BEGIN:VCALENDAR
VERSION:2.0
PRODID:jquery.icalendar
BEGIN:VEVENT
ORGANIZER:MAILTO:info@circlecitycon.com
TITLE:Less Money More Lab:  Build a Shared Security Lab With Your Friends
DTSTART:20210612T140000Z
DTEND:20210612T220000Z
SUMMARY:Less Money More Lab:  Build a Shared Security Lab With Your Friends
DESCRIPTION:Have you ever seen security researchers share amazing details about threat actor TTPs and infrastructure, and wondered how they got that information? Have you ever tried to build a home lab, but found you were priced out of buying enough computers or hosting enough virtual machines to make much of a realistic environment? Have you wished that you could share the cost of a really cool lab with others and inspire each other to try new and cool research projects? This training will not only show you how to build a distributed lab that you can share with your friends, but we’ll actually set one up together that can live on after the class is done, as long as people want to keep supporting it. On this lab, red teamers can test their exploitation skills in a real AD, blue teamers can develop new detections and test out threat hunting hypotheses, and both teams can learn from each other as they improve attacks and defenses. Important prerequisite: to participate in this class, you must have at least one computer, physical or virtual, with a valid Windows 10 Pro (or Windows 7 Pro) license that you can join to a domain and dedicate to a lab environment where active attacks take place. You may also have a Linux machine or VM with Metasploit free installed if you want to do the attacking (optional). You must also create a free account with Microsoft that you can use to log into portal.azure.com. There are no costs to go through the training, but if you want to continue using the lab long-term, you’ll be asked to contribute to a common pool of funds to pay for the costs to operate the servers and infrastructure (should be about $5-$10 a month per person). What you will learn: Wireguard VPN configuration, Joining an AD domain and creating fake resources, Setting up and configuring Sysmon, Shipping logs to Azure Sentinel, Threat Hunting with KQL queries, Writing custom alerts, Integrating alerts into Microsoft Teams, Building network detections with Suricata, Attack basics with Metasploit & PowerShell Empire, Basics of Threat Hunting
LOCATION:Discord
END:VEVENT
END:VCALENDAR