Subhashini Kadurugasyaya

Thumbnail for post.

Subhashini has worked as an Engineer and Manager in Telecommunication and ICT fields since 2007 in different vendor and operator platforms.  Her Experience includes Telco applications planning, maintenance and Solution delivery, Telco core network, ISP operation management and Security governance. She is a Volunteer trainer in LKNOG and a founding committee member of LKNOG, a former Fellow at APNIC 42 and 48 events and attended the first APNIC Hackathon. As a Voluntary speaker and organiser, she supports Women in ICT forums, APNIC NFH SEA and LKNOG events.

Technical Interest areas include Network and application Security, IPV6, DNS and DNSSEC.

Subhashini shares her knowledge as the retained community trainer in Sri Lanka for APNIC.

Affan Basalamah

Thumbnail for post.

Affan Basalamah is an experienced IT Network & Telecom consultant with a diverse background in various corporations, including higher education institutions, Islamic multinational businesses, and the largest telecommunications operator in Indonesia. He received his degree from the Institut Teknologi Bandung, where he also served as an IT/network administrator and later as Head of IT Infrastructure for the IT Directorate for over 10 years. During this time, he was involved in the construction of Indonesia’s first higher education network (INHERENT) and frequently spoke at IT conferences such as IDNOG and APAN.

Affan shares his knowledge as a volunteer community trainer. 

Packets don’t lie – Threat Hunting with Zeek

Thumbnail for post.

One of the methods to identify, process and gain visibility into a network is Network Security Monitoring(NSM). Zeek is a passive network security monitor and is Open Source. In this course will use Zeek to analyse PCAPs and find badness.   

Course Outline

In this course, participants should be able to

Outline:
– Gain an understanding on the value of Zeek in the context of Network Security Monitoring(NSM)
– Analyse PCAPs using Zeek
– Get an overview of Zeek and Zeek logs 

Course Material

Breach and Attack Simulation Tools

Thumbnail for post.

Overview

Information and Network Security is a broad topic, and as such this webinar will look at a variety of topics covering theory, technical controls, and organisational best practices.

The focus of the webinar is to introduce Breach and Attack Simulation (BAS) concepts by explaining various tools and strategies to test defenses to determine the overall security posture of the organisation.

Outline

This course will cover the following topics:

  • What is Breach and Attack Simulation (BAS)
  • Why Use BAS tools
  • Overview of the MITRE ATT&CK Matrix
  • List of Open Source tools
  • Overview of the various tools
  • Setting up a simulation

Course Materials

APNIC’s Vulnerability Reporting Program

Thumbnail for post.

Overview

APNIC has been running a public Vulnerability Reporting Program (VRP) for just over a year now, where we have been inviting security researchers worldwide to responsibly report to us any vulnerabilities they find in our networks, servers, and services.

This webinar will follow the VRP from its first concept, through creation and the first year of operations.  We’ll look at when went well, and what improvements were made along the way. We’ll also review the vulnerabilities reported, and examine them based on when they were reported, their severity, and who reported the issues to us. We’ll then cover some lessons learned from this project, and what APNIC is doing next to improve external vulnerability management.


Outline

This course will cover the following topics:

  1. What is a Vulnerability Reporting/Disclosure Program? (VRP/VDP)
  2. Why APNIC started a VRP
  3. Process of creating a VRP
  4. Review of vulnerabilities reported (count, severity, who reported them)
  5. Lessons learned
  6. What are the next steps after the VD

Course Materials


A. S. M. Shamim Reza

Thumbnail for post.

Shamim Reza is the CTO of Pipeline Inc., where he is responsible for developing strategies and doing research on Cyber Security utilizing Artificial Intelligence and Machine Learning.

He comes with more than 12 years of experience across infrastructure management, security monitoring & management, automation, threat hunting & forensic analysis.

Shamim actively participates in NOGs and technical conferences.

Shamim volunteers as a community trainer and shares his knowledge.

Amante Morales Alvaran

Thumbnail for post.

Amante has over 20 years of experience in the IT industry, holding various roles as Engineer, Trainer, Consultant, and Operations Management. Amante has PostGrad in Cyber and Data Management and is currently doing MBA in Cyber and Data Management. 

 Amante shares his knowledge as a voluntary Community Trainer for APNIC.

Kunal Raj

Thumbnail for post.

Kunal Raj is the team lead (acting) for the ISP & Security team at Telecom Fiji.

He brings with him over 5 years of experience in planning, operating and managing a Service Provider network.

Kunal is passionate about learning and sharing knowledge, and he volunteers his time as an APNIC Community Trainer.

Azhar Khuwaja

Thumbnail for post.

Azhar has over 20 years experience as an IT / Telecom Trainer. His areas of expertise are Network Security, Software-Defined Networking, ITIL, Optical Transmission (SDH/DWDM) and Access Networks (GPON-FTTX). He also designs & develops courseware, lab manuals and blogs for international training organizations.

Azhar has delivered trainings in over 30 countries. He has served as Senior Technical Trainer at ZTE Corp. China, Networking Instructor at Xintra College Ottawa, Technical Trainer at TELOS in Vancouver and Online Instructor at QuickStart. His industry roles include working as ATM / IP Network Support Specialist at Siemens Canada, NOC Support at Bell Canada, & Field Applications Engineer at Nu Horizons USA.

Azhar has obtained a Master of Engineering in Telecommunication from Australia.  He has taught at MAJ University, SZABIST, KIET, Mehran University and Xintra College. He has acquired certifications from CompTIA, Alcatel, Microsoft, EC-Council, AXELOS, MEF, Cisco, & Algonquin College.

Azhar shares his knowledge and experience as a volunteer community trainer for APNIC.

Lightning fast DDoS detection with FastNetMon Community. (Part 2)

Thumbnail for post.

Overview

In this webinar, Pavel will continue from his last session on the FastNetMon Community product with a focus on practical aspects of implementation. You will learn ways to export traffic telemetry information from real routers and how to configure FastNetMon for volumetric DDoS detection. You will also get a detailed overview of BGP integration options available in FastNetMon to stop attacks. We will establish a BGP session during the webinar. 

Outline

This course will cover the following topics:

  • Export traffic telemetry information 
  • Configuring FastNetMon for volumetric DDoS detection
  • Overview of BGP integrations 

Course Materials