FREE DEMO
Workshop Types

Workshop Types

Description

The One-Day Workshop on IoT Security is a comprehensive and hands-on training event designed to equip participants with the knowledge and skills necessary to secure Internet of Things (IoT) devices and networks. In this workshop, participants will explore into the world of IoT and learn about the unique security challenges associated with connected devices

This workshop offers a blend of theoretical concepts and practical exercises to ensure a good learning experience. Participants will gain a solid understanding of IoT architecture, protocols, and communication frameworks, along with an awareness of the vulnerabilities and risks prevalent in IoT ecosystems. They will explore industry best practices and techniques to mitigate these risks effectively.

Through interactive demonstrations and hands-on exercises, participants can apply their knowledge and practice securing real-world IoT devices. This workshop is ideal for cybersecurity professionals, IoT developers, network administrators, and anyone interested in understanding and addressing the security challenges posed by the rapidly expanding world of IoT.

By the end of this workshop, participants will have gained the confidence and skills required to assess and enhance the security posture of IoT systems in their organizations. They will be equipped with practical tools and techniques to protect against unauthorized access, data breaches, and other security incidents.

Topics to be covered

  • Overview of IoT security challenges
  • Tools and technologies used in IoT security.
  • Introduction to Offensive and defensive Operations .
  • Penetration testing methodology
  • Techniques for exploiting IoT vulnerabilities.
  • Threat intelligence and monitoring
  • Incident response planning

Practical

  • Setting up and configuring an IoT device
  • Identifying vulnerabilities in an IoT device
  • Conducting a penetration test on an IoT device
  • Analysing network traffic for suspicious activity

Prerequisite

  • Knowledge in Internet of Things and Cyber security
  • Programming Skill – Python / C / C++/Java
  • Information Managers
  • Fundamentals of Linux OS
  • Laptop with Kali Linux installed.

Time Schedule

  • 09.30AM – 10.00AM : Inauguration

  • 10.00AM – 11.15AM : Session 1 - Introduction & Security Challenges in IoT

  • 11.15AM – 11.30AM : Tea Break

  • 11.30AM – 01.00PM : Session 2 – IoT Attacks & Exploits

  • 01.00PM – 02.00PM : Lunch

  • 02.00PM – 03.30PM : Session 3 – Practical - Vulnerability Assessment & Penetration Testing (VAPT)

  • 03.30PM – 03.45PM : Tea Break

  • 03.45PM – 05.00PM : Session 4 – Practical - IoT Device Security

Date: 7 September 2023

 

Red Team – Recon, Exploitation, Post exploitation, Breach Attack Simulation Red Team: A group authorized and organized to emulate a potential adversary’s attack against an enterprise’s security posture. The Red Team is a group that pretends to be an enemy, attempts a physical or digital intrusion, then reports back to the organization so that the organization can improve their defenses.

Why Red Team? The Red Team’s objective is to improve enterprise cybersecurity by demonstrating the impacts of successful attacks and by demonstrating what works for the defenders (i.e., the Blue Team) in an operational environment. Also known as Cyber Red Team.

Part 1: 3 hours

  • Recon – tools including OSINT for recon
  • Vulnerability Assessment
    • How to assess for large internal network
  • Exploitation
  • Post exploitation

Part 2: 3 hours

Breach Attack Simulation - network devices and security controls

Breach Attack Simulation: a type of advanced computer security testing method that aims to identify different vulnerabilities in security environments by simulating the attack paths and techniques likely to be used by malicious actors.

The simulation involves the process of safely attempting threat activities (tactics, techniques, and procedures) in production environments to validate security control effectiveness.

  • How to simulate network event
  • Can we create a botnet activity simulation at night 3am and see how your devices and team respond
  • How end point responds to breach attack simulation

Laptop – Intel i5, 8GB RAM, 100 GB free space

Session will be mixed – Part 1 & 2 (3 hours each)

Theory is limited. Session will involve more installation and practice activities Basic requirements – Laptop, etc. Hands on experience with Linux command, windows.

Objective

To provide delegates with an in-depth understanding of the Deep Web, Dark Web, and the fundamentals of threat hunting, followed by a hands-on workshop where they can apply their newly acquired knowledge to real-world scenarios.

The workshop involves leveraging the practical experience of participants in analyzing the day-to-day

About the Workshop

The fast-paced advancements in technology have exposed organizations to vast, uncharted areas of the inter- net - the Deep Web and the Dark Web. While these internet sections bring forth new opportunities, they also present unique cybersecurity and data protection challenges.

The Deep Web, Dark Web, and Threat Hunting Workshop provide participants the tools to navigate these spaces safely and effectively. The workshop focuses on understanding these environments, assessing poten- tial threats, and applying proactive risk mitigation strategies.

As data breaches and cyber threats become more frequent and sophisticated, being able to identify and re spond to these threats is not only crucial for regulatory compliance but also for protecting the integrity and reputation of an organization. This workshop aims to equip professionals with the skills and knowledge needed to stay ahead of potential cyber threats in these complex digital environments.

Who should attend?

Professionals looking to expand their knowledge of the Deep Web, Dark Web, and threat-hunting strategies, or those with a role in cybersecurity and need to comprehend these less-explored realms of the internet will significantly benefit from this workshop.

Those with limited knowledge in Deep Web, Dark Web, and threat hunting but with the ambition to become cybersecurity experts or threat hunters, will find the workshop particularly useful. The same goes for those who have some foundational knowledge and wish to delve deeper.

Individuals who need to understand their responsibilities in securing digital environments from various de partments that handle sensitive data and information - including legal, risk and compliance, IT services, mar keting, financial and accounting, and human resources - will gain critical insights from this workshop.

Suggested job roles and their teams include:

  • Cybersecurity professionals
  • Threat intelligence analysts
  • IT and network security professionals
  • Corporate governance professionals
  • Risk and compliance professionals
  • Human Resource teams dealing with sensitive data
  • Internal legal teams dealing with cyber laws and regulations
  • Digital forensic teams
  • Incident response teams
  • Teams handling sensitive online data and records

Workshop agenda and schedule:

9:30 AM – 10:00 AM: Introduction and Opening Remarks

  • Welcome and Workshop Overview
  • Definition of Key terms: Deep web, Surface Web, Dark Web

10:00 AM – 10:45 AM: Understanding the Deep Web

  • What is the Deep Web?
  • Legitimate uses and challenges in accessing and navigating the Deep Web
  • .Deep Web security concerns and mitigation strategies

10:45 AM – 11:00 AM: Networking Break

11:00 AM – 12:30 PM: Understanding the Dark Web

  • What is the Dark Web?
  • How to access the Dark Web
  • Cybersecurity implications of the Dark Web

12:30 PM – 1:30 PM: Lunch break

1:30 PM – 2:15 PM: Introduction to Threat Hunting

  • What is Threat Hunting and why is it important?
  • Proactive vs. reactive approaches to cybersecurity
  • The Threat Hunting process: Hypothesis generation, data collection and analysis, TTPs identification, and remediation

2:15 PM – 3:15 PM: Practical and Group Session: Navigating the Deep Web and Dark Web (Hands on)

  • What is Threat Hunting and why is it important?
  • Accessing and exploring the Deep and Dark Web safely and responsibly

3:15 PM – 3:30 PM: Networking break

3:30 PM – 4:15 PM: Practical and Group Session: Threat Hunting (Hands-on)

  • Conducting threat hunting exercises using real-world scenarios
  • Analysing network traffic and log data
  • Identifying and tracking adversaries
  • Developing and implementing remediation strategies
  • Exposure to Cyber Threat Intelligence
  • Basic understanding of FAIR Model and its components

4:15 PM – 4:45 PM: Threat Hunting Tools and Techniques

  • Overview of tools and techniques used in threat hunting
  • Practical examples of using Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), and Threat Intelligence Platforms

4:45 PM – 5:00 PM: Closing Remarks and Vote of Thanks

Note : This schedule is indicative and there might be changes due the hands-on sessions