Cyber Rangers

services

Training

...let your people learn by real examples how to defend themselves

Put your key staff through intensive training, from which they will take away new core competencies. We do not lecture. We teach by example. We simulate hacking attacks, working with real scenarios breaking through defences, demonstrating defensive strategies. The best investment in cyber security is investment in your people.

Active Directory Red Teaming: Attacking and defending enterprise Active Directory Environments

Active Directory is the heart of organizations and therefore an important target for an attacker. In this advanced training, we will go through the entire journey, options and techniques for compromising an Active Directory environment. This is with the goal of understanding the activities from the perspective of the Red Teamer inspecting the security of such an environment as well as from the perspective of the defender who is responsible for hardening the environment. In addition to techniques directly related to Active Directory exploitation, we will also partially focus on the necessary defense evasion.

For whom training is suitable AD Administrators, SOC Analysts, IT Administrators, Pentesters
Date we will open it when we have at least 5 participants
Capacity 10 participants
Duration 30 hours in 3 days
Place Prague
Price 42000,- CZK before VAT
I am interested in

PowerShell Ultimate Security

This training will provide participants with the knowledge needed to safely use and secure the PowerShell platform. It focuses on practices for safely handling sensitive data in scripts, what script structures are insecure, and whether the entire PowerShell can be exploited by an attacker. The training requires advanced knowledge of PowerShell.

For whom training is suitable Experienced PowerShell Scripters, IT Administrators, Pentesters
Date will be announced according to the interest of the participants
Capacity 10 participants
Duration 20 hours in 2 days
Place Prague
Price 19000,- CZK before VAT
I am interested in

Microsoft Sentinel for SOC Analysts

In this course we will focus on understanding the job of an analyst in the Microsoft Sentinel environment. We will also explain how to analyze logs from the local and cloud environments using the Microsoft Sentinel tool. The course participants will learn how to use the KUSTO Query Language in their jobs and how to efficiently use cloud tools for faster analysis.

For whom training is suitable SOC Analysts, SOC Managers, Incident Responders
Date will be announced according to the interest of the participants
Capacity 20
Duration 40 hrs in 5 days
Place Prague
Price 1000,- Eur without VAT
I am interested in

Microsoft Sentinel Purple Teaming a Deep Hunting

In this course we will focus on a simulation of cyber attacks that the participant will investigate. Each such attack within the APT scenario will be discussed in detail and analyzed by an analyst, who will actively create rules for detection and hunting in the Microsoft Sentinel tool. This is a hands-on course, meaning that the majority of the content revolves around practical experience from the investigation, during which the participants will learn about the advantages of Microsoft Sentinel as well as the limits of this tool.

For whom training is suitable SOC Analysts, Incident Responders
Date will be announced according to the interest of the participants
Capacity 20
Duration 40 hrs in 5 days
Place Czech Republic
Price 1 150,- Eur without VAT
I am interested in

PowerShell Basics

This training provides students with the fundamental knowledge and skills to use PowerShell. We will cover multiple topics like cmdlets, functions, components and objects manipulations, script prerequisites, standard and structures. The course content is built on my more than 15 years of working with PowerShell and students will spend more than 80% of course time working in PowerShell engine. During the training you will built some basic scripts you can immediately use in your daily work.

For whom training is suitable IT Administrators
Date will be announced according to the interest of the participants
Capacity 20
Duration 32 hrs in 4 days
Place Prague
Price 930,- Eur without VAT
I am interested in

PowerShell Advanced

This training provides students with the advanced knowledge and expert skills to use PowerShell. The training requires existing solid knowledge as you will learn advanced topics like Proxy Functions, .NET, PowerShell workflows etc. The content is built on my more than 15 years of working with PowerShell and students will spend more than 80% of course time working in PowerShell engine. Everyone who already use PowerShell for any purpose can benefit from the content.

For whom training is suitable Experienced PowerShell Scripters
Date will be announced according to the interest of the participants
Capacity 10
Duration 16 hrs in 2 days
Place Praha
Price 680,- Eur without VAT
I am interested in

Windows OS Defense Evasion Techniques

The aim of the course is to understand how techniques for bypassing Windows OS security mechanisms work. During the course we will study an example of real bypassing of systems based on newer Windows systems using modern security mechanisms such as AppLocker, EDR systems, Powershell protection and many more that you can find in the operating system.

For whom training is suitable SOC Analysts, Incident Responders, Pentesters, Security Professionals
Date will be announced according to the interest of the participants
Capacity 20
Duration 40 hrs in 5 days
Place
Price 1 150,- Eur without VAT
I am interested in

Red Team Operator Fundamentals

This course will help the participants understand how Red Teaming operations work. We will explain how Red Teaming is prepared and how the whole exercise is planned. You will learn who Red Teaming is intended for and how the company should prepare for this exercise. We will also focus on correctly setting the relevant goals and contractual obligations when Red teaming is carried out by external subjects. We will explain what a Red Teamer should know and which members should be in the Red Team. Last but not least, we will discuss the pros and cons of internal and external Red Teams.

For whom training is suitable Pentesters, Red Teamers
Date will be announced according to the interest of the participants
Capacity 10
Duration 24 hrs in 3 days
Place Prague
Price 950,- Eur without VAT
I am interested in

Cybersecurity 101

This course is intended as an introduction into cyber security. We will focus on all aspects of information and cyber security and the participants will learn about the threats they can encounter in digital, physical and human environments. This course also focuses on the problems of incorrectly configured processes or inconsistent management of the company culture. A whole range of cyber attacks will be demonstrated within the course. The course can also be taken as a preparation for different types of certification tests required for CS managers and architects.

For whom training is suitable SOC Analysts, Incident Responders, Pentesters, Security Professionals
Date will be announced according to the interest of the participants
Capacity 20
Duration 40 hrs in 5 days
Place Prague
Price 750,- Eur without VAT
I am interested in

Windows Forensics Hands-on

In this course the participants will learn how to secure digital and physical evidence when performing a forensic investigation. Securing of evidence will be done in a legal way and should show the participants how not to disturb the evidence while gathering it. One section of the course is dedicated to practical examples related to the securing of evidence and will explain the topic of a forensic team composition, as well as gathering of evidence on secured devices. The participants will also learn which HW and SW tools are necessary for proper securing of evidence.

For whom training is suitable SOC Analysts, Incident Responders
Date will be announced according to the interest of the participants
Capacity 20
Duration 40 hrs in 5 days
Place
Price 1 440,- Eur without VAT
I am interested in

Trends in cyber threats

The goal of the course is to provide a comprehensive overview of the trends in cyber threats that have appeared since 2019 and to discuss some of the significant attacks in the recent years. The training will consider the Tactics, Techniques, and Procedures (TTPs) of hackers and the weaknesses of companies so that the company can adapt and transpose these situations into its current environment in order to assess whether this is a realistic threat in the client’s company. The course is intended not only for technically oriented individuals.

For whom training is suitable Top Management, Managers, CS Managers, CS Architects, SOC Analysts, Incident Responders
Date will be announced according to the interest of the participants
Capacity 50
Duration 8 hrs in 1 days
Place Czech republik
Price 500,- Eur without VAT
I am interested in

Basics of risk management

The goal of the course is to provide a comprehensive overview and expand the knowledge of the participants on risk control and management using the qualitative and quantitative method. The course participant will learn about modern concepts of risk management and will understand how easy it is to use causal scenarios. In the course you will need to use mathematical formulas for calculations and then project the final values namely into cyber risks. Before the course the lecturer needs to be familiarized with the internal risk management method and internal procedures of the company related to the risk management.

For whom training is suitable Top Management, Managers, CS Managers, CS Architects
Date will be announced according to the interest of the participants
Capacity 20
Duration 8 hrs in 1 days
Place Czech republik
Price 500,- Eur without VAT
I am interested in

Advanced risk management

The goal of the course is to provide a comprehensive overview of risk management and expand the knowledge of the participants in the field using the quantitative method. Course participants will learn about modern concepts of risk management and will understand how easy it is to use causal scenarios. During the course, the participants will learn about the FAIR module and modelling using Monte Carlo simulation. In the course you will need to use mathematical formulas for calculations and then project the final values namely into cyber risks.

For whom training is suitable Top Management, Managers, CS Managers, CS Architects
Date will be announced according to the interest of the participants
Capacity 20
Duration 8 hrs in 1 days
Place Czech republik
Price 500,- Eur without VAT
I am interested in

Non-technical Table Top course focused on Incidence Response Plan

The goal of the course is to do a practice “Incident Response Plan” according to the MITRE ATT&CK framework that will focus on detection of and reaction to an cyber incident in the context of the company. The course, which will take place in the form of an interview, will mention different methods and scenarios of cyber attacks and the participant should be able to handle these attacks. During the course, the mediator and scenarist on the side of the supplier will thoroughly explain and describe the incident to the response team that does not need to consist of only technically-minded people. Before the course, it is recommended to describe and explain the implemented “Incident Response Plan” process to the mediator and playwright who will customize the course based on this information.

For whom training is suitable Top Management, Managers, CS Managers, CS Architects
Date will be announced according to the interest of the participants
Capacity 20
Duration 8 hrs in 1 days
Place czech republik
Price 700,- Eur without VAT
I am interested in

Technical Table Top course focusing on the Incidence Response Plan

The goal of the course is to complete a training “Incident Response Plan” according to the MITRE ATT&CK framework that will focus on detection of and reaction to an cyber incident in the context of the company. The course, which will take place in the form of an interview, will mention different methods and scenarios of cyber attacks and the participant should be able to handle these attacks. During the course, the mediator and playwright on the side of the supplier will thoroughly explain and describe the incident to the response team, which should consist of technically skilled participants. Before the course, it is recommended to describe and explain the implemented “Incident Response Plan” process to the mediator and playwright who will customize the course based on this information.

For whom training is suitable SOC Analysts, Incident Responders, Forensic Investigators, IT Technicians
Date will be announced according to the interest of the participants
Capacity 20
Duration 8 hrs in 1 days
Place Czech republik
Price 700,- Eur without VAT
I am interested in

Hands-on simulation of cyber attacks in the Cyber Rangers LAB

The goal of the course is to introduce the participants to possible vectors in the IT/OT environment using attack simulations in the course supplier’s lab. The course participants together with the lecturer will simulate attacks on the given environment. The simulation will also include attacks on ModBus and IEC104 protocols and on common TCP protocols used in IT and OT. Simulated attacks will be carried out against Active Directory and Windows operating systems within the context of the MITRE ATT&CK framework. Attack simulations should, to the greatest extent possible, simulate and demonstrate APT-type attacks or so-called multi-stage attacks with the aim of disrupting the confidentiality, availability or integrity of the system, or reducing the resilience of systems.

For whom training is suitable SOC Analysts, Incident Responders, Forensic Investigators, IT Technicians
Date will be announced according to the interest of the participants
Capacity 20
Duration 24 hrs in 3 days
Place Czech republik
Price 800,- Eur without VAT
I am interested in

Cyber attack and defense in practice

The goal of the course is to introduce the participants to an APT attack, whereas the entire exercise is conducted by a lecturer who explains attack techniques and defense options against a given type of attack on a simulated cyber attack. In order to understand protection, it is necessary to know and understand the functionalities of operating systems and the available defense options. The simulated cyber attack targets an infrastructure with standard security operated in the supplier’s lab. The participants do not actively participate in the repair of the system and the attack simulation.

For whom training is suitable SOC Analysts, Incident Responders, Forensic Investigators, IT Technicians
Date will be announced according to the interest of the participants
Capacity 20
Duration 16 hrs in 2 days
Place Czech republik
Price 700,- Eur without VAT
I am interested in

Open Source Intelligence – obtaining company and personal information

As part of the course, participants will learn the techniques used by government and military intelligence, intelligence services, CIA and FBI agents to search for information using open sources. In this course we will explain what OSINT is and how it works, we will talk about other areas such as HUMINT, SOCINT, GEOINT and others. We will learn to use tools and get information automatically, work with photo metadata and geolocations and track people using online cameras.  The entire course is accompanied by a series of hands-on labs so that the participants can master the given techniques and begin to understand the functioning of intelligence services, focusing on the physical, digital and human aspects. At the end, the participants will get a homework assignment to create a complete digital profile of the organization, with a deadline in 7 days. In this way, the participants will understand the weaknesses of the organization which could be used by a potential attacker when planning an attack on its infrastructure. The output of this screening is then discussed with the lecturer, and each course participant has 1 hour to explain the most important points of the entire report. The participants are awarded their certificate after they defend their outputs. This methodology is used not only by the armed forces of various countries, but also by researchers who try to identify the weak points of companies. The OSINT methodology is further used in the screening of employees who may work with sensitive information after joining, in order to verify their confidentiality and integrity.

For whom training is suitable SOC Analysts, Investigators, Red Team Operators, Journalists with technical knowledge, Reporters, Lawyers with technical knowledge
Date will be announced according to the interest of the participants
Capacity 10
Duration 40 hrs in 5 days
Place Czech republik
Price 2000,- Eur without VAT
I am interested in

KUSTO Query Language for data lookup in logs

KUSTO Query Language is one of the most wide-spread query languages in Microsoft’s cloud services. The course participants will learn the techniques and methods of searching in logs, identifying weak spots in search queries, and understanding the individual terms used for searching. They can then immediately use these techniques within Microsoft services, not just in an Azure Sentinel or Azure Monitor environment.

For whom training is suitable SOC Analysts, Microsoft Azure Specialists and Architects
Date will be announced according to the interest of the participants
Capacity 20
Duration 24 hrs in 3 days
Place Czech republik
Price 700,- Eur without VAT
I am interested in

Understanding MITRE ATT&CK and other related tools by MITRE

The goal of the course is to familiarize participants with tools by MITER in order to use the most possible information for the analysis of cyber attacks and to build detection and prevention measures. As part of the course, participants will learn about the techniques contained in the MITER ATT&CK Kill Chain for IT, OT and Cloud areas. They will also try using the Atomic Red Team and will be introduced to MITRE D3FEND. Last but not least, we will model a threat using the MITRE ATT&CK Navigator. Finally, we will discuss the advantages of the MITRE Engage tool and working with a CVE database.

For whom training is suitable SOC Analysts, Incident Responders
Date will be announced according to the interest of the participants
Capacity 20
Duration 8 hrs in 1 days
Place Czech republik
Price 850,- Eur without VAT
I am interested in

Introduction to industrial technology security for IT security professionals

The goal of the course is to introduce the participants to the topic of security of industrial networks and industrial environments. In this course the participants will learn about the architectonic models and standards used in industrial networks.

For whom training is suitable IT Administrators, Managers and CS Architects
Date will be announced according to the interest of the participants
Capacity 20
Duration 16 hrs in 2 days
Place Czech republik
Price 500,- Eur without VAT
I am interested in

Penetration testing according to OWASP

Training is focused on understanding the OWASP methodology with a focus on testing within web applications. In this course, the participants will go through all the test scenarios on a specially created  PHP web application and understand how a weak spot in the application is created and how an attacker can use it. You will learn how to correctly test a web application and what to focus on during testing.

For whom training is suitable IT Administrators, Developers, Penetration Testers, Red Team
Date will be announced according to the interest of the participants
Capacity 20
Duration 40 hrs in 5 days
Place Czech republik
Price 750,- Eur without VAT
I am interested in

Attack vectors for technological systems

The goal of the course is to show the top 20 attack vectors used against technological systems and to explain the main causes of the problems to the participants. Practical demonstrations are carried out in the technological lab and most attacks are simulated directly during the course. The participants will understand how such cyber attacks are created and what threats they should prepare for.

For whom training is suitable IT Administrators, CS Managers and CS Architects
Date will be announced according to the interest of the participants
Capacity 20
Duration 24 hrs in 3 days
Place Czech republik
Price 1000,- Eur without VAT
I am interested in

Penetration testing and its parameters for cyber security managers

The goal of the course is to introduce the participants to the options of security testing in a company environment. The participants will learn about the testing options and what testing can bring. We will also focus on the issue of timing the testing and a secure development cycle that the company should implement. During testing you will discover the differences between vulnerability scanning, penetration tests and red team. The participants will get a clear idea about how to implement this testing in their company.

For whom training is suitable Managers, CS Managers, CS Architects
Date will be announced according to the interest of the participants
Capacity 20
Duration 8 hrs in 1 days
Place Czech republik
Price 250,- Eur without VAT
I am interested in

OWASP Application Security Verification Standard

The goal of the course is to discuss and understand the entire web application security testing standard according to OWASP. In this course the participants will understand what to focus on during testing, but mainly what to do to ensure that vulnerabilities do not arise in the system. The participants will also see many problem areas of web applications that will be abused by the lecturer.

For whom training is suitable Developers, Penetration Testers, Red Team
Date will be announced according to the interest of the participants
Capacity 20
Duration 24 hrs in 3 days
Place Czech republik
Price 750,- Eur without VAT
I am interested in

Internet browsers from the point of view of an exploit developer

In this course, we will introduce internet browsers and discuss how secure they are. We will refute or confirm various possibilities of escalation of access from the website to the victim's computer and explain how browsers and their components work, not only while testing the user's experience.

For whom training is suitable Developers, Penetration Testers, Red Team
Date will be announced according to the interest of the participants
Capacity 20
Duration 8 hrs in 1 days
Place Czech republik
Price 600,- Eur without VAT
I am interested in

Who already has experience with our service


You wouldn't believe what can happen to you...

/01 HACKING STORIES

SOC is about people. And it's not for everyone.

SOC everywhere you look and for everyone the consolation of cybersecurity assurance. But that is not the case today. SOC is all about people and not technology. And not every organization can effectively adapt SOC from day to day.


If you want to know more...

/02 HOW THE CYBER RANGERS SEE IT

#2

CYB3R Club #2 - OSEP and C|OSINT certifications

Jan and Dan talked about their experience, quality and relevance of Offensive Security Experienced Penetration Tester (OSEP) and McAfee Institute Certified Open-Source Intelligence (C|OSINT) certifications.


Working closely