CSIRT WorkshopTrack
This technical workshop combines lectures and hands-on l sessions to equip participants with the skills necessary to design, and manage Incident response according to current best practices.
Workshop Highlights
Participants will gain practical knowledge in the following areas:
- Building your CSIRT through risk approach
- CSIRT Organizational Issues
- CSIRT Operational Issues
- CSIRT KPIs & maturity measurement using SIM 3 assessment
- CSIRT Management Tools
- Introduction to Threat Intelligence
Hands-On Experience
Participants will undertake excercises to write their CSIRT profile (RFC2350 ) and develop their incident management plan (IRP) gaining firsthand expertise on how to create a CSIRT. The workshop will also simulate a ransomware attack and how to use incident management tools such as RTIR (ticketing system) and MISP (information sharing) to manage and share lessons learnt from the incident handling process. Finally, the workshop will also provide a practical approach to making threat intelligence feed from Shadowserver actionable using an email scrapting tool.
These skills will help organisations enhance incident management and handling, and improve cybersecurity resilience of organizations, leading to improved cybersecurity experiences for end users.
Prerequisites
This workshop is tailored for individuals who:
1. have basic technical background about the Internet technology such as network, protocols, operating systems, server,programming, database and so on.
2. have basic understanding of information security and recent cyber threats.
3. are staff of CSIRTs and security teams seeking to establish their CSIRT.
Scalable Infrastructure
This technical workshop combines lectures and hands-on lab sessions to equip participants with the skills necessary to design, build, operate, and manage organisational network infrastructure according to current best practices.
Workshop Highlights
Participants will gain practical knowledge in the following areas:
- Core Organisational Infrastructure Design: Best practices for robust and scalable networks.
- Network Design Principles: Strategies for efficient and secure networks.
- Physical Infrastructure: Cabling types, installation, and standards.
- Switching: Concepts like spanning tree, VLANs, and Layer 2 best practices.
- Static Routing: Implementation and troubleshooting.
- IPv4 and IPv6: Deploying dual-stack infrastructure for seamless communication.
- Network Monitoring and Management Tools
- Network Deployment Automation and Dynamic Graph Creation
Hands-On Experience
Participants will configure and work with real router and switch environments, gaining firsthand technical expertise. The workshop also provides an excellent platform for networking and collaboration with other participants, fostering partnerships between institutions.
These skills will help organisations enhance network performance, security, and reliability, leading to improved daily Internet experiences for end users.
Prerequisites
This workshop is tailored for individuals who:
- Are proficient with router command-line interfaces (CLI).
- Have day-to-day experience managing operational networks.
Lab exercises will use Cisco IOS configuration syntax.
Lab Setup
