Summary of Top Talks from prominent security conferences like RSAC, BlackHat, Defcon etc.
Deception
Overview of Deception Technology, Architecture & Key Components, Deployment Guidelines
Cybersecurity Reference Architecture Design
Designing Multiple layers of Security Architecture, from Business Architecture to Technical Security Architecture
IOT
Overview of the IoT technology architecture and modelling threats & controls against different components (e.g.: Gateway)
Insider Threats
Managing insider threats using behavioural analytics
Security Threats Landscape for 2017
Evolution of Security Threats landscape & top 10 threats that were new in 2017
Top 10 Security Predictions for 2018
Based on our research, we'll be presenting top 10 predictions for 2018 for you to consider when making your plans
Understanding Business / Management
& Communicating with the Board
Understanding key management concepts so that you can align your security program with business priorities & Creating a reference board presentation template which you can use for 2018
Do You Have An Interesting Security Technology To Showcase?
TECHNOLOGY DEMO ZONE
TECHNOLOGY DEMO ZONE
Do You Have An Interesting Security Technology To Showcase?
Discount Periods | Time | Price* |
Early Bird Discount | 12th Apr to 26th Apr | INR 6,500 |
Regular Price | 27th Apr to 9th May | INR 10,000 |
Late Price | 10th May onwards | INR 15,000 |
*Special Discount May Be Available For Pre-Registrants & Past Event Attendees (Email invite only). All Prices exclusive of taxes
IMMUTABLE ARCHITECTURE WORKSHOP
Speaker : Nilanjan De
About Speaker : Currently CTO at FireCompass. He has multiple patents in IT Security and has discovered multiple well known Zero Day vulnerabilities which are listed in CVE. He’s an alumnus of IIT Kharagpur. He’s well-known in the security community and has published several exploits and advisories for the first time in the world
Agenda :
1. Immutable Infrastructure - Fundamentals, Immutable Servers, Semi-Immutable Servers, Phoenix Servers etc.
2. Advantages & Drawbacks Of Immutable Infrastructure
3. How To Implement ? Immutable Containers
4. Demo. Tools & Technologies
5. Serverless Architecture
1:00 to 2:00 PM
Lunch
2:00 to 4:30 PM
(1 Day Workshop) : Artificial Intelligence & Machine Learning
-Setup environment, create low level design, coding
4:30 to 5:00 PM
Break
5:00 to 5:30 PM
(1 Day Workshop) : Artificial Intelligence & Machine Learning
-Run training, test, measure result, create visual presentation of result, any other discussion
Day 1 : 18th May
Day 2 : 19th May
9:00 to 11:00 AM
(1 Day Workshop) : Exploring Darkweb For Threat Intelligence
-Introduction - Learn and understand the difference between Clearnet and Darknet. Darknet, Deepweb , Darkweb - what they mean.
-Operational security before entering the darker side of internet
11:00 to 11:30 AM
Break
11:30 to 1:00 PM
(1 Day Workshop) : Exploring Darkweb For Threat Intelligence
-Understand Darknet entry points
-Setting and configuring the Darknet Entry Points (Tor, Zeronet etc)
-Tor Hidden Services; Using Tor Web Proxies
1:00 to 2:00 PM
Lunch
2:00 to 4:30 PM
(1 Day Workshop) : Exploring Darkweb For Threat Intelligence
-Darknet /Deepweb Search Engines
-Exploring the Darknet – Darknet Economies (Cyber Crime Markets, Drug and Arms Markets, Counterfeit and Fake Currency Markets,Terrorist and Jihadist Presence)
-Utilizing Darknet as definitive source for Threat Intelligence
9.
-Q&A
(Note : Agenda may undergo changes under unavoidable circumstances)
-Vijaykumar Reddy, L&T Infotech
Share in FB/LinkedIn & Get Guaranteed Free Access
AGENDA (1/2 Day Workshop)
Adversary emulation involves leveraging your Red Teams to use real world adversary tactics, techniques and procedures (TTPs), alongside attack frameworks such as MITRE ATT&CK to:
- Identify control gaps (and weaknesses)
- Validate your monitoring, detection and response capabilities
- Prioritising your security investments towards mitigating any shortcoming that may be observed using this approach.
It also addresses two very fundamental questions when you are inundated with cyber threat “intelligence” from a myriad of sources:
- First, does what is described in this threat intelligence apply to my Organization?
- And second, what must I do to address the associated cyber risks?
Building an Adversary Emulation Program Program is not as intimidating as it might first appear. In fact Organizations such as MITRE have developed a very robust framework and provides a consistent language to talk about the attack path in terms of adversary TTPs and map an APT threat actor/group's TTPs to this framework. The TTPs identified are then mapped to mitigations and countermeasures within the contours of the framework, thus completing the attack-defend loop in the Purple Teaming paradigm.
The program thus provides an actionable approach to guide and assist the Organization’s journey towards greater resilience and survivability against such relevant and advanced cyber threats.
DETAILED AGENDA :
In this workshop I will take you through:
- Understanding the MITRE ATT&CK framework and related tools
- Developing an adversary emulation plan for a real world APT group
- Understanding how the Organization’s Red Team can operationalize this plan to identify areas of improvement in relation to the Organization's monitoring, detection and response capabilities
- Exposure to other Adversary Emulation techniques and tools
WHO SHOULD ATTEND ?
- CISOs and CROs that wish to understand the strategic objectives of an Adversary Emulation Program
- SOC and Incident Response Managers that want to understand how an Adversary Emulation Program can be operationalized to enhance the Organization's response to a cyber threat and optimally utilizing the cyber threat intelligence available.
- Tactical Red Team and SOC/IR responders who wish to understand how to use the framework to deliver necessary value to their respective teams.
ATTENDEE REQUIREMENTS :
Laptop with admin privilege of 4 GB ram and 20 GB free space
Security Speaker
About Speaker :
20+ years’ experience working in pure play cyber security discipline with global consulting firms, for government and private sector clients in the UK, EU, United States, Middle East, South East, and South Asia.
Areas of expertise and work includes cyber forensics, malware analysis & research, threat intelligence, incident response, threat hunting, red teaming / penetration testing, and design/ development of security solutions.
1000+ Organizations Attended SACON
Sachin Deodhar
ex-CTO, Government Of India
Limited passes for the keynote session is available. Sign up fast and book your seat. The detailed agenda as above.