Network Defense

Network Defense
June 6 & 7, 2015
9am – 5pm

Instructor: Kevin Cardwell

Includes Autographed Copy of Kevin’s Book: “Building Virtual Pentesting Labs for Advanced Penetration Testing.”

This course will start with essential defensive strategies to be deployed throughout the networks of today to protect the data that traverses it. While it is true the news is full of stories about the latest data breach, there are methods and processes that an enterprise can deploy that will reduce their attack surface and improve their security process making them a harder target. There is no such thing as perfect security, but we can make our networks harder to attack, and isolate any breaches to one segment and not the entire architecture. This is what the first day of the course will focus on. On day two, you will learn the process and methodology of how to build your own penetration testing range as well as the steps to create your own CTF environment. What you will learn has been used to create CTFs at DEFCON, Hacker Halted and ShowMeCon. Additionally, the concepts that will be covered are an introduction to the process defined in the Kevin’s book “Building Virtual Pentesting Labs for Advanced Penetration Testing.”



SESSION ONE – Challenges of Vulnerability Management

  • Selecting a stance on risk
  • The impossible task of tracking vulnerabilities
  • The patch system is broken
  • Conducting self-assessment
  • Essential vulnerability steps
    • Sites of interest
    • Analysis of attack surface
    • System hardening
  • XCCDF and OVAL
  • LAB – hardening systems
    • Using the security compliance manager to reduce the attack surface
    • Mitigating the attacks with basic fundamentals of defense
    • Simple application whitelisting techniques

SESSION TWO – Emerging Threats and Advanced Attacks

  • Mobile
  • Critical Infrastructure
  • Social
  • Malware
  • Data Loss
  • LAB – emerging threats
    • Mobile
    • Social

SESSION THREE – Malware and Memory Analysis

  • Basic process analysis
  • Advanced process analysis
  • Rootkits
  • Analysis of live memory
  • RAM analysis
  • LAB – Memory analysis
    • Perform live memory analysis of compromised machines
    • Take memory images and determine what happened by following a proven process and methodology


SESSION FOUR – Proven Defense Measures

  • Success Stories
  • Modern filtering
  • Network segmentation and isolation
  • Internal honeypots, sinkholes and blackholes
  • LAB – Modern Filtering
    • Ingress
    • Egress
    • Deploying time based access control
    • Blackhole routing

SESSION FIVE – Creating an External Attack Architecture

  • Establishing the layers
  • Configuring the perimeter devices
    • Router
    • Firewalls
  • Deploying Monitors
    • Intrusion Detection System (IDS)
    • Intrusion Prevention System (IPS)
    • Load balancers
    • Integrating web application firewalls
  • LAB – External Architecture

SESSION SIX – Building a Complete Cyber Range and a Capture the Flag (CTF) Architecture

  • Creating the layered architecture
    • Segmenting the architecture
  • The multi-tiered CTF labyrinth
  • Integrating the decoys
    • Honeypots
    • Honeynets
    • Darknets
  • Attacking the completed range
  • Defending the completed range
  • LAB: Attackers and Defenders challenge wars



  • Award-Winning Instructor
  • Instructor Who Created the Course
  • Instructor Who Is A Practitioner – Bringing Expertise and Real-World Experience to Classroom
  • Autographed Copy of Book Published for the Course
  • Hands-on Training
  • Certificate of Completion
  • Lunch Every Day
  • Snacks and Coffee Breaks for Duration of Training
  • Instructor Availability
  • Computers Provided for Course (property of HackerU)
  • Lifetime Membership to Hacker University
  • Reduced Rates on Parameter Security’s Services
  • Complimentary Pass to the Two Day ShowMeCon Conference – June 8 & 9
  • Access to Conference After-Party on June 8
  • And More



  • Basics of Cyber Defense
  • Knowledge of Networking


COST: $1,999 per person


QUESTIONS? Call us at 314.442.0472 or email info <at> showmecon <dot> com