Cyber attacks today are an inevitable threat modern organizations must face. How an organization detects, labels, responds, and remediates existing decifiencies in their cyber defense while also effectively utilizing their limited resources has become a necessary skill for infosec management teams for all organizations. One method that has helped alleviate this issue for infosec management teams has been the Cyber Defense Matrix (CDM), a well-known security model from recent years, and combining it with the use of various infosec frameworks.
Our course will focus on the concept of CDM, how to successfully supplement it via other infosec frameworks, and the analysis of cyber attack methods in terms of defense. Participants will learn how to think like and defend themselves from threat actors by learning how to properly analyze an attack, succesfully construct an attack storyline, understand each step of the attack from the attacker’s perspective, and, finally, how to properly defende themselves at each phase of the attack.
At the end of the course, participants will experience the latest in infosec edutech—an interactive CDM game. Through the game, participants will gain a deeper understanding of CDM concepts, common offensive and defensive techniques, how to successfully build an effective modern defense against today’s threats. This course will help participants evolve into valuable and effective information security personnel and prepare them for the inevitable frontline experience against a modern threat.
Participants will gain a deeper understanding behind the logic of cyber security methodologies and strategies through a detailed analysis of common adversarial attack techniques. Participants will gain valuable experience in how to look beyond the individual alerts and see the larger attack storyline unfolding in front of them.
1. Introduction to Cyber Security Models & Frameworks (CDM, NIST, CSF, ATT&CK)
2. How to use CDM to Analyze Attack Techniques
3. InfoSec Management / Combining CDM & Defense Methods
4. CDM Cyber Security Game Tournament
IT-related work experience and basic understanding of red team attack techniques
Shang-De Jiang is a member of the Research Team of CyCraft and UCCU Hacker.
He has presented technical presentations in non-academic technical conferences, such as HITCON, Black Hat USA, CodeBlue and HITB.
Currently, he focuses on research about Incident Response and Intranet Security.
Dange Lin (Tien-Chih Lin) is a cyber security researcher at CyCraft. He earned his master’s degree in Computer and Communication Engineering from National Cheng Kung University (NCKU). Currently, he focuses on threat intelligence, machine learning, incident response, and APT research. He has been the speaker in various training for students and presented technical presentations in technical conferences, such as Taiwan Incident Response Conference and European Conference on Cyber Warfare and Security.