Wykorzystanie MITRE ATT&CK i OWASP CRS w technologii decepcji - ATSUMMIT
Wykorzystanie MITRE ATT&CK i OWASP CRS w technologii decepcji / Usage of MITRE ATT&CK and OWASP CRS in deception technology*
There is a well-known asymmetry between attack and defense in the cyber security field: defenders need to be right 100% of the time, and attackers just need to be lucky once to succeed. We'll cover theory and practicality, configuration, red teaming, and advanced scenarios in just one session. During the webinar, attendees will discover the dynamic synergy between MITRE ATT&CK and OWASP CRS while attempting to attack the prepared decoys.
Agenda
- Introduction (10 min): we will start by diving into the theory part of what deception is and how it can be empowered with the MITRE ATT&CK matrix and OWASP CRS.
- Configuration (20 min): in this part, we will act as the blue team and configure Labyrinth. We also add integrations with other systems, including two-way integration with IBM Qradar.
- Break (5 min)
- Attacking the decoys - p1 (30 min): this is the part where we turn to red teaming. With our guidance, the audience will launch attacks on prepared targets and witness the results in real time and how they are mapped to the MITRE ATT&CK.
- Break (5 min)
- Attacking the decoys - p2 (40 min): this part will be fully dedicated to advanced cases for those who seek challenge. Among other cases, the audience will get an opportunity to conduct blackbox testing on web service decoy (Universal Web Point) and see the usage of OWASP CRS live.
- Q&A session (10 min)
Benefits for the participant
- Gain a deep understanding of how to use MITRE ATT&CK and OWASP CRS to enhance the effectiveness of deception technology.
- Learn how to design and deploy more effective deception scenarios.
- Discover new ways to improve detection and response to cyberattacks.
Workshop’s recipients: Who is the expert inviting to his workshop?
To participate in the webinar, you do not need years of professional experience, as it was designed to be insightful for people with any background, starting from cybersecurity enthusiasts and up to experts in their fields with an English level of Intermediate (B1) or higher.
From a technical perspective, all you need is a stable internet connection, a web browser, and an SSH client up and running. In addition, we advise having the latest release of Kali Linux to assist you during the hands-on part of the workshop.
Workshop’s recipients: Who is the expert inviting to his workshop?
It will be insightful for SOC analysts, Penetration Testers, Security Architects and everyone who is interested in cybersecurity defense.
Timebox
24.11 12.00 - 14.00 | 2 hours
Limit of participants
No limit
Location and formula
Online, Zoom platform
Speakers
Labyrinth
Labyrinth
* Warsztaty w języku angielskim. Organizator nie przewiduje tłumaczenia.