Skip to content

Defender Purple 2026

Drone Cyber Operations & Counter-UAS Cyber Readiness Special Edition: 22-29 June

Most security teams are prepared for enterprise cyber incidents. Very few are ready for the moment drones become part of the operational threat landscape. DP26: Drone Special Edition is a rare operational cyber-readiness and resilience program designed for the new drone-threat era.

It prepares cyber defenders, SOC teams, incident responders, defence organisations, UAV stakeholders, and critical infrastructure operators to validate and strengthen their ability to detect, investigate, hunt, respond, coordinate, and sustain operations under realistic drone-enabled cyber-physical pressure.

Through live cyber range exercises, adversary simulation, firmware and forensic analysis, GCS/network security, counter-UAS cyber considerations, and Purple Team operations, participants move beyond awareness into tested operational capability.

This is not awareness training. This is operational readiness before crisis.

Register Now
Check Agenda
0 h

HANDS-ON

6

DOMAINS

7

TAKEAWAYS

100%

REMOTE

The Rise of Drone Security

A rare 52-hour live cyber range experience for teams that must be ready before drone-enabled cyber-physical incidents happen.

Live Cyber Range Training
Your team will train defending real UAV environments and control systems under high-pressure conditions drawn from actual operational scenarios.
🛡
Operate, Monitor & Secure
Gain the skills to manage complex networks where drones and operational technology intersect from detection though to incident response.
🌐
Real-World Scenarios
Every session is built around real-world drone security scenarios. Your team walks away ready to detect threats faster and respond with confidence from day one.
Strategic Advantage
If your organization is serious about staying ahead of emerging threats, this is where you build that advantage.
Each domain reflects current challenges observed in drone ecosystems and security operations, combining technical depth with practical application.

Detection

RF passive detection, radar micro-Doppler analysis, signal classification, and automated detection pipelines.

Firmware Analysis

DJI firmware extraction, modification detection, ArduPilot parameter auditing, and reverse engineering.

Forensics

Flight log reconstruction, mission profile recovery, evidence preservation, and chain of custody practices.

GCS & Network Security

MAVLink protocol protection, message signing, traffic monitoring, ground control station hardening, and 5G command-and-control vulnerabilities.

Counter-UAS

Failsafe behavior, jamming and spoofing effects, and predicting drone responses under interference.

SOC & Incident Response

Detection engineering, SIEM-based threat hunting, alert correlation, and developing incident response playbooks.

The Drone Readiness Program follows a structured training path that includes onboarding, drone and network fundamentals, and progressively advanced operational scenarios. This training model is based on approaches used in advanced cyber exercises and is trusted by SOC units across NATO, due to its realistic scenarios and measurable operational readiness outcomes.

Phase 1: Drone Fundamentals & Analysis
Day 1 - Introduction & Fundamentals
Program onboarding, overview of drone ecosystems, UAV architecture, and core network/platform fundamentals
Phase 1: Drone Fundamentals & Analysis
Phase 1: Drone Fundamentals & Analysis
Day 2 - Detection Methodologies
Multi-modal detection techniques including RF, signal analysis, and detection workflows
Phase 1: Drone Fundamentals & Analysis
Phase 1: Drone Fundamentals & Analysis
Day 3 - Firmware & Forensics
Firmware analysis, reverse engineering basics, flight log analysis, and digital forensics
Phase 1: Drone Fundamentals & Analysis
Phase 2: Purple Team Operations
Day 4 - Adversary Simulation
APT campaign execution on drone infrastructure, attack chain simulation across IT–OT environments (5G-Mavlink)
Phase 2: Purple Team Operations
Phase 2: Purple Team Operations
Day 5 - SOC Operations & Threat Hunting
Detection engineering, SIEM-based threat hunting, alert correlation, and incident response practices
Phase 2: Purple Team Operations
Phase 2: Purple Team Operations
Closing Day - Live Fire Exercise
Full purple team scenario, cyber-tactical game, and end-to-end response in a simulated real-world environment
Phase 2: Purple Team Operations
Register Now
Transform your team into operationally ready defenders in drone-enabled environments. By the end of the training, participants will be equipped to identify and respond to drone-based threats across multiple attack surfaces, execute real-world threat hunting and incident response, and confidently operate in high-pressure, adversary-driven scenarios.

Detect Faster

Identify drone-based threats across multiple attack surfaces with purpose-built detection rules and monitoring capabilities.

Defend with Confidence

Operate confidently in high-pressure, adversary-driven scenarios from day one with deployable forensic methodologies.

Respond Faster

Execute real-world threat hunting and incident response with structured response frameworks tailored to drone security.

Deployable Outputs

Leave with practical assets you can apply immediately. Detection rules, monitoring capabilities, and response frameworks.

Basic understanding of networking concepts (TCP/IP, DNS, routing fundamentals)
Some familiarity with security tools or environments (SIEM, IDS/IPS, packet capture tools)
Experience with Windows or Linux command line is beneficial
No prior drone experience required – all UAV-specific knowledge is covered in the program
This program is ideal for security professionals looking to expand their expertise into drone and UAV security. Whether you are working in SOC operations, incident response, or broader cybersecurity roles, the training is designed to support teams operating in modern, complex environments.

Trainers

This programme is developed and delivered by instructors who bring over a decade of hands-on experience across penetration testing, incident response, adversary emulation, and detection engineering. They have built and operated cyber ranges, led Red vs. Blue team exercises, and worked across threat intelligence, endpoint security, and vulnerability research in real-world environments.

Christos Grigoriadis - Purple Instructor


Professional Experience

CG is a highly qualified and experienced lecturer with a background in production and management engineering and secure engineering technologies. He has taught both university and NATO cybersecurity courses for over 600 students. CG has worked with the University of Piraeus on several significant projects, including CyberSec4Europe, MELITY, and ARTEMIS, funded by the European Union and the Greek government. He has also contributed to AI4Healthsec and Cybersecpro as a consulting researcher. CG is a published author with 12 publications in journals such as ACM Sensors and Elsevier Computer & Security.

Education

Currently conducting PhD research on machine learning methodologies for the identification and assessment of cumulative vulnerabilities and cascading attacks on interconnected systems.

Christos Lazaridis - Blue Instructor


Professional Experience

CL is an experienced cybersecurity professional specializing in incident response, detection engineering, and cyber range development. With a career spanning Deloitte, OTE, Obrela Security Industries, and Piraeus Bank, he has led advanced threat hunting, forensic investigations, and large-scale security monitoring operations. Currently Incident Response Lead and Cloud Security Engineer at KMicro Tech, he also lectures at NATO's NMIOTC and contributes to EU-funded training programs, combining hands-on technical expertise with the design and delivery of advanced Blue Team training.

Certifications

CL holds multiple professional certifications, including GIAC Certified Forensic Analyst (GCFA), Microsoft Azure Security Engineer Associate, and Red Hat Certified System Administrator.

Giuseppe I. - Blue Instructor


Professional Experience

GI is a Principal Consultant specializing in penetration testing and Cyber Defense Exercises (Red vs. Blue team). His expertise includes web application and network security, vulnerability research, and threat and risk assessment. GI is security vetted and cleared to NS. He has co-authored the OWASP Testing Guide and discovered vulnerabilities in major vendors including Google, Adobe, Oracle, Mozilla and Opera. His work has been featured at DEFCON, OWASP, Hack In The Box, EUSecWest and HackPra.

Certifications

  • GIAC - SANS 660 - Advanced Penetration Testing, Exploits, and Ethical Hacking
  • PCI SSC QSA & CISSP

Penetration Testing

For eight years GI led a team of penetration testers across telecommunications, finance, banking and insurance sectors. Security reviews include:

  • Application and Web Application Security Testing
  • Network Penetration Testing (black box / grey box)
  • Application and Source Code Review
  • Host Build Review
  • Database Security Review
  • Voice Over IP (VoIP) Security Review
  • Kiosk and Unattended Access Terminal Reviews
  • Firewall Rule Set Review
  • Citrix and Remote Access Penetration Testing
  • Mobile Application Security Review
  • SCADA (Supervisory Control and Data Acquisition)
John R. - Red Instructor


Professional Experience

JR has more than 10 years of experience as a seasoned cybersecurity professional with a distinguished career in adversary emulation and detection engineering. With a strong background working for many incident response, endpoint security, and threat intelligence organizations across diverse sectors including energy, critical infrastructure, oil and gas, and finance.

Education & Certifications

JR holds a Master's degree in Computer Science and multiple professional certifications. He has collaborated on offensive and defensive projects with a multitude of customers and organizations across diverse sectors.

Registration

Pricing

💰

Programme Fee: 6,000 EUR per participant

  • Early Commitment Rate = 5,400 EUR (limited to first 20 participants)
  • Team Rate (5+ participants from the same organisation) = 5,400 EUR per participant

Key Information

📅
Date
22nd – 29th June 2026
📍
Location
Remote
Duration
6 days

After Registering

Confirmation Email
You will receive a confirmation with next steps including the Invoice within 24 hours


Upon Completion

🎓
Add Drone Cyber Operations to Your Professional Profile.
Upon completion of the programme, each participant will receive a Certificate of Completion.

Certificate of Completion
Defender Purple – Drone Cyber Operations & Counter-UAS Cyber Readiness
52-Hour Specialist Program | Live Cyber Range | Purple Team Operations
Issued by Focal Point

Get in Touch

Contact us
For further questions feel free to contact us at info@focalpoint-sprl.be

    Whether your cyber approach is already mature or still evolving, DP26 will help you see how independent validation and operational cyber-readiness can strengthen confidence in your platform.
    Register Now