ABOUT WORKSHOP

In cooperation with the American company Cyber2 Labs we bring you an exclusive 3-day workshop with Wayne Burke.

The AI Azure Cloud Incident Response Skill Building workshop is designed to help you build on job skills for responding to various incidents. This outline ensures a comprehensive and hands-on approach to mastering Azure incident response over a structured three-day period. Each participant will get 30-day access to Azure labs.

The entire workshop is conducted in English. 

To participate in the workshop, it is essential that each participant brings their own laptop to work on the practical examples, and we recommend an extra monitor or tablet to work with the labs.



WHO IS THE WORKSHOP FOR

Cyber Security engineers / analysts

Network and system administrators

Drone, & Robotic Engineers & Developers

Drone Operators

Digital Forensics Investigators

Penetration Testers

Cloud computing personnel

Cloud project managers

Operations support looking for career advancement

WORKSHOP SCHEDULE

Introduction to Azure Security and Incident Response

09:00 - 12:30

Morning Session:
Foundations and Overview

  1. Welcome and Introduction
    • Overview of the workshop goals and agenda
    • Importance of incident response in cloud environments
  2. Azure Security Fundamentals
    • Introduction to Microsoft Defender for Cloud
    • Overview of Azure security architecture and key concepts
  3. Incident Response Basics
    • Incident response lifecycle: preparation, detection, analysis, containment, eradication, recovery, and post-incident activity
    • Key roles and responsibilities in incident response

13:30 - 17:00

Afternoon Session:
Tools and Preparation

  1. Azure Security Tools and Services
    • Deep dive into Microsoft Defender for Cloud, Microsoft Sentinel, and Azure Monitor
    • Configuring and managing security alerts
  2. Setting Up Your Incident Response Environment
    • Configuring a secure Azure environment for incident response
    • Setting up and utilizing Azure Log Analytics
  3. Practical Lab: Initial Setup
    • Hands-on lab: Configure Microsoft Defender for Cloud and Microsoft Sentinel
    • Setting up security policies and alert rules

09:00 - 12:30

Morning Session:
Advanced Detection Techniques

  1. Threat Detection in Azure
    • Understanding threat detection methodologies in Azure
    • Utilizing Microsoft Sentinel for threat detection
  2. Log Analysis and Monitoring
    • Collecting and analyzing logs from various Azure services
    • Using Kusto Query Language (KQL) for advanced log analysis
  3. Practical Lab: Detecting Incidents
    • Hands-on lab: Configuring log sources and setting up detection rules
    • Running KQL queries to identify potential incidents

13:30 - 17:00

Afternoon Session:
Incident Analysis and Investigation

  1. Incident Analysis Techniques
    • Investigating security alerts and incidents in Azure
    • Leveraging Microsoft Sentinel workbooks and playbooks for analysis
  2. Forensics in Azure
    • Introduction to cloud forensics
    • Capturing and analyzing evidence in Azure
  3. Practical Lab: Incident Investigation
    • Hands-on lab: Investigating a simulated incident
    • Performing root cause analysis and identifying the scope of the breach

09:00 - 12:30

Morning Session:
Containment and Eradication

  1. Containment Strategies
    • Techniques for containing incidents in Azure
    • Isolating affected resources and mitigating further impact
  2. Eradication Techniques
    • Removing malicious artifacts and backdoors
    • Ensuring the environment is clean and secure
  3. Practical Lab: Containment and Eradication
    • Hands-on lab: Containing a live incident
    • Eradicating malicious components from the environment

13:30 - 17:00

Afternoon Session:
Recovery and Post-Incident Activities

  1. Recovery Procedures
    • Restoring affected systems and services
    • Validating the integrity of restored systems
  2. Post-Incident Review
    • Conducting post-incident reviews and lessons learned sessions
    • Updating incident response plans and security controls based on findings
  3. Practical Lab: Recovery and Review
    • Hands-on lab: Recovering from an incident and validating the environment
    • Conducting a mock post-incident review and updating response strategies

Using Azure AI and other 3rd party tools

By integrating Azure AI and third-party tools into your Incident Response process, organizations can streamline operations, reduce manual effort, and improve overall security posture by responding faster and more effectively to cyber threats. This approach not only enhances security resilience but also frees up resources to focus on strategic initiatives and proactive threat mitigation.

Conclusion and Q&A

  1. Wrap-Up
    • Summary of key takeaways and skills acquired
    • Open floor for questions and discussion
  2. Feedback
    • Providing completion certificates
    • Gathering participant feedback for continuous improvement

Program subject to change.

Wayne Burke

WAYNE BURKE

Vice President & Co-Founder Cyber2 Labs

Wayne Burke is internationally recognized for his commitment and work experience, achievements and contributions to the IT and Cyber Security Industry. Currently specializing in many offensive and defensive AI technologies for Robotics such as Drones, building and managing new high-tech security tools, custom hardware solutions for Bio-Medical products, Digital Forensics, Penetration Testing, Mobile Security and radio frequency using specialized SDR's.

His experience in the public / defense sector is equally complemented by assignments undertaken for heavyweight world renowned corporations. Imminently qualified in his field in that he holds a string of professional qualifications in Networking to name a few (MCT, MCSE, Cisco, Network+) and Cyber Security (CPENT, CEH Master, ECSA, CPTS, LPT, CHFI, CTIA, CSA, Security+ and CCE) besides a bachelor’s degree in science.

Wayne and team have delivered Security assessments, Penetration Test assignments and customized training for International Corporations and many Government Agencies such as:

USA

  • EPA, FAA, DOJ, DOE, DOD, Air Force, Army, Navy, Marines, CIA, FBI, NSA and many more USA Gov bodies.

Europe

  • United Nations, NATO, Europol, MOD (Military of Defense UK) various EU Law Enforcement, Dutch Ministry of Defense, Ministry of Justice, local European Law Enforcement: UK, Ireland, Switzerland, Belgium, Holland, Denmark.

Asia

  • Singapore Gov, Philippines’ Presidential Office, the Undersecretary, and Cyber Crime Police Specialist Unit. Jakarta, Tax Investigations Office. Various Malaysian Gov agencies.

REGISTRATION

HackerFestWorkshop
  • 3 day workshop entry
  • 23.-25.9.2024
  •  
  • Registration: 8:30-9:00
  • Start: 9:00
  • End: 17:00
  •  
  • 15 000 Kč*

* the price shown is without VAT

  • 3 day workshop entry
  • 23.-25.9.2024
  • HackerFest2024 ONLINE
  • 26. 9. 2024
  • 16 500 Kč*

* the price shown is without VAT

  • 3 day workshop entry
  • 23.-25.9.2024
  • HackerFest2024 PRAHA
  • 26. 9. 2024
  • 17 700 Kč*

* the price shown is without VAT

VENUE

IRIS hotel Eden

Vladivostocká 1539, Vršovice, 100 00 Praha 10

How do you get to the workshop?

Bus

stop Slavia – Nádraží Eden - 135, 136, 150, 213

Tram

stop Slavia – Nádraží Eden – 2, 6, 7, 13, 16, 19, 22, 27

Car

Parking is available for a fee in the Eden shopping center. The entrance to the garages is from Vršovická Street or U Slavie Street. The first 2 hours of parking are free, each additional hour is charged at CZK 60.