Incident Response with Palo Alto Networks SecurityAttendees will engage in a comprehensive, hands-on experience designed to mirror real-world attack scenarios and defensive investigations. This training aims to provide participants with not only theoretical understanding but also practical skills essential for recognizing, responding to, and mitigating cyber threats. During those two days, attenders will work through various attack methodologies, simulating attack techniques used by cyber adversaries to infiltrate and compromise systems.https://clico.pl/trainings/templates/incident-response-with-palo-alto-networks-securityhttps://clico.pl/logo.png
Incident Response with Palo Alto Networks Security
Attendees will engage in a comprehensive, hands-on experience designed to mirror real-world attack scenarios and defensive investigations. This training aims to provide participants with not only theoretical understanding but also practical skills essential for recognizing, responding to, and mitigating cyber threats. During those two days, attenders will work through various attack methodologies, simulating attack techniques used by cyber adversaries to infiltrate and compromise systems.
Incident Response with Palo Alto Networks Security
CLICO
2
890,0
EUR
yes
no
Learning in a realistic Cyber Range environment.
Participants in the training exercise in a "Cyber Polygon" built on the model of a real IT system with elements that are most frequently attacked by cybercriminals, including AD and domain controllers, MS SQL Server, MS Exchange, MS CA, etc. The "Cyber Polygon" does not contain any invented "capture the flag" machines - only systems and vulnerabilities used in real cyberattacks.
Real cyberattack scenarios based on Threat Intelligence.
Incident Response training is conducted using realistic hacking scenarios, observed in real-world breaches. The scenarios practiced include full attack paths - from initial access and discovery, through privilege escalation, credential harvesting and lateral movement, to the takeover of domain controllers and other critical systems.
By using Palo Alto, participants will practice offensive security skills, while Palo Alto capabilities will empower them to analyze attack traces effectively, identify threats in real time, and execute live forensics. Through a series of exercises, attendees will develop a deeper insight into how attackers operate and how cutting-edge tools can be employed to detect, investigate, and respond to cyber incidents efficiently.
9:00-17:00
Introduction to Red Team and Hackers Pathway and different methodologies as CyberKillChain and MITRE
Practice Basic Offensive Skills - Part 1
Scenario - Active Directory Reconnaissance
Scenario - Network Reconnaissance
Scenario - Deploying a Web Shell to an Editable SMB Share on a Web Server, Executing Commands on a Windows System and Credential Dumping using Service Account and Webshell
Scenario: Password Spraying Attack on Local Admin Accounts
Analysis of Cyber Attack Traces Using Live Forensics Tools in Endpoint Detection and Response (EDR) and Next-Generation Firewall (NGFW)
9:00 - 17:00
Basic Offensive Skills Exercise in Cyber Range – Part 2
Scenario - Cracking Service Account Passwords in Windows Domain (Kerberoasting)
Exploiting SMB Vulnerabilities on Windows Servers – MS17-010 Eternal
Scenario - Credential Dumping from SAM Using Admin Password or NTLM Hash
Scenario - Credential Dumping from LSASS Using Admin Password or NTLM Hash
Analysis of Cyber Attack Traces Using Live Forensics Tools in Endpoint Detection and Response (EDR) and Next-Generation Firewall (NGFW)
