Tentative Crownless Shield – A Deep Dive into Modern Defensive Operations
The escalating threats posed by hackers necessitate that businesses allocate substantial time and resources to fortify their defenses against the harm inflicted by these attackers. However, a significant majority of companies find themselves lacking a comprehensive understanding of critical concepts and thought processes that are essential before, during, and after an attack, not to mention the necessary cybersecurity measures. In response to this challenge, our course adopts the perspective of the blue team to comprehensively explore the essential concepts and techniques they require. The curriculum is anticipated to cover areas such as identifyication, detection engineering, detection operation, incident response, digital forensics, malware analysis, and threat monitoring. Its objective is to equip participants with the necessary knowledge and skills for their day-to-day operations, integrating theoretical understanding with practical application. By the conclusion of the course, participants will have acquired valuable insights and skills pertinent to blue team operations, thereby enhancing the cybersecurity defenses of their organizations.
Training Outline
-
Title
Crownless Shield – A Deep Dive into Modern Defensive Operations
-
Trainer
Mars Cheng(TXOne)
-
Language
English
-
Date
2026-11-14 9:00 - 18:30
2026-11-15 9:00 - 18:30 -
Venue
Bellesalle Shinjuku Grand Conference Center (5F)
-
Capacity
42 (*Minimum 10 participants)
-
Remarks
Include 2day Conference ticket(November 17th to 18th, 2026) for training attendees
Training Application
Training Detail
- Security Operations and Incident Response Professionals
Have the basic ability to operate Windows/Linux operating systems - Have the basic ability to operate Forensics and Malware analysis tools - Have the Basic knowledge of TCP/IP protocols and operate Wireshark
What skills will participants learn at your training?
- Participants will cultivate a comprehensive grasp of the blue team concept, focusing on its role and importance within the cybersecurity framework, this includes understanding the varied strategies employed by blue teams to defend against cyber threats
- Participants will acquire hands-on experience in endpoint and network detection, detection engineering, security incident response procedures, digital forensics, and malware analysis. These skills are vital for addressing real cybersecurity challenges within any organization
- Participants will be capable of implementing advanced blue team techniques for threat monitoring, analysis, and response, ensuring a robust defense against the increasing threats posed by hackers.
What students should bring
VMware Workstation, VMware Fusion (Mac Users please use Non-Apple chip), the hard disk space requirement is more than 60G, and the minimum requirement for memory is 16GB, but 24GB or more is recommended.
What students will be provided with
- 4 sets of VM (ova)
- Comprehensive course materials in PDF format
- Detailed lab instructions in PDF format
- 2 months of support for course-related queries
Course Details
Detailed Course OutlineDetailed Course Outline
Mars Chen
マーズ・チェン
Mars Cheng (@marscheng_) is the Head of Cyber Threat & Product Defense Center at TXOne Networks Inc., responsible for leading the three subgroups under the center, including PSIRT, Advanced Threat Research Group, and Threat Operation Group. He also serves as the Executive Director of the Association of Hackers in Taiwan (HIT/HITCON), a Review Board Member for both HITCON Conference and Training, FIRSTCON26, the General Coordinator of HITCON CISO Summit 2026, and a Cybersecurity Auditor for the Taiwan Government. In these roles, he plays a pivotal part in fostering collaboration between industry and government to strengthen national cybersecurity resilience.
Mars specializes in IoT, ICS/SCADA systems, malware analysis, threat intelligence and hunting, blue team, and enterprise security. A seasoned speaker, Mars has delivered over 60 presentationst at international cybersecurity conferences, including Black Hat USA, Europe, and MEA, RSA Conference, DEF CON, CODE BLUE, FIRST, HITB, HITCON, Troopers, NOHAT, SecTor, CYBERSEC Tawian, S4, SINCON, ROOTCON, among others. He is also an experienced cybersecurity instructor, having delivered over 35 training sessions at events such as NATO Cooperative Cyber Defence Centre of Excellence, Global Cybersecurity Camp (GCC) 2026, 2024, HITCON Training (2025, 2022, 2021, 2020, 2019), NICS Elite Practical Training Taiwan (2025–2022), and for various ministries in Taiwan, including National Defense, Economic Affairs, Education, and Finance, as well as for publicly listed companies.
He has successfully organized several notable HITCON events, such as the HITCON CISO Summit in 2025, 2024 and 2023, HITCON PEACE 2022, and HITCON 2021 and 2020.