For more information about CSM-ACE 2022, please contact: 
  • |
  • +603 8800 7999

Supply Chain Attacks: Leveraging on Tools and Threat Intelligence

Date 20 Oct 2022
Time 9:00 am - 5:00 pm
Venue Online

Training: RM1,500 (Fees exclude 6% SST)

This course provides an understanding of supply chain attacks, and mitigations steps can be taken to reduce the risk of the threats. During this session, participants will use multiple tools to simulate, detect, verify and perform threat intelligence sharing. This is a 1 day training with hands-on sessions.

  • Understand what are supply chain attacks.
  • Understand what mitigation steps can be taken to mitigate supply chain attacks.
  • Understand what detection steps can be taken to detect supply chain attacks.
  • Understand how threat intelligence sharing can help to reduce the spread of the attack.
At the end of the session, participants will be able to simulate a supply chain attack, verify the attack, escalate into an incident and perform threat intelligence sharing using combination of multiple tools.
  • SOC Managers
  • Information Security Managers
  • Tier-1 & Tier-2 Security Analysts
  • Security Engineers
  • IT/System Administration/Network Administration Professionals / Academia

1. Supply chain attacks

  • What is a supply chain attack
  • Types of supply chain attacks
  • What can Enterprises do to mitigate it

2. Red Team: Simulating a Supply Chain Attack

  • Hands-on session, simulating a Watering Hole Attack

3. Blue Team: Detecting a Supply Chain Attack

  1. Tools for Detections: SOC Platform
    • What is a SOC Platform
    • What are logs
    • Examples of SOC Platforms
  2. Tools for Detections: Threat Intelligence Platform
    • What is a Threat Intelligence Platform
    • What is threat intelligence
    • Examples of TI Platform
  3. Detection and Analysis
    • Hands-on session, detecting the attack, analysing the attack and escalating it into an incident ticket

4. Threat Intelligence Sharing

  • Learning the cyber threat intelligence language for sharing
  • Hands-on session, performing threat intelligence sharing