Cyber Resilience Bootcamp (Attack and Defend)

Friday, August 12, 2022 - 14:00 - 16:00 PDT
Saturday, August 13, 2022 - 10:00, 11:00, 13:00, and 16:00 PDT
Sunday, August 14, 2022 - 11:00 - 12:00 PDT


Presented by Ron Taylor

Is your team prepared for the next supply chain attack or the next zero day? Reality check! We are all under attack, every day and we will all eventually be compromised! For this reason, your origination needs to be Cyber Resilient. Cyber resilience refers to an organization's ability to identify, respond, and recover swiftly from an IT security incident. Building cyber resilience includes making a risk-focused plan that assumes the business will at some point face a breach or an attack.


This bootcamp is 90% hands on lab. So no death by powerpoint. You will be given remote access to your own individual lab environment running in Cisco dCloud. So, there is nothing you need to install on your machine. Please read on if you would like to learn more.

We have recently released the new Cyber Resilience Bootcamp 5.0 attack and defend training simulation within Cisco dCloud. This program has existed for over 7 years and continues to grow in capability and provide red/blue team training. . It has been run at many global security events including Cisco Live, DefCon, Grayhat, Texas Cyber Summit and Red Team Village, just to name a few. The Cyber Resilience Bootcamp utilizes the latest security defense tools including Cisco, IBM, Radware, Rapid7 and Splunk. From a Red team perspective, it provides hands on training on attack tools such as Kali Linux, Social Engineering Toolkit, Metasploit, Shodan, Armitage, Empire, Owasp ZAP, just to name a few. In this lab, you experience cyber security attacks in a virtualized enterprise lab environment where you play attacker and defender and learn, first-hand, why you need highly integrated security solutions and CyberOps skills. Please read on if you are ready to take on this challenge.


What you will learn:
How Environments get compromised
How Security breaches are detected
How to respond quickly and effectively


Topics Covered By Each Module
Note: Scenarios are designed as modules that can stand alone or flow as part of the user experience you want to create to explore the world of cyber protection.

Module 0: The Modern Security Threat
Overview and discussion of the latest threats in the wild and defenses
Module 1: Welcome to HackMDs (Required Lab Setup)
Detailed introduction to the attack/defend environment
Module 2: Targeted Reconnaissance
Discussion of how attackers work and how defenders must think like an attacker
Reconnaissance with Shodan, Masscan, NMAP and Vulnerability management with Rapid7 Nexpose
Module 3: Smash & Grab
Use Metasploit to compromise a vulnerable server/identify and defend against attack utilizing NGFW
Metasploit | Firepower
Module 4: The Ransomware Scenario
Utilize AMP/ThreatGrid/ESA to defend against Phishing attack that leads to Ransomware Infection
Ransomware | AMP
SecureX with AMP, ESA and Stealthwatch
Module 5: Insider Threats
Gain access to target network and utilize metasploit to pivot throughout the network compromising multiple systems along the way, then Detect and mitigate the APT like behavior on your network utilizing ISE and Stealthwatch
Insider lateral movement | Stealthwatch
Module 6: Compromised Hosts
Access network through compromised VPN node/Detect and remove compromised host from network utilizing ISE/NGFW
User malware | ISE, Fi

(c)2022, Red Team Village

Mobirise page maker - See here