Just a moment, logging you in...
Two-day hands-on training, specifically designed for blue team professionals, offering a unique and immersive experience in defensive cybersecurity through live attack simulations.
Participants will be guided by an experienced Blue Team instructor throughout the training. The course is designed to reflect the latest attacker techniques, blending both stealthy and overt tactics to challenge and expand your defensive capabilities. Each exercise is structured to simulate real-world scenarios, encouraging participants to think critically and respond effectively.
If participants are unfamiliar with any of the tools used, the instructor will provide concise, practical introductions to ensure everyone can fully engage with the hands-on activities. The focus is on real-time application—learning by doing in a dynamic, threat-rich environment.
Target Audience This technical training is ideal for IT and cybersecurity professionals seeking to deepen their expertise in blue teaming, threat hunting, and detection engineering. Participants will face a live, ongoing cyberattack and gain hands-on experience in how collaborative defence strategies can significantly improve an organisation's resilience against real-world threats. Recommended for: Cybersecurity Professionals Threat Hunters Incident Responders SOC Analysts Detection Engineers IT Professionals with a strong interest in technical cybersecurity
T raining Highlights
Realistic Attack Simulations: Over two days, participants will navigate a series of escalating attack scenarios starting with foundational detection techniques and progressing to advanced tactics such as: Webshell deployment Credential dumping Command and control (C2) techniques Website exploitation Various attacks on critical applications and services Social engineering Lateral movement And more
Guided Threat Hunting & Detection Engineering: Through structured exercises, participants will craft and apply detection rules to identify and neutralise adversarial activity in real time.
Purple Team Collaboration: Post-Mortem Joint sessions between offensive (red) and defensive (blue) roles foster a deeper understanding of attacker methodologies and defensive countermeasures, enhancing cross-team collaboration.
Toolset & Technology Integration: Participants will gain hands-on experience with a wide range of Microsoft and security tools, including: Microsoft Sentinel SIEM Defender for Endpoint, Cloud Apps, Office 365, Identity, Cloud, and IoT Web Application Firewalls, traditional firewalls, and other defensive technologies
By the end of the training, attendees will be equipped to: Develop and implement custom detection queries Design proactive threat-hunting strategies Strengthen red-blue team collaboration Enhance their organisation’s overall security posture