ABOUT US
What is RedShield Training?
RedShield Training is South Asia's premier offensive-first cybersecurity training program. We train security professionals to think, act, and respond like real-world attackers — so they can build impenetrable defenses.
Our curriculum is built for professionals across all industries — from banking and finance to telecom, healthcare, government and beyond — with AI-powered tools integrated throughout every module.
Offensive-First
Learn to attack so you know exactly how to defend.
AI-Integrated
Local LLMs, ShellGPT & Ollama woven into every lab.
Regional Focus
Tailored for South Asian threat landscape & regulations.
Industry-Specific
Purpose-built for BFI, ISP & enterprise environments.
✅ Training at a Glance
- 3-Day Intensive Program
- 9 Hands-On Labs (incl. Capstone)
- AI Tools: Ollama, ShellGPT, Local LLMs
- Attack Tools: BloodHound, Nmap, Shodan
- Defense: pfSense, Ansible, PingCastle
- Hardware: Flipper Zero
- Platforms: HTB Academy, TryHackMe
- Certificate + Lifetime Community Access
- Online Delivery · Onsite Available
- Active in Nepal · Expanding to Bhutan
3-DAY PROGRAM
Training Curriculum
A structured 3-day curriculum running from 10 AM to 5 PM each day, covering AI security foundations, application security, identity hardening and a sector-specific capstone.
Day 1: AI, Exposure & OSINT
Day 2: Apps, Human Risk & AD
Day 3: Hardening & Capstone
Day 1: AI Security Foundations, Attack Surface & OSINT
Module 1.1: The AI-Augmented Security Workspace
Focus: Moves from public AI to secure local LLM use for cyber operations, including privacy risk, private AI analyst architecture, Ollama, ShellGPT, and safe workflows. Shows how AI can support mapping, notes, risk identification, and documentation while keeping data local and requiring analyst validation.
🧪 Lab 1: Secure AI Analyst Setup
- Install Ollama, connect ShellGPT, and validate a controlled local AI workflow for security analysis.
- Use the local model to map a network scenario to NIST CSF 2.0 and identify key risks.
Module 1.2: Attack Surface Mapping & Exposure Management
Focus: Covers attacker-visible assets such as domains, subdomains, public IPs, cloud assets, APIs, external services, and unmanaged exposure. Teaches asset discovery, exposure validation, and risk-based remediation so trainees can prioritize what matters.
🧪 Lab 2: External Exposure Register
- Identify internet-facing assets using attacker-view discovery and classify them by type, ownership, and exposure level.
- Build a prioritized exposure register using validation status, likely impact, and remediation urgency.
Module 1.3: Digital Footprinting (OSINT 2.0)
Focus: Uses AI-assisted analysis of public sources, repositories, DNS, certificates, and exposure data to identify organizational assets. Teaches correlation of public clues into infrastructure relationships, digital footprint visibility, and likely vulnerability areas.
🧪 Lab 3: OSINT and Asset Correlation and VA
- Analyze a target using structured reconnaissance, Nmap-style visibility, and Shodan-based exposure concepts.
- Correlate findings into a Potential Vulnerability Map showing likely weak points and asset relationships.
| Time | Session | Type |
|---|---|---|
| 10:00–10:30 | Welcome, orientation and lab environment briefing | Setup |
| 10:30–11:30 | Module 1.1: The AI-Augmented Security Workspace | Theory |
| 11:30–12:15 | Lab 1: Secure AI Analyst Setup | Lab |
| 12:15–13:00 | Module 1.2: Attack Surface Mapping & Exposure Management | Theory |
| 13:00–14:00 | Lunch Break | Break |
| 14:00–15:00 | Lab 2: External Exposure Register | Lab |
| 15:00–15:45 | Module 1.3: Digital Footprinting (OSINT 2.0) | Theory |
| 15:45–16:30 | Lab 3: OSINT, Asset Correlation and VA | Lab |
| 16:30–17:00 | Day 1 recap and Q&A | Review |
Day 2: Application Security, Human Risk & Active Directory
Module 2.1: Industry-Specific Application Security Vectors
Focus: Covers web application attacks such as SQL Injection, authentication flaws, insecure input handling, weak validation, and insecure business logic. Teaches trainees to review application attack surface, assess impact, and think in terms of secure testing and remediation.
🧪 Lab 4: Web Security Attack and Assessment
- Assess a controlled web application and review request flow, authentication behavior, validation, and logic weaknesses.
- Identify key findings, rate significance, and document weaknesses in a clear technical format.
Module 2.2: The Human Element and Social Engineering Defense
Focus: Covers phishing, vishing, impersonation, authority abuse, and AI-enabled deception in enterprise settings. Focuses on verification controls, escalation procedures, and safe response habits to reduce human-factor risk.
🧪 Lab 5: Social Engineering Response Simulation
- Run a controlled simulation involving suspicious requests, pressure cues, and deceptive communication patterns.
- Practice spotting red flags, verifying legitimacy, and escalating safely through approved processes.
Module 2.3: AD Audit & Exploitation – The Identity Core
Focus: Explains identity trust, privilege paths, delegation risk, Kerberoasting, NTLM relay exposure, and escalation logic in AD. Introduces trust boundaries, tiered administration, BloodHound-style path analysis, and identity attack chains for audit and hardening.
🧪 Lab 6: Active Directory Attack Path
- Use a virtual AD lab to identify shortest privilege paths and review relationships between users, groups, systems, and permissions.
- Analyze identity-based attack opportunities and prioritize the paths that matter most for remediation.
| Time | Session | Type |
|---|---|---|
| 10:00–10:15 | Day 2 kickoff and Day 1 review | Review |
| 10:15–11:15 | Module 2.1: Industry-Specific Application Security Vectors | Theory |
| 11:15–12:15 | Lab 4: Web Security Attack and Assessment | Lab |
| 12:15–13:00 | Module 2.2: The Human Element and Social Engineering Defense | Theory |
| 13:00–14:00 | Lunch Break | Break |
| 14:00–15:00 | Lab 5: Social Engineering Response Simulation | Lab |
| 15:00–15:45 | Module 2.3: AD Audit & Exploitation – The Identity Core | Theory |
| 15:45–16:30 | Lab 6: Active Directory Attack Path | Lab |
| 16:30–17:00 | Day 2 recap and Q&A | Review |
Day 3: Identity Hardening, Infrastructure Defense & Capstone
Module 3.1: AD Fortification & GPO Enforcement
Focus: Covers AD hardening through GPO enforcement, protocol reduction, administrative tiering, and secure configuration improvement. Teaches an audit-to-remediation workflow for prioritized and measurable identity security improvement.
🧪 Lab 7: Active Directory Hardening
- Audit a weak AD environment using a structured approach and tools such as PingCastle or Purple Knight.
- Apply prioritized fixes and review how hardening actions reduce identity risk and improve posture.
Module 3.2: Infrastructure Lockdown & Hardening-as-Code
Focus: Covers segmentation, deny-by-default controls, pfSense or NGFW policy design, management VLAN isolation, Linux hardening, and SSH security. Introduces Ansible-based enforcement for repeatable hardening and reduced configuration drift.
🧪 Lab 8: Firewall and System Hardening Automation
- Deploy key firewall controls and create automation steps for hardened Linux and SSH baselines.
- Validate access restrictions, baseline consistency, and the value of automation in secure infrastructure management.
Module 3.3: The 360° War Room Capstone
Focus: Integrates offensive awareness, defensive analysis, triage, containment, log review, evidence handling, and attacker tracing. Teaches participants to turn technical findings into structured reporting for operations and management.
🏆 Lab 9: Payment/ISP Breach Simulation
- Investigate a simulated breach in a payment or ISP-style environment, identify attacker activity, and contain impact.
- Review logs and evidence, then produce a technical incident report based on findings and response actions.
| Time | Session | Type |
|---|---|---|
| 10:00–10:15 | Day 3 kickoff and Day 2 review | Review |
| 10:15–11:15 | Module 3.1: AD Fortification & GPO Enforcement | Theory |
| 11:15–12:15 | Lab 7: Active Directory Hardening | Lab |
| 12:15–13:00 | Module 3.2: Infrastructure Lockdown & Hardening-as-Code | Theory |
| 13:00–14:00 | Lunch Break | Break |
| 14:00–15:00 | Lab 8: Firewall and System Hardening Automation | Lab |
| 15:00–15:45 | Module 3.3: The 360° War Room Capstone | Theory |
| 15:45–16:30 | Lab 9: Sector specific Breach Simulation | Capstone |
| 16:30–17:00 | Final debrief, assessment and closing | Closing |
Tools You'll Master
🤖 Ollama
💬 ShellGPT
🔍 Nmap
📡 Shodan
🩸 BloodHound
🔐 Mimikatz
🛡️ pfSense
📋 Ansible
🐬 Flipper Zero
🏰 PingCastle
👑 Purple Knight
🎯 Metasploit
🌐 Burp Suite
🐧 Kali Linux
🎓 HTB Academy
🔬 TryHackMe
🦙 Llama 3.2
ENROLLMENT BENEFITS
What's Included
Everything you need before, during and after training.
Certificate of Completion
Branded RedShield certificate, shareable on LinkedIn and recognized by employers across Asia.
9 Hands-On Labs
Real-world attack and defense scenarios including a full capstone war room simulation.
Course Materials & Resources
Checklists, cheat sheets, AI prompt libraries, Ansible playbooks and security templates.
Lifetime Community Access
Join the RedShield Expert Network — a private community of security professionals across Asia.
Post-Training Reference Pack
Comprehensive course notes, module summaries, and supporting materials for continued learning and internal team reference.
Security Toolkit & Templates
Ready-to-use frameworks, incident report templates, hardening checklists and tool configs.
TARGET AUDIENCE
Who Should Attend?
Designed for security practitioners. Basic networking and security knowledge recommended.
Security Officers & SOC Analysts
Frontline defenders looking to understand attacker techniques to improve detection and response.
CISOs & IT Security Managers
Security leaders who need hands-on understanding of modern offensive techniques to make better decisions.
Network & System Administrators
Infrastructure teams responsible for firewalls, AD environments and network segmentation.
Penetration Testers
Security professionals seeking advanced AI-augmented offensive skills and modern attack techniques.
Critical Sector Security Teams
Teams across banking, telecom, ISPs, corporate enterprises, and government organizations facing targeted attacks on critical infrastructure.
Compliance & Audit Teams
Professionals handling ISO 27001, NIST compliance and security audits who want technical depth.
TESTIMONIALS
What Participants Say
From security professionals trained in Nepal.
★★★★★
“I found the RedShield Training highly practical and relevant to real organizational challenges. The sessions helped me better understand how to identify risks, respond to vulnerabilities, and improve our internal security approach. After attending the training, I was able to apply the learning directly in my workplace and contribute more effectively to protecting our organization’s systems and data.”
Information Security Officer, Commercial Bank of Nepal
★★★★★
“I joined the RedShield Training while already working in an IT role, and it gave me a much clearer understanding of security threats, assessment methods, and defensive practices. What I appreciated most was the focus on practical learning that can be implemented inside an organization. This training has helped me support my company in a better way by improving our overall security awareness and readiness.”
IT Head, Everest Wireless Nepal
EXPANSION ROADMAP
Training Across Asia
RedShield is building the largest cross-border cybersecurity professional network in South and Southeast Asia.
✓
🇳🇵 Nepal
Completed ✓
▶
🇧🇹 Bhutan
In Progress
3
🇦🇺 Australia
Q3 2026
4
🇧🇩 Bangladesh
Q4 2026
5
🇱🇰 Sri Lanka
2027
6
🇮🇳 India
2027
∞
🌏 Beyond
TBA
APAC-Focused Security Context
Designed for organizations across the Asia Pacific region working in financial services, telecom, enterprise IT and rapidly growing digital infrastructure.
Bhutan Expansion Context
Positioned for teams that want practical, organization-ready cyber defense capability with regional relevance and hands-on delivery.
EXPERT NETWORK
The RedShield Community
Every graduate gets lifetime access to our private, cross-border cybersecurity expert network.
Private Expert Network
Connect with verified security professionals from Nepal, Bhutan, India and beyond.
Monthly Threat Briefings
Stay updated with latest CVEs, regional incidents and emerging threat intelligence.
Career & Job Board
Exclusive cybersecurity job postings and career opportunities across Asia.
CTF Competitions
Regular Capture The Flag challenges to continuously sharpen your offensive skills.
Resource Vault
Continuously updated tools, templates, wordlists, AI prompts and security guides.
Expert Guest Sessions
Live sessions with industry leaders, ethical hackers and regional security experts.
INVESTMENT
Enrollment Pricing
Invest in your team's security capabilities. Contact us for current rates and available batch dates.
Individual Enrollment
For security professionals, analysts & IT staff
Contact Us
For current pricing & upcoming batch dates
Get Pricing →
BEST VALUE
Corporate / Group
5+ participants from one organization
Custom Pricing
Tailored quotes for your team size & needs
Request a Quote →
YOUR INSTRUCTOR
Trained by the Best in the Field
An industry-recognised cybersecurity expert with over a decade of hands-on experience in ethical hacking, penetration testing, and enterprise security consulting.
Cybersecurity Expert
Lead Trainer & Consultant
📍 Kathmandu, Nepal
EC-Council Certified Instructor
Licensed Penetration Tester
Certified SOC Analyst
ISO 27001:2022 Lead Auditor
Certified Penetration Testing Professional
10+ Years Breaking & Building Security Systems
From banking institutions to government networks — our trainer has stress-tested, breached (legally), and hardened systems across South Asia's most critical infrastructure.
About
A senior Security Researcher and Consultant with a deep background in Ethical Hacking, Digital Forensics & Incident Response, SOC operations, and ISO 27001 auditing. Authorised by EC-Council as a Certified Instructor (CEI) — licensed to certify professionals in CEH, CPENT, CSA, CCTv1, and CSCUv2.
Has delivered live cyber drills, red team exercises, and CISO advisory across Nepal and South Asia — bringing that same real-world attack perspective into every classroom session.
10+Yrs Experience
500+Professionals Trained
12+Certifications
50+Organisations
Skill Proficiency
Penetration Testing
Ethical Hacking
SOC & DFIR
Web App Security
Network Security
ISO 27001 Auditing
Cyber Drills & CISO
Certifications & Credentials
🏅 CEH Master
🏅 CEH Practical
🏅 LPT — Pen Tester
🏅 CPENT
🏅 CEI — EC-Council Instructor
🏅 CSA v1 — SOC Analyst
🏅 CCTv1
🏅 CCNA Cyber Ops
🏅 ISO 27001:2022 Lead Auditor
🏅 ISO 27001 Associate
🏅 CNSS — ICSI UK
🏅 DFIR
Areas of Expertise
CONTACT US
Ready to Enroll?
Limited seats per batch. Reach out to secure your spot or request a corporate quote for your team.
Email
training@triodeers.com
WhatsApp / Phone
+977 9705548494
Website
www.triodeers.com
Best For
Corporate Teams, Security Staff and IT Professionals
ENROLLMENT FORM
Register for RedShield Training
Fill in your details below and we'll get back to you within 24 hours to confirm your enrollment or provide a corporate quote.