Overview
[By approval only] Due to the limited capacity for this Tech Talk, participants who have successfully registered will receive a confirmation of registration.
Please lookout for a confirmation of registration which will be sent directly to your email. (Note: Only participants who have received this confirmation will be able to attend this Tech Talk).
By registering for this Tech Talk, you agree to the sharing of your registration details with the event’s organising partners.
Join us for Tech Talk, a part of SGInnovate's Let's Tech It series - an exciting session where innovation meets practical application.
In today's complex hybrid environments, security teams are overwhelmed by an ever-expanding attack surface and an endless list of vulnerabilities. Traditional approaches to vulnerability management, which rely heavily on CVSS scores, are no longer sufficient. This reactive posture leads to inefficient patching, alert fatigue, and a critical disconnect between security efforts and actual business risk.
This hands-on workshop, jointly presented by TNS and XM Cyber, introduces a proactive, attacker-centric approach to cybersecurity. We will guide participants through the principles of Continuous Threat Exposure Management (CTEM), demonstrating how to move beyond theoretical risk scores. Attendees will learn to visualize their unique attack surface, identify chained attack paths to critical assets, and prioritize the "choke points" that offer the highest risk reduction with the least effort.
By combining the foundational security of TNS's managed network infrastructure with the advanced attack path analysis of XM Cyber, participants will leave with a practical framework for building a more resilient and efficient cyber defence program.
Course Description & Learning Outcomes
Upon completion of this workshop, participants will be able to:
Understand the core principles of a Continuous Threat Exposure Management (CTEM) program.
Identify and map critical assets and potential attack paths across a hybrid environment.
Think like an attacker to see how vulnerabilities, misconfigurations, and identity exposures can be chained together.
Utilise attack path analysis to move beyond CVSS scores for true risk-based prioritization.
Pinpoint and prioritise the remediation of "choke points" that disrupt multiple attack paths.
Effectively communicate security risks to stakeholders in the context of business impact.
Recommended Prerequisites
Target audience
This workshop is designed for security and IT professionals who are responsible for managing and reducing organisational risk, and seeking to understand modern exposure management, including:
Security Operations (SecOps) Managers and Analysts
Vulnerability Management Teams
IT Infrastructure and Network Security Managers
Red Team / Blue Team Members
Chief Information Security Officers (CISOs) and Security Directors
Participants should have:
A foundational understanding of cybersecurity concepts (e.g., vulnerabilities, threats, attack surfaces)
Basic familiarity with vulnerability/ exposure management or security operations workflows
General awareness of cloud or hybrid IT environments (infrastructure, applications, or services)
Note: Deep technical expertise is not required, but prior exposure to security or IT operations will help participants get the most value from the workshop.
Pre-course instructions
Participants are required to bring along their laptop
We require the business email addresses of all participants so we can grant access to the workshop portal
Require 2FA (e.g. google authenticator) for signing in to the hands-on portal
Schedule
Date: 13 Nov 2025, Thursday
Time: 2:00 PM - 5:30 PM (GMT +8:00) Kuala Lumpur, Singapore
Location: 32 Carpenter Street, 059911
Agenda
Day/Time | Agenda Activity/Description |
---|---|
1:30 - 2:00pm | Registration |
2:00pm | Tech Talk begins |
2:00 - 3:00pm | The Paradigm Shift The limitations of traditional vulnerability management. Introduction to Continuous Threat Exposure Management (CTEM) as a proactive framework. Setting the stage on a secure TNS-managed network. |
3:00 - 3:15pm | Break |
3:15 - 3:45pm | Hands-On Lab Visualizing the Hybrid Attack Surface, Attack Path Analysis & Prioritization, Mobilizing Remediation & Validating Defenses |
3:45 - 5:30pm | Q&A, Wrap-up and Networking session |
5:30pm | End of session |
Skills Covered
PROFICIENCY LEVEL GUIDE
Beginner: Introduce the subject matter without the need to have any prerequisites.
Proficient: Requires learners to have prior knowledge of the subject.
Expert: Involves advanced and more complex understanding of the subject.
- Cybersecurity (Proficiency level: Proficient)
- Continuous Threat Exposure Management (CTEM) (Proficiency level: Beginner)
Speakers
Trainer's Profile:
Joel Tian, Country Manager, Asia XM Cyber
Joel Tian is the Country Manager, Asia for XM Cyber. With over 15 years of both extensive sales and engineering experience in Cybersecurity, he is focused on building XM Cyber's footprint and increasing partner and customer adoption across key markets in ASEAN. Prior to XM Cyber, Joel held an instrumental role at Cato Networks for 4 years being the first Senior Engineer in the Asia Pacific region and driving significant value for customers. Joel has also held previous regional sales and technical roles in leading organizations like Imperva, Anomali and F5 Networks.
Trainer's Profile:
Richard Wen, CEO, TNS (Three North Stars Pte. Ltd.)
Richard with Atlas team are information security specialists with 10 to 25 years of experience in the field; hands-on practitioners that have worked at nation-state level and in various industries such as defense and intelligence, banking and financial services, government, energy, utilities, telecom, manufacturing, automotive, shipping, and e commerce; advising organisations on how to better structure their security and processes. Atlas Team members hold CISSP, CCSP, CCSK, ITIL, CISSP-ISSMP and CISSP-ISSAP, OSCP Labs, EC-Council CEH, EC-SA, etc., and previously and currently instructors on the practical Cybersecurity and various certifications; has conducted over the last few years reviews for organizations on critical infrastructure according to CSA’s Cybersecurity frameworks and has helped companies align to NIST standards.
Partners
-9ccab2f6-0db7-4f12-8328-d5f89ac6b85c.png)
