Cybersecurity Workshops Series

The goal of Threat Hunting is to discover and respond to threats that escape discovery by other means within the network.

A threat hunter uses a combination of analytical skills, domain knowledge, and creativity to investigate security alerts generated by various detection mechanisms, as well as data gathered from other sources (such as network traffic, firewall logs, and anti-virus reports).

By proactively searching for threats, rather than waiting for them to be detected, an organization can more quickly and effectively respond to attacks.

In this workshop you will learn:

• The basics of cyber threat hunting, including how to develop hypotheses, use the appropriate data sources, and select the right tools for the job.
• How to get started with cyber threat hunting
• The five stages of Cyber Threat Hunting (CTH)
• The three types of threats that should be hunted
• What data is needed for successful cyber threat hunting?
• The benefits of proactively hunting for cyber threats
• Tips for creating an effective cyber threat hunting program
• They will also get an introduction to some of the most popular open-source threat hunting tools.

Threat modeling is the process of identifying, quantifying, and prioritizing the security risks to a system or application. It is an essential part of secure software development and can be used to identify, assess, and mitigate threats throughout the software development lifecycle (SDLC).

In this workshop, students will learn about different threat modeling methodologies such as STRIDE and DREAD, and PASTA and how to apply them to the software development process. They will also learn how to create a threat model for a simple web application using the OWASP Threat Modeling Framework.

By the end of this workshop, you will learn the following:

• What is threat modeling and why it is important?
• The difference between static and dynamic threat modeling
• The importance of incorporating security throughout the SDLC
• How to apply different threat modeling methodologies to the software development process
• How to create a threat model for a simple web application.

This workshop provides a comprehensive introduction to the security concerns and best practices associated with cloud computing. It covers the major types of cloud services, the shared responsibility model, and the most common security threats. The workshop also covers the basics of data encryption, identity and access management, and network security.

By the end of this workshop, you will be able to:

• Describe the major types of cloud services and the shared responsibility model
• Identify the most common security threats associated with cloud computing
• Explain the basics of data encryption, identity and access management, and network security
• Apply best practices for securing data in the cloud.

A security assessment is an evaluation of an organization’s security posture. It can be used to identify vulnerabilities, assess risks, and recommend mitigations. A security audit is a more in-depth evaluation that is used to verify compliance with security policies and procedures. A penetration test (or “pentest”) is a simulated attack on a system to identify vulnerabilities that could be exploited by an attacker.

In this workshop, you will learn:

• About the several types of security assessments and how to conduct them.
• How to perform a security audit
• How to conduct a penetration test
• What are the differences between these three types of tests?
• How can they be used together to improve an organization’s security posture?

Data loss prevention (DLP) is a set of tools and best practices for preventing sensitive data from being leaked outside of an organization. DLP can be used to identify vulnerabilities, assess risks, and recommend mitigations.

In this workshop, you will learn:

• About several types of data loss prevention and how to conduct them
• How to identify sensitive data
• How to prevent sensitive data from being leaked
• What are some best practices for preventing data loss?
• They will also get a hands-on demonstration of data loss prevention tools and techniques.
• Apply best practices for preventing data loss.

Cyber security risk management is the process of identifying, assessing, and mitigating risks to an organization’s information assets. CSRM can be used to identify vulnerabilities, assess risks, and recommend mitigations.

In this workshop, you will learn:

• About several types of cyber security risk management and how to conduct them.
• How to identify risks to an organization’s information assets
• How to assess the impact of those risks
• How to mitigate those risks
• What are the several types of cyber security risk management?
• What are some best practices for managing risks?
• Apply best practices for managing risks.

Computer crime investigation and forensics is the process of identifying, investigating, and prosecuting crimes that involve computers or other digital devices. CCIF can be used to identify vulnerabilities, assess risks, and recommend mitigations.

In this workshop, you will learn:

• About several types of computer crime investigation and forensics and how to conduct them.
• How to investigate computer crimes
• How to collect and preserve evidence
• How to prosecute computer criminals
• What are some best practices for investigating and prosecuting computer crimes?

Ransomware resilience and incident response is the process of identifying, responding to, and recovering from ransomware attacks.

Ransomware is a huge threat to organisations today. Last year over $6.5 billion ransom was paid to Ransomware gangs all over the world. Everyone could be a victim. The question is will you be the next victim? How well do you understand Ransomware and be prepared for it?

In this workshop, you will learn:

• About several types of ransomware resilience and incident response and how to conduct them.
• How has ransomware been involved over the years
• How Ransomware Works
• What is human-operated ransomware (HumOR)?
• What are the entry points of Ransomware into your organisation?
• A good look at ransomware attack stages: Campaign, Infection, staging, scanning, encryption, and Payday.
• Who are behind these ransomware attack? A detailed look at two of the world’s most prolific ransomware groups.
• How to respond to ransomware attacks
• How to recover from ransomware attacks
• What are some best practices for responding to and recovering from ransomware attacks?
• Apply best practices for responding to and recovering from ransomware attacks.

Zero trust security is a security model that requires all users, devices, and applications to be verified and authenticated before accessing any resources. ZTS can be used to identify vulnerabilities, assess risks, and recommend mitigations.

In this workshop, you will learn:

• About the elements of zero-trust security
• A brief history of zero-trust security
• How zero trust security can be used to improve an organization’s security posture.
• What are the benefits of zero-trust security?
• The core principles of zero-trust security.
• How to implement zero-trust security in your organization.
• What are some best practices for implementing zero-trust security?

Practical cryptography is the application of cryptography to real-world problems. IPC can be used to solve problems such as data security, authentication, and privacy.

In this workshop, you will learn:

• The basics of cryptography
• How to apply cryptographic techniques to real-world problems
• How to use cryptography to accomplish the following goals:

• Confidentiality
• Encryption
• Data Integrity
• Authentication
• Non-repudiation
• Block chaining

• What are some common cryptographic algorithms?
• How to choose the right cryptographic algorithm for a given problem.
• What are some best practices for applying cryptography to real-world problems?
• Implementing Web security using Transport Layer Security (TLS)
• Apply best practices for using cryptography.

The Open Web Application Security Project (OWASP) is a worldwide not-for-profit organization focused on improving the security of software. OWASP’s mission is to make software security visible so that individuals and organizations can make informed decisions about true software security risks.

In this workshop, you will learn:

• About how to use OWASP standards, frameworks, and tools to build security into software.
• Apply best practices for using OWASP standards, frameworks, and tools.
• What are some common software security risks?
• How to mitigate software security risks.
• What are some best practices for mitigating software security risks?
• Learn about how to manage software security using OWASP frameworks and tools such as:

• OWASP Web Development Security Top 10

• OWASP Threat Modeling (Threat Dragon)
• OWASP Proactive Control
• OWASP API Security Project
• OWASP Application Verification Standard
• OWASP Web Security Testing Guide.