Shang-De Jiang is a member of the Research Team of CyCraft and UCCU Hacker.
He has presented technical presentations in non-academic technical conferences, such as HITCON, Black Hat USA, CodeBlue and HITB.
Currently, he focuses on research about Incident Response and Intranet Security.
Cybercriminals know the Active Directory better than you, didn’t you know? Not anymore. We will discuss how the AD works, why it’s so vulnerable, how cybercriminals penetrate its defenses so often, provide actionable insight on creating effective AD defense practices and policies, and how to best maintain and further expand your knowledge of both active and emerging threats to your Active Directory.
Cyber attacks today are an inevitable threat modern organizations must face. How an organization detects, labels, responds, and remediates existing decifiencies in their cyber defense while also effectively utilizing their limited resources has become a necessary skill for infosec management teams for all organizations. One method that has helped alleviate this issue for infosec management teams has been the Cyber Defense Matrix (CDM), a well-known security model from recent years, and combining it with the use of various infosec frameworks.
Our course will focus on the concept of CDM, how to successfully supplement it via other infosec frameworks, and the analysis of cyber attack methods in terms of defense. Participants will learn how to think like and defend themselves from threat actors by learning how to properly analyze an attack, succesfully construct an attack storyline, understand each step of the attack from the attacker’s perspective, and, finally, how to properly defende themselves at each phase of the attack.
At the end of the course, participants will experience the latest in infosec edutech—an interactive CDM game. Through the game, participants will gain a deeper understanding of CDM concepts, common offensive and defensive techniques, how to successfully build an effective modern defense against today’s threats. This course will help participants evolve into valuable and effective information security personnel and prepare them for the inevitable frontline experience against a modern threat.