In the unique training concept, typical IT attacks are simulated in “real” corporate networks. It is the goal of the CYBER DEFENCE SIMULATION TRAINING to create a deep understanding of how attacks on corporate networks work:
- Understand the underlying technical principles of common attacks.
- Learn how to “think like an attacker” in regard to corporate network security.
- Understand the limits of common security products, such as antivirus solutions.
- Prioritize hardening measures correctly.
Attacks against corporate IT infrastructures are simulated in a classical “Red Team vs. Blue Team” approach:
- Red Team – The attacker site The Red Team is represented by experienced SEC Consult trainers.
- Blue Team – The defender site The participants of the training are on the defender side. After a thorough theoretical introduction, the participants learn to, detect, analyze, stop and prevent attacks in various isolated training exercises.
Every participant receives access to their own simulated corporate IT infrastructure. Various common IT products are deployed in that IT infrastructure:
- Windows domain infrastructure with various clients
- Windows and Linux server systems
- Antivirus solutions
- Web Application Firewalls (WAF)
- IT Monitoring and SIEM solutions.
- Attacker Kill Chain : Reconnaissance and the limitations of security tools
- Attacker Kill Chain : Initial Compromise through web based attacks.
- Attacker Kill Chain : Establish foothold and escalate privileges on web based systems
- Attacker Kill Chain : Initial compromise by (spear)-phishing attacks
- Attacker Kill Chain : Establish foothold and escalate privileges on Windows domain based systems
- Attacker Kill Chain : Complete Mission (Steal “Crown Jewels”)
Fruther details in the SecTower brochure.