Ransomware Live Fire Exercise

9-10 March 2021
Adelaide, SA
Register now

Thank you for your interest. Registrations for this event are now closed.

Retrospect Labs, in collaboration with the A3C and AustCyber SA Node, is excited to offer a unique and interactive guided cyber security exercise.

Participants will be part of an Incident Response team dealing with a ransomware incident at a fictitious company. The realistic scenario has been designed and crafted to simulate a real incident response operation, providing offline files and live elements that participants will interact with.

As participants work their way through the scenario, incident response methodologies and best practices will be discussed and then immediately put into practice, thereby solidifying learnings and providing participants with first-hand experience in achieving desired incident response outcomes.

Course details

Dates: 09 to 10 March 2021
Time: 9:00am to 4:30pm each day
Delivery: In person (pending COVID-19 guidelines – we note that the COVID-19 situation remains fluid and will continue to monitor the situation as it evolves. Any impacts to this training will be communicated as early as possible.)
Location: Lot Fourteen, Frome Road, Adelaide
Price: $2000 +GST per participant (invoice to be sent soon after we receive registration)

Please note that this course is limited to 20 places. Sign up quick and avoid disappointment!

Recognising the need for greater diversity in gender within the industry, AustCyber SA Node are kindly sponsoring a limited number of scholarships for women to participate in this training.

What to expect

Working in small teams (2-3 people), participants can expect to:

  • Evaluate evidence and communicate with the victim organisation. Appropriately answer their questions and manage their expectations.
  • Perform forensic analysis on a range of different artefact types.
  • Analyse malicious files to determine and understand what nefarious activities have occurred.
  • Leverage MITRE ATT&CK to guide analysis activities and to communicate findings in a consistent and straight forward manner.
  • Capture findings and ensure accurate record keeping using a case management system.
  • Develop a detailed and effective remediation plan.
  • Be exposed to a range of different skillsets (both technical and non-technical), required to appropriately manage every aspect of an incident response operation.

At the end of the exercise, participants will know how to effectively respond to the malicious tradecraft used by cyber adversaries to target, compromise and disrupt victim networks through a ransomware attack.

Suitable roles to attend

This event has been tailored for those in a security operations related role (such as SOC analyst, threat intelligence analyst, and incident responder) who may have had limited experience responding to incidents, and/or want to grow their knowledge and capability in this domain.

About the instructors

Retrospect Labs specialise in cyber security exercises. Our team is led by former Australian Government incident responders who have countered some of the most significant incidents impacting Australian Government and critical infrastructure.

We are committed to delivering meaningful cyber security exercises to upskill Australian cyber professionals so they, and the organisations they work for, can be ready for any incident.

Back to Events


Please fill out the form to register for this event. We will be in touch soon once we receive your submitted form.