The SOC200 Workshop session is a hands-on SOC Analyst workshop where the speaker runs an automated cyber attack and uses a workshop ELKStack SIEM to detect and diagnose the first phase of the attack. Attendees are encouraged to connect to the SIEM and to become familiar with running searches. The presenter will then trigger second and third phases of the attack and attendees will attempt to diagnose the attack in order to identify the techniques used and the impact of the attack. The workshop uses the latest Kali Purple cyber defence platform with automated attacks developed using the Kali-Autopilot tool. To conclude the workshop, the presenter will demonstrate threat hunting using the Malcolm platform with Arkime and Zeek tools.
預備知識/工具: 1.自備電腦
注意事項:
議程語言:英文
Ian is a dedicated Content Developer and Cybersecurity Researcher at OffSec. Known for his skills in systems and network defense, he is deeply invested in amplifying the understanding of cybersecurity. Drawing upon his in-depth knowledge and research, he crafts educational materials that translate complex cybersecurity concepts into accessible and comprehensible content.