Technology Seminar Series
Presenting: Applied Purple Teaming
Applied Purple Teaming
You’ve heard this story before. Bad actor walks into a network and pillages the place in swift action. CIO asks: “Where did we go wrong?” SysAdmin replies “our password, remote access, workstation restriction, and lack of application safelisting policies. Oh, and our SIEM didn’t notify us. We just weren’t ready for that attack.”
In a significant change from the original course, students will be introduced to Microsoft Azure and Sentinel. Each student will be responsible for deploying a cloud lab that includes an Active Directory domain, a C2 server, and integration with AZ Sentinel’s detection platform. All of this will be taught through a proven framework for purple team operations that results in better business outcomes.
Students will be introduced to Microsoft Azure and Sentinel. Each student will be responsible for deploying a cloud lab that includes an Active Directory domain, a C2 server, and integration with AZ Sentinel’s detection platform. All of this will be taught through a proven framework for purple team operations that results in better business outcomes.
Participants will be able to take away the following skills at the completion of this course:
- Build a continuously improving IT security lifecycle of responsible network administration.
- Understand and implement “Best Practice” Security configurations for Windows and Active Directory.
- Utilize Modern red team and hacker tactics to audit security posture.
- Kill the LLMNR, NTLM, and SMB Relay attack sequence.
- Understand current frameworks in use by attackers, script kiddies, and nation-state actors.
- Understand business impact and residual risk in balancing security.
- Ability to demonstrate command and control infrastructures and relative defense mechanisms.
Prior to attending the course, students should have:
- Exposure to Active DirectoryAccess to an Azure Subscription for this lab environment. Signing up is free and includes a $200 credit for 30 days: (Create Your Azure Free Account Today | Microsoft Azure)
- Nominal Windows / Linux / Mac operating knowledge
- Important Laptop Requirements
What students will be provided with:
- Digital Copy of Book
- Best Practice guides, cheat sheets, and syntax cards
- 6 Months free access to Cyber Range
Join us after training on Wednesday to network with fellow classmates. Drinks and appetizers will be provided.
240 W Mill St, Greenfield
Meet the Instructors
Jordan was around for the inception of Napster and the explosion of P2P networks. This drove his fascination with network systems and led him toward a career in IT. Jordan’s first gig in the industry included supporting Latin American networking customers for Hewlett Packard’s network support division. After five years of support, Jordan became a wireless escalations team lead and multi-vendor certified problem solver. With kids in tow, Jordan headed back toward the Dakotas where he learned Citrix, VMware, VDI, supported Cisco gear, implemented profile management solutions, deployed remote networks at scale, and ensured performance across infrastructure. Before becoming a penetration tester, Jordan supported multiple (50+) domains as part of an MSSP’s rock star team. For the last five years, Jordan has been a penetration tester with the Black Hills InfoSec team.
Kent started his Information Technology career working for an Internet Service Provider supporting the MidWest’s broadband initiatives of the early 2000s. His interest in technology and business operations drove his career into working for multiple Fortune 500 companies and equipping their organizational leadership with business analytical data that would support their technology initiatives. With his continued interest in Business Operations, Kent completed his postgraduate education in Business Management. With an understanding of Information Technology, System Administration, Accounting, and Business Law, Kent has helped businesses leverage technology for competitive advantage while balancing the risks associated with today’s dynamic network environments. Kent has been with Black Hills Information Security for three years in security and administration roles
Attending the event? Please help us tailor the class by providing us with some additional information.