Secure by Design Workshop (May 2024)

CIP Cybersecurity Level 1

About this course

What to learn?

To help start-ups ready for cybersecurity threats, Cyberport is organising Secure by Design workshop.  The workshop comprises of the following sessions:

Session 1: Cyber Fundamental Recap (3-hour Training)
Date: 29 May 2024
Time 9:00am – 12:00noon
What to Learn:
-         Introduction on key cybersecurity concept and frameworks (e.g., STRIDE, NIST CSF, CVSS 3.1);
-         Introduction on the cyber kill-chain using MITRE ATT&CK framework;
-         Introduction on basic security assessment tools (e.g., burp, kali linux);
-         Introduction on publicly available security assessment / threat intelligence resources (e.g., shodan);
-         Apply the aforementioned skills by using publicly available cyber wargame environment (e.g., overthewire).

Session 2: Cyber Technical Workshop (3-hour Lab Training)
Date: 29 May 2024 
Time: 2:00pm – 5:00pm
What to Learn:
-         Technical deep dive into OWASP TOP 10 attack techniques using cyber range environment prepared by Cyberbay
-         Bug hunting and reporting process using Cyberbay’s bug bounty platform
-         Building recommendation tactics and strategies

Assessment: CIP Cybersecurity Level 1 Qualification Assessment (2-hour Self-Paced Online Assessment)
What to Learn:
-         Assessment on finding OWASP TOP 10 vulnerabilities in designated simulated web environment providing by Cyberbay.

Speaker: Mr. Felix Kan, CEO & Co-founder of Reimagine Cyberbay Limited (Cyberbay) 

Venue: Multi-Function Room, Smart-space FinTech, Level 4, Core E, Cyberport 3

Language: English

1. Regular price:
- HK$ 1,260 per head.

2. Discount price to Smart-Space Tenants:
- HK$168 per head.
- Please obtain the discount code by sending email to

3. Refundable commitment fee to Cyberport community members (i.e. Cyberport incubatees, CCMF grantees, Cyberport Alumni:
- HK$100 per head
- 100% refund to eligible participants who comply to Cyberport Academy attendance policy
- Please obtain the discount code by sending email to

This workshop may be mandatory for Cyberport current incubatees to attain CIP Cybersecurity Level 1 Qualification. Only incubatees with at least one of the core members be certified with an active industry accredited information system security certification(s) OR have attended training(s) on relevant industry de-facto standards, such as OWASP Top 10 or equivalent can skip the workshop.

Use of Promotion Code
- In desktop version, you can input the code by clicking "Enroll Now" --> "Pay with Credit Card" --> "Add Promotion Code"
- In mobile version, You can input the code by clicking "Enroll Now" --> "Pay with Credit Card" --> "View details" --> "Add Promotion Code"

*Cyberport reserves the right to charge the original price if applicants use a discount code that does not belong to his/her category.
*All monies collected will be used for Cyberport’s public mission start-up events and activities.


Cybersecurity, Entrepreneurship
3 - 10 hours
No credit


Deadline: 27 May 2024



CEO & Co-founder of Reimagine Cyberbay Limited (Cyberbay) 
Felix is an ex-PwC Partner who started his career as an ethical hacker with 10 years of extensive consultation experience. During the period, he co-founded PwC’s Darklab, Hackaday and Hackbot. He also developed real life attack simulation methodology and helped his corporate clients to transform on their cyber journeys. Meanwhile, Felix successfully helped his corporate clients to transform their cyber defence strategies and enhance their operational defence tactics.
Felix’s key areas of expertise and experience include IT governance, IT security framework, application and data security, IT risk, security management, technology architecture and ethical hacking focusing on high security network, web and mobile applications.

 For education and Professional Certifications, Felix is a Designer and developer of CatchMe, a PwC proprietary tool, Offensive Security Certified Professional, GIAC Web Application Penetration Tester and a Certified Ethical Hacker.