Swapneel Patnekar

Swapneel is a network security engineer & CEO at Shreshta IT and has been working in the Information Security field for 15+ years. He regularly conducts workshops on Information Security, Network Security Monitoring and DNS/DNSSEC Security.

He is also a board member of India Internet Engineering Society and has been Program Committee member of INNOG group, and actively participates at the various Network Operator Groups (NOGs) and security community in the Asia Pacific region.

Swapneel shares his knowledge as a volunteer community trainer for APNIC.

Brad Hosking

Brad has been with APNIC since 2018, in his role as Business Information Technology Manager he supports APNIC staff with remote working solutions. Brad believes that the solution needs to be simple for end users to utilise effectively, with security always being considered.

Identifying Suspicious Traffic with DASH

Overview

This course will introduce APNIC’s DASH (Dashboard for Autonomous System Health), which is a portal that allows APNIC members to identify suspicious traffic going out of their networks. The course will also cover a specific use case and a demo.

Community Insights Program:
https://www.apnic.net/your-say

Outline

This course will cover the following topics:

What DASH is (and what it’s not)
Where the data about suspicious traffic comes from
A specific use case – Preventing DDoS attacks
DASH’s key features
DASH Demo

Course Materials

Slides: Identifying Suspicious Traffic with DASH Download

Practical Threat Information Sharing

Overview

This course will cover possible ways to get access threat information. Some use cases for using threat information to improve your security and using tools such as MISP to manage threat information and more.

Outline

This course will cover the following topics:

Possible ways to get access threat information / intelligence
Use cases for using threat information to improve your security
Using tool such as MISP (www.misp-project.org) to gather and manage threat information
Creating a community that shares threat related information
Highlights of the APNIC Community Threat Sharing Initiative

Course Materials

Slides: Practical Threat Information Sharing Download

WiFi Security

Overview

Wireless networks are common for enterprise offices and homes as they offer seamless connectivity without sacrificing mobility. As we rely more on Wi-Fi, the convenience that it brings also comes with heightened security risks. This course will introduce the technical concept of Wi-Fi and WLAN technology and examine its threat landscape, potential vulnerabilities and wireless exploits. The webinar then discusses wireless security standards, and outline some security practices and mitigation techniques.

Outline

This course will cover the following topics:

Brief intro to 802.11 protocols
Security concerns and exploits
Wireless security standards
Wi-Fi security tips and practices

Slides

Slides: Wifi Security Download

Email based Attacks and Mitigation

Overview

Delivering attacks by emails has become the single most consistent way of compromising and organisation. In this webinar you will learn types of attacks that can be performed through email and their impacts, why they are now the most prevalent forms of attacks and an economical way to handle these attacks to protect your organisation and perhaps, share the IoC, to help protect your community.

Outline

This course will cover the following topics:

CERT/CSIRT and takedown request
Email campaigns
Types of attacks by email and their repercussions
Protections available
Attack at OSI layer 8 (people)
Email Awareness Programs
IR a suspicious Email with online tools
Handling IoCs

Materials

Slides: Email Attacks and Mitigation Download

DNS Ecosystem Security

Overview

The Domain Name System (DNS) is a critical part of Internet infrastructure. This course will provide an overview of the DNS Ecosystem, various threats and abuses in the DNS and important practices in protecting the DNS. The course will also touch on DNS Security Extensions (DNSSEC)

Outline

This course will cover the following topics:

Overview of DNS Ecosystem
DNS threats and abuses
Securing DNS

Materials

Slides: DNS Ecosystem Security Download

Geoffroy Thonon

With more than 20 years in IT and 15 of them in IT security Geoff is now currently based in Australia, working for AusCERT, first as analyst and now as operations manager. This is now familiar position as an opportunity to create, from start, an economy-wide CERT in Macau S.A.R. had presented itself, before my stint at AusCERT, that started from zero and went on to positively contribute to the Asia-Pacific Region

Incident Response & Threat Sharing

Overview

In this course you will learn how open source tools can be used to analyze artifacts from security incidents. This course will also highlight the importance of sharing insights and information related to security incidents.

Outline

This course will cover the following topics:

Overview of the Threat Landscape
Implementing Cyber Security
Types of Security Incidents
Security Incident Response Services Framework
Policies, Tools and SLAs
Working with the Security Community
Sharing Threat Intelligence

Course Materials

Slides: Incident Response and Threat Information Sharing Download

Packet Analysis for Network Security

Overview

This webinar will introduce you to packet analysis, including exposing you to different tools such as squirt, sguil and wireshark, to dissect network packets, related to performing security incident response and investigations.

Outline

This webinar will cover the following topics:

Signature and session analysis
FOSS tools
Intrusion detection tools (e.g. Snort, Suricata)
Network monitoring
Security Onion
Security Onion Lab
Exercises on Squert and Sguil

Course Materials

Slides: Packet Analysis for Network Security Download