Training

Social Media

Sponsors










Advertisement

Training

In addition to the lecture tracks, we have specialized and in-depth training courses available before the conference proper. Please review the available courses listed below if you are interested in advanced training.

All training courses listed are available, however in order to ensure that it is worth our trainers' time and effort, each course is pre-registration only until the attendance threshold indicated is met. Once the attendance threshold is met, pre-registrants will be contacted with full registration and tuition payment instructions. Please pre-register for courses listed below by clicking the PRE-REGISTRATION link on the course listing.

Please use the navigation menu to the left to quickly jump to the desired course.

Advanced Android and iOS Hands-on Exploitation

Aditya Gupta

Tuition: $950.00
Dates: April 3rd - 4th
Minimum Attendance Threshold: 6
Advanced_Android_and_iOS_Hands-on_Exploitation_Course.pdf
REGISTRATION CLOSED

This is a unique hands-on training covering real world exploitation scenarios for various Mobile platforms - Android, iOS and ARM. The trainer has conducted previous versions of this training named "Advanced Android and iOS Hands-on Exploitation" at various other security conferences such as Syscan 2013, OWASP AppSec, Toorcon, BlackHat etc.

This training will take the student from ground level to completely advanced level where he will find himself writing exploits for various mobile platforms, as well as automating and writing his own scripts and tools for analysing and auditing mobile applications. We will cover topics such as Android Exploitation, Reversing and analyzing malwares, Writing Exploits for Android and Webkit, iOS Code Signing and Protections, Bypassing the protections, ARM Exploitation, Off By One vulnerabilities, Application Audit and many more.

We would be providing Android, iOS and ARM based real devices to carry on the exploitation during the lab exercises. At the end of the training, the solution of the lab exercises, lab handouts (200+ pages) and free access to online virtual labs will be given for the participants.

Prerequisites

  • Knowledge:
    • Basic knowledge of mobile operating systems
  • Hardware:
    • Laptop computer with minimum 2GB RAM and 20 GB free Hard Disk space
    • Android >= 2.3 (preferably rooted)
    • iPhone/iPad/iPod optional
  • Software:
    • Windows XP SP2/3, Windows 7/8, or *nix
    • Mac OSX 10.5+ (compulsory for iOS exploitation or an OSX VM)
    • Administrative privileges on the laptop computer
    • Virtualization software (VMware, Virtualbox, etc.)
    • SSH Client

Recommendations

  • Knowledge of programming languages such as Java and C/C++, and Python for scripting

Aditya Gupta

Aditya Gupta is the founder of Attify, a Mobile Security firm, and leading mobile security expert and evangelist. Apart from being the lead developer and co-creator of Android Framework for Exploitation, he has done a lot of in-depth research on the security of mobile devices including Android, iOS and Blackberry, as well as BYOD Enterprise Security.

He has also discovered serious web application security flaws in websites such as Google, Facebook, PayPal, Apple, Microsoft, Adobe, Skype and many more.

In his previous work at Rediff.com, his main responsibilities were to look after the Web Application Security and lead security automation. He also developed several internal security tools for the organisation to handle security issues.

In his work with XYSEC, he was committed to perform VAPT and Mobile Security Analysis. He has also been working with various organisations and government clients in India, as well as providing them trainings and services on Mobile security, Exploit Development and Advanced Web App Hacking.

He also gives talks and trainings on Mobile Security in various national and international conferences such as BlackHat, Syscan, Toorcon, OWASP AppSec, ClubHack, Nullcon, ISACA etc.

Cloud Computing Security Knowledge Foundation

Chris Simpson

Tuition: $695.00
Discount: $50.00 for active Military or Government Employees (email for discount code)
Dates: April 3rd
Minimum Attendance Threshold: 6
CCSK_Course_Modules.pdf
REGISTRATION CLOSED

The CCSK - Basic course will be changing to the CCSK - Foundation course based on V3.0 of the CCSK exam and the CSA Security Guidance for Critical Areas of Cloud Computing V3.0.

The Cloud Computing Security Knowledge- Foundation class provides students a comprehensive one day review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK v3.0 certificate exam. Starting with a detailed description of cloud computing, the course covers all major domains in the Guidance v3.0 document from the Cloud Security Alliance, and the recommendations from the European Network and Information Security Agency (ENISA).

This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management).

Prerequisites

  • A laptop

Chris Simpson

Chris Simpson is the owner of Bright Moon Security a Cyber Security consulting firm in San Diego, CA. He spent 27 years in the Navy and has extensive experience in the information security field. Previous assignments include a tour as the Information Assurance Manager for Commander, Combined Forces Command Afghanistan and the Third Fleet Information Systems Security Manager. Since leaving the Navy, Chris has focused on cloud security and helping people understand the security issues related to operating in the cloud. He is also an adjunct professor in Cyber Security and Information Assurance at National University.

Cloud Computing Security Knowledge Plus

Chris Simpson

Tuition: $1195.00
Discount: $100.00 for active Military or Government Employees (email for discount code)
Dates: April 3rd - 4th
Minimum Attendance Threshold: 6
CCSK_Course_Modules.pdf
REGISTRATION CLOSED

The CCSK Plus class includes and builds upon the CCSK Foundation class with expanded material and extensive hands-on activities with a second day of training. Students will learn to apply their knowledge as they perform a series of exercises as they complete a scenario bringing a fictional organization securely into the cloud.

This second day of training includes additional lecture, although students will spend most of their time assessing, building, and securing a cloud infrastructure during the exercises.

Prerequisites

  • A laptop with wireless networking, SSH software such as PuTTY, and VirtualBox installed.
  • An Amazon EC2 account (instructions will be made available two weeks prior to class)

Chris Simpson

Chris Simpson is the owner of Bright Moon Security a Cyber Security consulting firm in San Diego, CA. He spent 27 years in the Navy and has extensive experience in the information security field. Previous assignments include a tour as the Information Assurance Manager for Commander, Combined Forces Command Afghanistan and the Third Fleet Information Systems Security Manager. Since leaving the Navy, Chris has focused on cloud security and helping people understand the security issues related to operating in the cloud. He is also an adjunct professor in Cyber Security and Information Assurance at National University.

Physical Bypass Intensive

Rift Recon

Tuition: $1199.99
Dates: April 3rd - 4th
Minimum Attendance Threshold: 10
REGISTRATION CLOSED

Rift Recon's Two-Day Physical Bypass Intensive is a leading-edge physical bypass and penetration-tool implementation training.

Auditors, security managers, penetration testers, red teamers looking to deepen their skill set, and determined individuals seeking professional security testing careers train on - and master - over sixty tools and their effective and proven bypass implementations.

Rift's immersive tool and bypass course is equally suited for training security staff to strengthen company onsite physical security defenses by learning the tricks, techniques and tool-based methods of attackers.

In two immersive six-hour training days:

  • Skill-sharpen a wide range of bypass techniques
  • Hone personal expertise to improvise tools as the mission - and fate - dictates
  • Refine ability to quickly, confidently determine when to perform an attack or avoid detection
  • Become fully versed in core fundamentals of how flaws become introduced into security systems
  • Learn to efficiently remediate numerous combinations of physical security system flaws
  • Get detailed instruction on sensors, cameras, and other security devices
  • Learn what makes a lock effective, and what makes a lock fail
  • Fine-tune skill and instinct to look for flaws and exploit them hands-on

Our trainers bring a stunning range of expertise to Intensive participants - from elite to street - and offer what other trainers shy away from sharing. Rift's Physical Bypass Intensive is an immersive training that blends the wealth of knowledge and experience of our seasoned instructors with a hands-on, practical experience toolset.

Rift Recon supplies all gear necessary to complete each individual's training - and then to take directly to the field and immediately complete a professional pentest mission. Each student receives training covering the complete premium Red Team Kit, which includes over 60 tools, on which to learn every conceivable use of all tools in the kit, and beyond. Bypass and entry methods are shown, performed and practiced firsthand on every tool with expert guidance. All students finish the course comfortable and skilled with the use of every single tool - and Rift Recon ensures that all who complete the class are mission-ready.

Always outsmart and outmaneuver your target by learning to use your tools completely, and work your environment to advantage. Know how to make the right decisions quickly, and with confidence.

Prerequisites

  • Rift Recon Red Team Kit Pro, found here and here. This kit can also be purchased at a discount during registration for this course.

Rift Recon

Rift Recon tailors its clients from a suite of exclusive physical security services to meet specialized needs in hardware, assessment reports, tool creation and team outfitting, specialized trainings, and expert referrals.

Our team meets and verifies all equipment needs from solid standards to exotic tooling, and deftly handles client needs for physical security specialist placement.

Rift operates across varied security industries, including product security, physical security, hardware research and development (including gadgets and kits), and caters to professionals striving to meet their own clients' various physical security needs.

We work with a range of clients from independent trainers to high net worth individuals, as well as red teams, indie physical security contractors, product security teams and companies requiring exacting hardware assessment reports.

  • R&D hardware analysis
  • Corporate espionage assessment, defense and prevention
  • Employee corporate espionage defense training
  • Product vulnerability assessment
  • Specialized tool creation, kits and entry tools
  • Gadgets and devices for unique needs
  • Hardware sourcing, field equipment outfitting
  • Classes, trainings and tailored instruction
  • Hardware forensics and incident response
  • Physical security specialist placement, expert referrals
  • Rift Recon excels at identifying and recruiting top-level talent, and holds a strong track record for meeting our clients' unique physical security needs.

Discreet and methodical, Rift stands as the company in the world positioned to expertly source, secure, or innovate and manufacture hardware to meet the exacting, often critical, hardware security needs of its clients.