We are convinced that education and the transfer of knowledge creates better chances to protect against attacks. Therefore, our training services aim to support our clients in as many aspects as possible.
This way we can contribute to better overall security of our clients and a safer society in general. To ensure this, we work closely with you to design a training tailored to you and your personal needs. The goal of the training preparation is to assess your employees’ knowledge baseline and to challenge and improve their skills in the security field.
Your personalized security awareness training will be tailored to the topics most relevant to you and the respective target audience, for example OT-personnel, IT-personnel or the whole workforce. The trainings can take place remotely via online conferences or on-site at one or more of your company locations. Our training topics cover the whole range of IT security, spanning from social engineering to physical security (topics/issues). We have experience with multi-session trainings, ranging from small groups in online-classrooms to on-site awareness trainings with event highlights, like lockpicking and breaking into tilted windows or live hacking in customer-fitted IT demonstration environments.
The training duration and content of this workshop are tailored to your goals and target audience and can range from 90 minutes to three days. On request we can train your physical security team on the detection of dangers (for example via video feeds) or create awareness among the entire workforce for current dangers and upcoming structural changes to protect the company. For security team trainings, we recommend longer trainings (up to three days) to ensure that security risks are independently recognized and addressed at an early stage in the future. This includes many practical burglary and security exercises.
This training is specifically intended for security teams who plan on undergoing penetration testing in the future or who want to improve their skill set in this area. For each training, we arrange a training program specially adapted to the know-how of the participants. The training duration varies mostly between one and three days and can take place online or on-site at one or more company locations. Common training topics are penetration testing in internal networks and Windows AD environments, as well as penetration testing of web applications. Please let us know, if you have certain topics you want to have covered, so we can include those into your personal training plan. Our experienced penetration testers are thrilled to prepare more specialized content, e.g., red teaming, OT or blockchain security.
If you already have an internal penetration testing team and want to advance further into the field of red team assessments, then we are happy to support you. Our trainings take place over several days and involve the preparation and organization of red team assessments as well as typical red team activities and techniques, which include IT, physical security and social engineering. Of course, it is also possible to focus the training only on specific topics.
To professionally execute social engineering assessments, it is necessary to have good preparation, knowledge about targets, techniques and strategies as well as a lot of practical experience. Therefore, this training, lasting several days, offers knowledge in the understanding of different personality types, communication techniques (verbal and non-verbal), as well as many practical exercises to understand and maintain the acquired information. After the training you should have a good understanding and the adequate tools to carry out first assessments methodically and purposefully.
Next to the technical aspect and the recognition of security attacks, the learning success of the blue team is one of the most important points of an IT-based red team assessment. Since the blue team is traditionally not informed prior to a red team assessment, purple team assessment exercises close the information gap and use the red team assessment experiences to maximize the blue teams learning success. The main focus lies on the direct cooperation of the red and blue team, which can take various forms. In combination with red teaming, purple team exercises are either offered after a red team assessment in form of workshops or during the assessment if the red team has been fully discovered. For more abstract or complex tasks, we work together with our clients on scenarios in form of table top exercises to enhance creativity and solution-oriented thinking on both sides (red team and blue team).
To gain access to the internal network in a social engineering assessment, we first had to gain access to the company building. So we developed the following scenario and realized it:
An employee of ours, dressed up in suit and tie, waited for their cue word in front of the company building. A second employee, out of sight, called the front desk with a faked supervisor number: "The supervisor has a very important meeting but the customer is late. When the customer arrives, they need to be let through as quickly as possible."
The first employee of ours now ran stressed to the front desk, had no need to say much more and was allowed to pass without a control. The result: Free movement within the building!
A workshop for common web application exploits (focus on OWASP Top 10:2021) was hosted for the development department of a bigger software company. Main focus point was on demonstrating the exploits in practice and whenever possible allow the attendees to recognize and exploit on their own as part of practical exercises.
At the end of the workshop a capture-the-flag contest was held to give individual groups an opportunity to apply the knowledge they have acquired.
A large energy company ordered a purple team assessment. Objectives were initial access, detection tests on known attack strategies, execution of an implant during active EDR, testing the detection possibilities through EDR or monitoring solutions, as well as, execution of TTPs for lateral movement or persistence.
During the assessment, the blue team was able to develop custom-made detections in the EDR console to detect attack behaviour the EDR would not expose on its own.