Workshop 8 - Cyber Threat Intelligence (CTI) Training Series – Advanced Course (Applied Intelligence)
|Speakers:||Ms. Anett Mádi-Nátor and Mr. Ferenc Frész||
|HKPC Building, 78 Tat Chee Avenue, Kowloon, Hong Kong|
|Date:||8 - 10 Jan 2020 (3 days)||
|09:00 - 17:00|
||HK$9,600 (Early Bird: HK$9,000)|
|Member Fee for Organiser/Supporting Organisation||HK$9,000 (Early Bird: HK$9,000)|
Medium of Instruction
Nature & Objectives
The CTI Advanced course enables participants to understand, analyse, and process actionable information, and to produce basic threat intelligence reports for internal use. The course also equip participants with hands-on incident handling skills to counter basic cyber threats.
Participants who successfully complete the full series of courses (Foundation & Advanced levels) are equipped with skillset to design, utilise and maintain an internal Cyber Threat Intelligence system with reasonable budget, by using both open source and commercial tools!
The Advanced Training provides higher-level, more detailed and content-rich with plenty of hands-on exercises! Participants can learn how to identify key collection sources of threat information, structure the data to be exploited for internal and external sharing, gain insights into log analysis, intrusion detection, malware analysis, multiple kill chains, hypothesis and attribution, information sharing, and much more.
Day 1 (8-Jan-2020)
- What sources could be used for Cyber Threat Intelligence (CTI)?
- The external information sources (Free & Paid)
- Exploit information through different domains, external datasets, TLS/SSL certificates, and more
- Understand the usage of strategic and operational CTIs through case studies
- Hands-on: How CTI could be leveraged in your organisation?
- Correlation between strategic, operational and tactical CTIs
- Tactical and technical intelligence and their outcomes (IoCs)
- Hands-on: Identify incident and threat actors, and matching them to IoCs
- How to generate, understand and correlate campaigns
Day 2 (9-Jan-2020)
- The internal information sources
- Uses open source tools for basic log analysis, computer & network forensics, malware analysis, and convert them as internal CTI feeds
- Hands-on: Collect and analyse different logs
- Malware information collection & intrusion detection
- Hands-on: Malware analysis by using open source tools
- Introduction of computer and network forensics
- Hands-on: How to complete a basic level forensics
- The 10-Step approach for Kill Chain analysis
- Hands-on: Kill Chain analysis & multiple Kill Chains in simultaneous intrusion
Day 3 (10-Jan-2020)
- RED Teaming – Understand your adversary
- Attribution – based on types, pitfalls, groups, and campaigns
- Geopolitical motivations vs. Cybercrimes
- CTI reports preparation in “human-friendly” way
- Hands-on: Best practice to prepare and present your findings based on the available CTI information on a chosen incident or threat actor
- Overviews of different intelligence sharing platforms (STIX, TAXII, OASIS, MISP) and introduction to MISP
- Hands-on: Using MISP to verify and match CTI case studies with IoCs
- Set up your internal CTI/Applied Intelligence team within your budget
Who Should Attend
- Data & Security Analyst
- Information Security Engineers
- IT & Information Security Experts
- Incident Handling Experts
- Law Enforcement Personnel
- Technical Team Leads
- Information Assurance Manager
- Strategic Decision Makers
- Chief Information Security Officers
REMARK: Candidate is required to sit for an online exam for registering the Advanced training only.
Ms. Anett Mádi-Nátor
Vice President, Strategic Business Development, International Operations
Cyber Services Plc
Anett Mádi-Nátor has more than a decade of experience in strategic and administrative layers of information security and cyber defense both as a private sector subject matter expert and as a government representative.
Her recent appointments include Hungarian MilCIRC Head of Coordination, Administrative Head of Hungarian government cyber security centre (Cyber Defence Management Authority within the National Security Authority), NATO Cyber Coalition Exercises Core Strategic and Administrative Planner, and Lead to NATO Cyber Defence Capability Team.
Up to the summer of 2015 Anett was the appointed primary policy and administrative contact point for Hungary in the Memorandum of Understanding in Cyber Defence between NATO and Hungary. Anett received a ministerial award for excelling public service in 2013.
Mr. Ferenc Frész
Cyber Services Plc
Ferenc Frész has gained 2 decades of experience in ethical hacking, IT and information security, also leading approximately 1,500 successfully completed international and domestic IT and information security projects, mainly related to critical information infrastructure protection.
Ferenc, as the former head of the Hungarian government cyber security centre (Cyber Defence Management Authority within the National Security Authority, Ministry of Justice and Public Administration), was the iconic figure of the creation of the national information security law in 2013. He was the most important national cyber representative in numerous NATO and EU cyber defense projects and procedures, as well as being a Core Technical Planner of NATO Cyber Coalition Exercises. In 2015, Ferenc was appointed the primary technical contact point for Hungary in the Memorandum of Understanding in Cyber Defence between NATO and Hungary. Ferenc received a ministerial award for excelling public service in 2012.
Before his remarkable public service as the Strategic Lead of the most significant private IT company in Hungary, Ferenc was responsible for Information Management and Business Intelligence business development. Prior to becoming the Head of IT at Budapest Airport, Hungary participated in the establishment of the IT infrastructure of HungaroControl Public Limited, the National ANSP (air traffic service provider) of Hungary.