Brad Hosking

Thumbnail for post.

Brad has been with APNIC since 2018, in his role as Business Information Technology Manager he supports APNIC staff with remote working solutions. Brad believes that the solution needs to be simple for end users to utilise effectively, with security always being considered. 

Identifying Suspicious Traffic with DASH

Thumbnail for post.

Overview

This course will introduce APNIC’s DASH (Dashboard for Autonomous System Health), which is a portal that allows APNIC members to identify suspicious traffic going out of their networks. The course will also cover a specific use case and a demo.

Community Insights Program:
https://www.apnic.net/your-say

Outline

This course will cover the following topics:

  • What DASH is (and what it’s not)
  • Where the data about suspicious traffic comes from
  • A specific use case – Preventing DDoS attacks
  • DASH’s key features
  • DASH Demo

Course Materials

Practical Threat Information Sharing

Thumbnail for post.

Overview

This course will cover possible ways to get access threat information. Some use cases for using threat information to improve your security and using tools such as MISP to manage threat information and more.

Outline

This course will cover the following topics:

  • Possible ways to get access threat information / intelligence 
  • Use cases for using threat information to improve your  security 
  • Using tool such as MISP (www.misp-project.org)  to gather and manage threat information 
  • Creating a community that shares threat related information 
  • Highlights of the APNIC Community Threat Sharing Initiative

Course Materials

Email based Attacks and Mitigation

Thumbnail for post.

Overview

Delivering attacks by emails has become the single most consistent way of compromising and organisation. In this webinar you will learn types of attacks that can be performed through email and their impacts, why they are now the most prevalent forms of attacks and an economical way to handle these attacks to protect your organisation and perhaps, share the IoC, to help protect your community.

Outline

This course will cover the following topics:

  • CERT/CSIRT and takedown request 
  • Email campaigns
  • Types of attacks by email and their repercussions
  • Protections available
  • Attack at OSI layer 8 (people)
  • Email Awareness Programs
  • IR a suspicious Email with online tools
  • Handling IoCs

Materials

DNS Ecosystem Security

Thumbnail for post.

Overview

The Domain Name System (DNS) is a critical part of Internet infrastructure. This course will provide an overview of the DNS Ecosystem, various threats and abuses in the DNS and important practices in protecting the DNS. The course will also touch on DNS Security Extensions (DNSSEC)

Outline

This course will cover the following topics:

  • Overview of DNS Ecosystem
  • DNS threats and abuses
  • Securing DNS

Materials

Geoffroy Thonon

Thumbnail for post.

With more than 20 years in IT and 15 of them in IT security Geoff is now currently based in Australia, working for AusCERT, first as analyst and now as operations manager. This is now familiar position as an opportunity to create, from start, an economy-wide CERT in Macau S.A.R. had presented itself, before my stint at AusCERT, that started from zero and went on to positively contribute to the Asia-Pacific Region

Incident Response & Threat Sharing

Thumbnail for post.

Overview

In this course you will learn how open source tools can be used to analyze artifacts from security incidents. This course will also highlight the importance of sharing insights and information related to security incidents.

Outline

This course will cover the following topics:

  • Overview of the Threat Landscape
  • Implementing Cyber Security
  • Types of Security Incidents
  • Security Incident Response Services Framework
  • Policies, Tools and SLAs
  • Working with the Security Community
  • Sharing Threat Intelligence

Course Materials

Packet Analysis for Network Security

Thumbnail for post.

Overview

This webinar will introduce you to packet analysis, including exposing you to different tools such as squirt, sguil and wireshark, to dissect network packets, related to performing security incident response and investigations.

Outline

This webinar will cover the following topics:

  • Signature and session analysis
  • FOSS tools
  • Intrusion detection tools (e.g. Snort, Suricata)
  • Network monitoring
  • Security Onion
  • Security Onion Lab
  • Exercises on Squert and Sguil

Course Materials

Physical Information Security

Thumbnail for post.

Overview

Learn about the convergence of physical security and information security, while highlighting some of the vulnerabilities and countermeasures commonly found in office environments, including understanding of physical security vulnerabilities, and what to ask physical security vendors/installers.

Outline

This course will cover the following topics:

  • What is physical security?
  • Why is physical security important in an information world?
    • Case study: Australian Customs Service at Sydney International Airport
    • Case study: Minority Report (2002 Film)
  • The timeline of security controls
    • Prevent, detect, respond
  • Common vulnerabilities and controls
    • Doors
    • Office environments
    • Server rooms
    • Safes
    • Outside the office and while travelling
  • Areas that require specialist advice
    • Fire and environmental protection
    • Locks
  • Next steps

Audience

  • System/network engineers
  • IT managers
  • Risk/security auditors
  • Physical security managers

Learning from Honeypots

Thumbnail for post.

Overview

Honeypots are resources that can be used to detect and learn about security attacks. This course will give a general overview of honeypots and show some use cases of how honeypots can be useful for organisations and security practitioners.

Outline

This course will cover the following topics:

  • What are Honeypots
  • Honeypots for detection and monitoring
  • Case studies and demos

Materials