Join us for Hands-On Purple Team Workshops.
In our hands-on workshops you will play the role of Cyber Threat Intelligence, the red team, and the blue team. We have set up an isolated environment for each attendee to go through a Purple Team Exercise.
Title: Intermediate Purple Team Workshop - Detection Engineering
Date: Friday, Jan 21st
Time 1:00 - 4:00 PM ET
- Consume Cyber Threat Intelligence from a known adversary
- Extract adversary behaviors/TTPs
- Play the Red Team by creating adversary emulation plans
- Emulate the adversary in a small environment consisting of a domain controller and member server
- Play the Blue Team and look for Indicators of Compromise
- Use Wireshark to identify heartbeat and jitter
- Enable Sysmon configurations to detect adversary behavior
- All mapped to MITRE ATT&CK
- Have FUN!
What do you need?
All you need is a web browser on a workstation/laptop (no iPads, sorry).
If you want to come better prepared, download and read the free Purple Team Exercise Framework (PTEF): https://scythe.io/ptef
How will it work?
We are using VMware learning platform to give everyone their own isolated environment. This means we need your real email upon registration so we can provision your environment before the start of the workshop.
*ATTENTION* Sign up with your REAL email