Skip Main Navigation
Page Content

Save This Event

Event Saved

Melbourne: Tactical Incident Response

Mossé Cyber Security Institute

Thursday, 27 October 2016 at 9:00 AM - Friday, 28 October 2016 at 5:00 PM (AEDT)

Ticket Information

Ticket Type Sales End Price * Fee Quantity
Early Bird Ticket Ended $2,000.00 $0.00
Standard Ticket Ended $2,300.00 $0.00
* Prices include GST

Share Melbourne: Tactical Incident Response

Event Details


Incident Response is a multidisciplinary approach to understanding the methodologies, techniques, and tools for both offensive and defensive security.

This 2 day course introduces a tactical approach for instrumenting, alerting, and responding for enterprises. Using a combination of new tools, and uncommon techniques students will learn how to defend a network against today’s evolving threats.

Real world attacks concentrate heavily on a number of methodologies including; compromising systems without depending upon standard exploits, Enterprise Security Products evasion, unique stealth approaches, persistence mechanisms, and varying degrees of collection strategies. 

Attendees will learn how real attackers use these strategies and how to detect, alert, respond, and defend against these techniques.

The student will learn:

  • How to manipulate enterprise tools and infrastructures in unusual ways for better security
  • Build and employ custom logging tools for detecting lateral movement, persistence mechanisms, data targeting, and exfiltration
  • How to provide actionable data to help decision makers
  • Properly defend against and respond to incidents on a network
  • Offensive mindset for defensive purposes

Topics covered:

  • Real offensive mindsets, not penetration testing mindsets, for enterprise response
  • Proper response mechanisms and communication
  • Host and network indicator extraction for enterprise results
  • Quickly gather and identify data for incident use
  • Host logging and auditing
  • Leveraging active directory
  • PCAP and network intelligence extraction
  • Advanced host and file triage capabilities
  • Host command and process monitoring across a host

Students will get the chance to work with real "APT" tools and see the unique differences between how they are used in real attacks vs the penetration testing tools used today. These differences will help students learn how to truly detect real adversaries.

The labs will be interwoven into the lecture so that students will receive a significant amount of time exercising these new skills as they learn. By the end of the class students will have spent 50% of the time in a lab environment. A significant portion of the class will be dedicated to building new tools, on the fly, to solve the challenges posed by a difficult adversary.

The full syllabus may be viewed here:

Have questions about Melbourne: Tactical Incident Response? Contact Mossé Cyber Security Institute

Save This Event

Event Saved

When & Where

The Cluster
Level 17
31 Queen St
Melbourne, VIC 3000

Thursday, 27 October 2016 at 9:00 AM - Friday, 28 October 2016 at 5:00 PM (AEDT)

  Add to my calendar
Melbourne: Tactical Incident Response
Things to do in Melbourne Seminar Business

Please log in or sign up

In order to purchase these tickets in installments, you'll need an Eventbrite account. Log in or sign up for a free account to continue.