Training - June 6, 2019

Interactive Learning - Full Day Session

June 6 - 9:00am-3:30pm

Pre-Registration Required

Training: Attack and Defend with Windows Powershell

Aelon Porat, Cision

This session will introduce the audience to Powershell, showcasing its attractiveness to sysadmins, defenders, and attackers alike. We'll perform different attacks using popular frameworks, as well as using unique attack scripts. From a defender perspective, we'll understand how such attacks work, learn the artifacts that they leave behind, and review some of the holes that allow them to take place.    

Prerequisites: As an introductory class, no previous Powershell experience is necessary. Students are expected to have an understanding of Windows and network protocols, as well as common attacks.

Equipment: Students are required to bring their own laptop running Windows 10, or a VM that has one installed. Administrator access and WiFi connectivity are required for some of the exercises. Powershell scripts will be available to download throughout the class.

Foundational SIEM analysis using OSSIM

Kevin T. Geil, Olympic Regional Development Authority

Dylan J. Lacey, Olympic Regional Development Authority

A SIEM (Security Information Event Management system) is a core component of most Security Operation Centers (SOCs).  If the initial deployment of a SIEM is not daunting enough, analyzing the deluge of data that follows a successful deployment can be formidable.  In this training session, students will use a virtual machine to learn how events are processed by OSSIM and then how to configure the system so that critical security events are presented in easy to understand views.  The techniques presented in this training will provide foundational skills applicable in a broad range of scenarios.  

Requirements: The following are minimum specifications for a laptop.    

  • Administrative credentials for the machine.  If VMWare and the OSSIM VM are installed, this might not be necessary.

  • Quad-core processor

  • 20 Gb free hard drive space

  • 8 Gb RAM (The OSSIM virtual machine will use every bit of 4 Gb RAM.)

  • VMWare workstation pro or VMWare workstation player (Or fusion on a mac) installed. VMWare downloads are available here:

An OSSIM virtual machine will be made available on-line prior to the training. Participants are encouraged to download it and get it running on their machine before the training starts. 

Interactive Learning - Half Day Sessions

June 6 - 9:00am-12:00pm

Pre-Registration Required

Interactive Game Teaches Cyber Safety to Kids

Elizabeth Joyce, HP Enterprise

In today's world, children are using devices for learning and fun, and going online earlier and earlier. Providing them with basic cybersecurity awareness and skills they need to protect themselves, their identity and data, is essential.  This session will introduce children, parents and educators to Cyber Squad - an interactive game that teaches children to stay safe online. While students pilot the Cyber Squad game, educators and parents will learn new ways to incorporate cyber safety lessons at school and at home. 

The highly interactive game provides players with mock scenarios across four key areas: personal information and digital footprint, online safety, privacy and security, and cyberbullying. It teaches cybersecurity literacy while simulating the consequences of both risky and safe online behaviors.

The New York State Office of Information Technology Services has teamed up with HPE and long-time partner Multi-State Information Sharing and Analysis Center (MSISAC), on a dynamic program to make this and other resources available to children throughout New York State.