Calvin is a seasoned cybersecurity expert with over a decade of experience in offensive security. He excels in managing security risks and enhancing cyber attack detection for multinational corporations across Hong Kong, Taiwan, and mainland China. His expertise includes penetration testing, red teaming, incident response, and security risk assessment, impacting sectors like banking, finance, insurance, retail, aviation, healthcare, and energy utilities. In consulting roles, Calvin has delivered tailored security solutions and played a key role in designing detection use cases for a major bank, ensuring iCAST compliance. His proficiency in both offensive and defensive cybersecurity makes him a strong advocate for Purple Team collaboration, leveraging AI technology to bolster defenses. Committed to community education, Calvin promotes cybersecurity awareness through Safe and Secure Online events and co-founded HK CTF, a capture-the-flag community in Hong Kong. He continues to inspire and educate future cybersecurity professionals through workshops and speaking engagements.

Workshop Learning Outcome

After completing the workshop, the participants will

• Understand the importance of Purple Team collaboration in cybersecurity defense strategies;
• Acquire practical skills in identifying and mitigating real-world cyber threats through hands-on exercises and simulations;
• Learn effective strategies for integrating offensive and defensive security measures to enhance organizational resilience;
• Develop insights into the risks and opportunities associated with AI technology in cybersecurity;
• Gain practical knowledge in leveraging AI technology for threat detection, including infiltration attacks, phishing sites, and deepfake content.

Workshop Outline

I.        Cyber Threat Landscape in Greater China Region

–       Overview of major cyber attacker groups operating in the region

–       Industries most targeted by cyber attacks in Greater China

–       Case studies of significant cyber attacks in the region

–       Common tactics, techniques, and procedures (TTPs) used by attackers

II.       Purple Team Collaboration on Windows Active Directory

–       Introduction of MITRE ATT&CK Framework

–       Overview of the Lab Environment

–       Simulation of Common Attacks

• • Discovery: Techniques for network and system discovery
  • Credential Access: Methods for obtaining user credentials
  • Privilege Escalation: Exploiting vulnerabilities to gain higher privileges
  • Lateral Movement: Techniques for moving within the network
  • Exfiltration: Methods for data extraction and exfiltration

–       Strategies for detecting each type of simulated attacks

–       Leveraging AI for Infiltration Attack Detection

III.     Exploring AI in Cybersecurity

–       Hands-on practice with exploiting vulnerabilities in AI-powered chatbots

–       Real-time demonstration of AI models identifying and mitigating phishing sites

–       Techniques for detecting and countering deepfake content using AI

• Kali Linux (guest OS)

• OpenVPN client

The instructor can provide onsite advice on the above.

Map: Click Here

[Regular]:        16 July 2024 (Tuesday)

2.     There is no refund once payment is made except the course is cancelled.

3.     Please keep the certificate as a CPE proof.