Defence & Cyber Deception – 4 day course with John Strand
Active Defences have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. At Antisyphon Training they believe the answer is somewhere in between.
In this course I learned how to force an attacker to take more moves to attack your network. These moves increase your ability to detect the attackers. We also learned how to gain better attribution as to who and why they are attacking you. John helped us find out how to get access to the bad guy’s system, and most importantly how to do this legally.
The current threat landscape is shifting. Traditional defences are failing us. We need to develop new strategies to defend ourselves. Even more importantly, we need to better understand who is attacking us and why. Some of the things we talked about you may implement immediately, others may take you a while to implement. Either way, we considered what we discussed and have a collection of tools at our disposal when we need them to annoy the attackers. Attack the attackers.
This course was based on the DARPA funded Active Defense Harbinger Distribution live Linux environment. This VM is built from the ground up for defenders to quickly implement Active Defences in their environments. This course is also very hands-on with labs which is brilliant. Once a topic was spoken about we then preformed the lab ourselves, then John would go over the lab with the key points and take away from the lab. These labs can be quickly and easily implemented in your own environment.