Division Zero (Div0) – Singapore Cybersecurity Community

⚠️⚠️ RSVP on BOTH google form & meetup.
Google Form — https://forms.gle/2d8YxzuP1ztk4Vc58 ⚠️⚠️
—
AGENDA

• 7.00pm: Registration & Networking (30mins)
• 7.30pm: Opening Addresses by Donavan Cheah and Ng Yoon Yik, Co-Founders of TMC Singapore Chapter/Div0 TMQ (10mins)
• 7.40pm: Remarks by Emil Tan, Div0 Co-Founder (5mins)
• 7.45pm: Goals and Vision for TMC/TMQ (15mins)
• 8.00pm: Threat Modeling 101: Is it Just “STRIDE”? by Donavan Cheah (30mins)
• 8.30pm: Q&A (15mins)
• Till Late: Networking

SPONSORS

• VENUE SPONSOR: CyberSG TIG Collaboration Centre
• F&B SPONSOR: Threat Modelling Connect
• DIV0 SUSTAINING OFFICIAL SPONSOR: Red Alpha Cybersecurity

ABSTRACTS
Let’s have fun and delve deep into the exciting world of threat modeling!
Welcome to our first ever meetup by Singapore’s very own Threat Modeling Connect (TMC) Chapter, in collaboration with Division Zero’s Threat Modeling Quarter (TMQ).

No matter if you’re an experienced practitioner with countless hours of threat modeling, or completely new to this area of cybersecurity, we want you to join our community. You’ll get to learn how threat modeling is important and accessible to different teams in the system and software development lifecycles!

Threat Modeling 101: Is it Just “STRIDE”?
Often, the term "Threat Modelling" is related to STRIDE (in fact, a cursory Google search suggests STRIDE and PASTA).

But is threat modelling simply the use of a framework? Or is there more to it? In this talk, I will give an overview of some simple ways to view threat modelling and some best practices to deal with the fundamental questions espoused in the Threat Modelling Manifesto.

BIOS
Donavan Cheah — Cybersecurity Consultant, Thales
Donavan is a cybersecurity consultant with eight years of experience across offensive security, threat modelling, and governance, risk, and compliance. He has taught threat modelling regionally (SECCON JP, GCC 2025 @ Taiwan, Seasides @ Goa, SINCON). Donavan has been quoted in "The Pentester Blueprint" and writes for ISACA on diverse cybersecurity topics ranging from PQC to social science aspects in cybersecurity. Donavan looks at cybersecurity as a highly interdisciplinary team sport, and uses his various lenses, such as his Physics undergraduate experiences and penetration testing background to help organisations understand how their systems can go wrong, and more importantly, how to set them right.

Ng Yoon Yik — Div0 Crew
Yoon Yik is currently is an intern at the Cyber Security Agency of Singapore, where he did digital forensics and incident response. He also co-founded and is now an advisor for the NTU Cybersecurity Club. As a Global Cybersecurity Camp alumni, he is keen to bring more students and youths into the the world of threat modeling.

IMPORTANT NOTICES

• Code of Conduct: https://www.div0.sg/code-of-conduct
• Terms of Use & Disclaimer Notice: https://www.div0.sg/terms-of-use-disclaimer-notice

⚠️⚠️ To attend, please also fill up this registration form: [https://forms.gle/NAY2Ju1EsGNaqDo79] ⚠️⚠️
*Please keep a look out for our email on the outcome of your registration that will be sent to you at 1-2 day(s) before the session. If you did not receive any updates, please drop Anna an email at anna@div0.sg*

Career Series: Talk & Tackle is a dynamic initiative designed to elevate the professional development of cybersecurity practitioners. This series will feature a combination of hands-on workshops and interactive Q&A sessions, providing an engaging platform for experienced professionals to tackle pressing technical challenges in real-time.
Each quarter, Talk & Tackle will focus on four distinct themes:

1. Red Team: Participants will explore offensive security tactics, learning how to think like an attacker. Workshops will cover topics such as penetration testing methodologies, social engineering techniques, and the latest tools used in red teaming, equipping attendees with the skills to anticipate and counteract threats.
2. Blue Team: This theme will delve into defensive strategies, emphasizing threat detection, incident response, and risk management. Attendees will engage in simulations and case studies that allow them to practice and refine their skills in protecting networks and systems against various cyber threats.
3. White/Yellow/Green Team: These sessions will foster collaboration between offensive and defensive teams. We’ll address best practices in threat intelligence sharing, security policy development, and compliance measures. This integrated approach will highlight the importance of a cohesive cybersecurity strategy across different teams.
4. Emerging Technologies: As technology rapidly evolves, this theme will focus on the latest advancements in cybersecurity, including artificial intelligence, machine learning, and blockchain security. Participants will gain insights into how these technologies are reshaping the cybersecurity landscape and explore practical applications to enhance their own security practices.

ABOUT THE WORKSHOP
Read more here

AGENDA

• 6.30pm: Registration
• 7.00pm - 10.00pm: Talk & Tackle — Threat Modelling with ATT&CK
• Till Late: Networking

SPONSORS

• MEETUP VENUE SPONSOR: CyberSG TIG Collaboration Centre

SPEAKERS' BIO
Desmond CHER | Desmond is a Lead Cybersecurity Consultant with GovTech’s Cyber Security Group. With 14 years of ICT security experience under his belt in the public sector, his areas of expertise include threat modelling, risk assessment, wireless security assessment and cybersecurity innovative engineering and governance. Desmond is a strong advocate for the adoption of threat modelling in risk assessments, innovating a threat modelling methodology and toolset to guide security consultants in performing threat-based risk assessments with ease. He is CISSP, CSSLP, CCSP, CRISC and GIAC-GAWN certified.

Andre NG | Andre is an engineering manager for GovTech Anti-Scam Products (GASP). With his team, he builds tech products to enable the Government (including law-enforcement) and the industry to detect, deter, and disrupt tech-enabled scams at scale. Before working on combating scams, Andre led the Engineering team that supported the Government Cybersecurity Operations Centre (GCSOC), wrote and reviewed cybersecurity policies, and delivered on Government wide programmes such as the Vulnerability Disclosure Programme (VDP) and the Bug Bounty Programme (BBP).

IMPORTANT NOTICES

• Code of Conduct: [https://www.div0.sg/code-of-conduct]
• Terms of Use & Disclaimer Notice: [https://www.div0.sg/terms-of-use-disclaimer-notice]

⚠️⚠️ To attend, please also fill up the following registration form: https://forms.gle/2d8YxzuP1ztk4Vc58 ⚠️⚠️

AGENDA

• 6.30pm: Registration & Networking (30mins)
• 7.00pm: Introduction & Announcement (15mins)
• 7.15pm: "All Pills at once in 45 mins: From Penetration Test to Red Team to Blue Team" by Bitdefender (45mins)
• 8.05pm: Q&A Discussion (40mins)
• Till Late: Networking

SPONSORS

• MEETUP SPONSOR: CREST
• MEETUP VENUE SPONSOR: CyberSG TIG Collaboration Centre

ABSTRACT
All Pills at once in 45 mins: From Penetration Test to Red Team to Blue Team
Bitdefender, and previously Horangi Cyber Security, has been conducting penetration tests and red team exercises since 2016. We broke into usual offices and data centers, but we also exploited EV chargers, robots, and 5G. Based on that experience, we will share what skills are required for penetration tests and how to upgrade to red team skills, and how companies can establish their security assessment programs.

We will also set up a short but dynamic, realistic, and fun demo with the exploitation of a server. Explain what a red team engagement may look like.

Excitedly, this talk also gives a remedy for protection. We will share about reducing the attack surface and how many system default tools in OS can be disabled to prevent most attacks.

There will also have an interactive demo to show a simple, short red team engagement.

BIOS
TBC

IMPORTANT NOTICES

• Code of Conduct: https://www.div0.sg/code-of-conduct
• Terms of Use & Disclaimer Notice: https://www.div0.sg/terms-of-use-disclaimer-notice

Submit the form and be part of the journey ➡️ https://forms.gle/C6rQP7nh2Tp1P5C38

AGENDA

• 1.00pm: Registration & Networking (30mins)
• 1.30pm: Introduction & Announcement (10mins)
• 1.40-4.30pm: Workshop by Berlynn Neo

CONTENT
1. Environment setup
2. Static malware analysis - fingerprinting, packing and obfuscation, strings extraction, PE header info, assembly language
3. Dynamic malware analysis - monitoring network, monitoring processes and files, monitoring registry
4. Walkthrough
a. some of above techniques
b. using static disassembly to understand flow and windows API functions
c. running the sample in a debugger for deeper analysis

Workshop Pre-Requisites:

• laptop & power charge, >80GB free storage and >8GB RAM (note that the link to the VM image will be sent closer to the date along with instructions)
• VMware installed

IMPORTANT NOTICES
Code of Conduct: https://www.div0.sg/code-of-conduct
Terms of Use & Disclaimer Notice: https://www.div0.sg/terms-of-use-disclaimer-notice

See you all there!👋🏽