Certified Google Red Team Specialist [CGRTS]
• Aligned with MITRE ATT&CK Cloud for Google
• Practically understand Google Cloud Red Team Fundamentals
• Simulate Cyber Kill Chain in Google Cloud Environment
• Target & Abuse Google Enterprise Applications
• Perform Blue Team Operations in Google Cloud Environment
Schedule:
Date:
16th, 17th & 18th June 2023
Time:
IST Time : 8:00 PM to 12:00 AM midnight IST
UK Time : 03:30 PM to 07:30 PM
Duration :
12 Hours (4 Hours each day)
Coupon code:
Get 25% OFF, Use coupon code "CWL25OFF"
ENROLL NOW
Study Materials
150+ Pages PDF & One-to-One Interaction with Instructors
Deploying Labs
Custom Automated Scripts
Enterprise Cloud
Red Team Ops. in Google Cloud Environment
Become CGRTS
Earn Digital Badge + Certificate
About CGRTS
Google Cloud Services is used by enterprises for organizing data, operate in open infrastructure, collaboration using business apps & managing security. Google Cloud is one of the leading cloud vendors providing services to business critical sectors like Banks, MNCs, Enterprises etc. The training is designed for penetration testers / red team, cloud architects and SOC team members to understand offensive cyber operational approach in enterprise Google Cloud environment. Class will go through mapping Google Cloud Services, identifying & abusing mis-configurations & then replicating Real-World TTPs encountered by trainers during engagements.
The content is mapped with MITRE ATT&CK for GCP standards. Class will cover Google Cloud Platform core services, Google Workspace (Previously Gsuite) applications & then Security Controls & Monitoring aspects in order to better refine detection in an enterprise.
Google Cloud Red Team Specialist Training Highlights:
Understand Google Cloud Architecture
Learn about Enterprise Business Applications / Authentication & Red Team Mehodology
Enumerating services and it's components from GUI Portal & CLI
Replicate our research on Initial Access via Illicit Grant Attack [GCP]
Replicate Cyber Kill Chain in our cutting-edge Cyber Range Lab
Interesting ways of Credential Hunting to expand internal access
Understand about security solutions provided by GCP
Perform GCP focused Blue Team Ops.
CGRTS Enterprise Lab Highlights:
Map Google Cloud Architecture
Perform Red Teaming by misusing core services in Enterprise GCP account
Access GCP Services using GUI Portal, CLI & API for Red Teaming
Understand to use Automated & Manual Tools / Techniques to simulate adversaries
Execute Red Team Lifecycle from Initial Access to Data Exfiltration
Execute MITRE ATT&CK mapped GCP TTPs
Abuse Enterprise Business Applications
Perform Cross-Project Lateral Movement
CGRTS Syllabus Highlights:
Google Cloud & Red Team Fundamentals:
- Google Cloud Platform
- Hierarchy
- Service Account
- Identity & Access Management
- Google Workspace
- Management
- Productive Apps
- Google Cloud Authentication
- GUI, CLI & API
- Motive / Objective in Red Team Ops in Google Cloud
- Red Team Methodology
- Cyber Kill Chain
- Assume Breach Scenario
- MITRE ATT&CK Matrix for Cloud
Red Team Operations in Google Cloud Environment:
- Open Source Information Gathering (OSINT)
- Passive [DNS based]
- Active
- Gaining Initial Access
- Stolen Credential [SVN, Dev System Compromise]
- Exploiting Application [App running on VM, Server-less, Kubernetes]
- Internal Recon
- Google Cloud Services
- Privilege Escalation
- Local [VM] Based [Windows, Linux]
- Cloud Based [IAM Mis-configuration, Service Account etc.]
- Maintaining Access
- Local [VM] Based [Users, OsLogin, SSH Key etc.]
- Cloud Based [Service Account, Cloud Function etc.]
- Hunting for Credentials
- Secret [Secret Manger etc.]
- Sensitive Data [Buckets, Databases etc.]
- Lateral Movement
- Pivot the Networks Boundary [VPC]
- Expand Access Control Plane to Data Plane [VMs]
- GCP to Workspace Access [Domain Wide Delegation]
- Achieving the Objectives
- Data Exfiltration / Destruction / Encryption
Blue Team Operations in Google Cloud Environment:
- Security Controls
- Organizational Policy
- Logging & Monitoring
- Security Command Center
Pre-requisites:
Understanding of Web & Network Pentesting
Red Team Methodology
Familiarity with Command line basics
Certification Procedure:
Candidates Precision and Patience will be judged to pass a 12 hours hands-on examination with 12 hrs reporting time on an Realistic Google Cloud Enterprise environment to earn Google Cloud Red Team Certification.
One exam re-attempt is included with the purchase. Instructors will provide helpful feedback before the start of re-attempt.
Skills Reflected by Certificate Holder:
• Knowledge of Red Team Methodologies in Enterprise Google Cloud Environment
• Understanding of MITRE ATT&CK for GCP
• Identifying, analyzing and abusing Google focused mis-configurations
• Enumerating & Mapping Attack Surface
• Perform Cross-Project Lateral Movement
• Perform Full-Fledged Cyber Kill Chain
• Mapping and profiling critical cloud assets
• Implementing Red Team & Blue Team Infra in Google Cloud
