We've recently had our first CCDC meeting for the year. A small informational for interested students. It went well, we seem to have some good candidates already popping up. It's still too early to tell if they'll stick it out, but I'm hopeful we'll have a good team this year.
I'm planning on doing semi-regular updates on our team this year, mainly covering my perspective as co-captain and as a mentor. I'm also planning on dropping some of the tools and labs I'm creating for our team and my masters capstone. The first set of labs covers active directory configuration and object management. After finishing those, I'll work on labs for Linux incident response and systems hardening. I'm lucky to be in a position where my university has allowed me to use these labs to meet the capstone requirement, so long as I allow them to use the labs in undergrad courses. I'll also be releasing and updating my CCDC toolset for Windows servers and doing some deep dives on how they work/what they're used for (Vynae post coming soon!).
Part of our training this year will include hosting a live red team during our inject practices. Now that our university has relaxed its covid regulations, we'll be able to have more frequent in-person meetings. This will let us organize more advanced training sessions such as live red team practice. The current plan is to have team alumni come in and start poking around and shutting down insecure boxes during an in-person inject practice. We're trying to get an environment that is as close to the real thing as possible, and I'm excited to get the new members some hands-on practice.
Beyond that, we also have increased faculty involvement this year. I've asked several professors to come and give training sessions or topic-related lectures to the team this year. Typically, we get a very good incident response lecture from our coach, but this year we'll also be getting some custom pen testing and red team lectures. I'm also trying to put together some networking labs, but this semester might be a tad too busy to get those in a working state.
Comments
Post a Comment