Blueteam Capture The Flag
Blue Team CTF is a threat hunting exercise where the focus is to find and analyze threat actors activities in gameficated scenario. The training audience investigate multi-phase cyber attack's traces from different organization environments. The aim of the exercise is to analyze the different flags and other traces and create timeline and attackers activity mapping.
The participants learn how to hunt threat actors in different environments and learn how attackers conduct their campaigns and TTPs (Tactic, Techniques, Procedures). The scenarios are thoroughly reviewed during the exercise including the attacking methods, tools, and how defenders can find the traces of the attacks.
Attacker targets activities to whole company
Industrial Control System organization Funnel
Attacker targets activities to ICS/SCADA-systems
Internet Service Provider organization RNA
Attacker targets activities to management environment and core network
Total of 10-12 participants
Three work days