Training

Social Media

Sponsors













Advertisement

Training

In addition to the lecture tracks, we have specialized and in-depth training courses available after the conference proper. Please review the available courses listed below if you are interested in advanced training.

All training courses listed are available, however in order to ensure that it is worth our trainers' time and effort, each course is pre-registration only until the attendance threshold indicated is met. Once the attendance threshold is met, pre-registrants will be contacted with full registration and tuition payment instructions. Please pre-register for courses listed below by emailing training@infosecsouthwest.com with your contact information and the desired course.

Please use the navigation menu to the left to quickly jump to the desired course.

The Art of Exploiting SQL Injection

Sumit Siddharth

Tuition: $850.00
Dates: April 2nd
Attendance Threshold: 6
REGISTRATION CLOSED

SQL Injection, although now nearly 15 years old, still exists in over 30% of web applications. OWASP rates this vulnerability as the top most risk within the web applications. This vulnerability could typically result in 3 scenarios:

  • Authentication Bypass
  • Extraction of arbitrary sensitive data from the database
  • Access and compromise of the internal network

To identify the true impact of this vulnerability it is essential that the vulnerability gets exploited to the full extent. While there is a reasonably good awareness when it comes to identifying this problem, there are still a lot of grey areas when it comes to exploitation or even identifying complex vulnerabilities like a 2nd order injection. This training will target 3 databases:

  • MS-SQL
  • MySQL
  • Oracle

This training will discuss a variety of exploitation techniques to exploit each scenario. The aim of the training is to provide attendees with a thorough understanding of the vulnerability, knowledge of advanced exploitation techniques used by attackers in the wild, understanding of how to review source code against this vulnerability and finally how to patch the code to ensure its safe.

Prerequisites

  • A laptop with Windows Operating System installed (either running natively or in a VM)
  • Students must have admin access on the windows platform.

Sumit "sid" Siddharth

Sumit Siddharth works as Head of the Penetration Testing for 7Safe Limited in the UK. He has been a speaker/trainer at many security conferences including Blackhat, Defcon, Troopers, OWASP Appsec, Sec-T, IT-Underground etc. He has contributed a number of whitepapers, security tools, exploits and advisories to the industry. Sid is one of the contributing authors of the book SQL Injection: Attacks and defense (2nd edition). He also runs the popular IT security blog www.notsosecure.com.

Binary Literacy: Static Reverse Engineering

Rolf Rolles

Tuition: $3000.00
Dates: April 2nd, 3rd, 4th
Attendance Threshold: 10
Attendance Maximum: 20
Binary-Literacy-Outline.txt
REGISTRATION CLOSED

As the title implies, this course is about analyzing software systems without executing them, as though one was reading a novel. Starting from the basic letters (assembly language instructions), words (basic blocks) are constructed; from there sentences (functions) may be put together. These are organized into paragraphs (modules) which, taken together, form the bulk of chapters (executable objects). Finally, a collection of chapters makes up a book (software system).

The course begins by systematically examining the process of compiling C code into assembly language, and how to manually decompile assembly language back into C. All of these examples come from real-world binaries. Prior experience teaching this course shows that this gives students a good grounding in reading assembly language.

Understanding the structure of a sentence is not enough to understand its actual meaning, or that understanding one sentence is not enough to understand a paragraph, etc. Decompilation is therefore not enough: the human analyst needs techniques to comprehend the code that he or she is seeing. We will thus proceed with techniques to derive semantic meaning from assembly code.

With the above in hand, we are prepared to statically analyze any C-compiled binary of our choosing, and we shall spend the rest of the class reverse engineering binaries both in live and individual sessions. These binaries will consist of live malware, but it needs to be stressed that this is not a course on malware specifically: it is a course on reverse engineering in general, and its techniques are applicable to all sub-fields thereof (e.g. malware, security, interoperability).

Prerequisites

  • A laptop with IDA Pro installed on it (any recent version will do)
  • A firm grasp of the English language
  • Exposure to x86 assembly language is assumed (it will be briefly reviewed, but not treated in depth).

Rolf Rolles

Rolf has been reverse engineering for over a decade. He recently finished giving a series of workshops on reverse engineering to various interested parties across the United States. Before that he worked for Sabre Security and was for a time the sole developer of BinDiff. Some samples of his work can be found here, here, and here.

Cloud Computing Security Knowledge Basic

Chris Simpson

Tuition: $695.00
Discount: $50.00 for active Military or Government Employees (email for discount code)
Dates: April 2nd
CCSK_Course_Modules.pdf
REGISTRATION CLOSED

The Cloud Computing Security Knowledge- Basic class provides students a comprehensive one day review of cloud security fundamentals and prepares them to take the Cloud Security Alliance CCSK certification exam. Starting with a detailed description of cloud computing, the course covers all major domains in the latest Guidance document from the Cloud Security Alliance, and the recommendations from the European Network and Information Security Agency (ENISA). This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security. (We recommend attendees have at least a basic understanding of security fundamentals, such as firewalls, secure development, encryption, and identity management). Price includes test token to take the CCSK exam.

Prerequisites

  • A laptop

Chris Simpson

Chris Simpson is the owner of Bright Moon Security a Cyber Security consulting firm in San Diego, CA. He spent 27 years in the Navy and has extensive experience in the information security field. Previous assignments include a tour as the Information Assurance Manager for Commander, Combined Forces Command Afghanistan and the Third Fleet Information Systems Security Manager. Since leaving the Navy, Chris has focused on cloud security and helping people understand the security issues related to operating in the cloud. He is also an adjunct professor in Cyber Security and Information Assurance at National University.

Cloud Computing Security Knowledge Plus

Chris Simpson

Tuition: $1195.00
Discount: $100.00 for active Military or Government Employees (email for discount code)
Dates: April 2nd - 3rd
CCSK_Course_Modules.pdf
REGISTRATION CLOSED

The CCSK- Plus class builds upon the CCSK Basic class with expanded material and extensive hands-on activities with a second day of training. Students will learn to apply their knowledge as they perform a series of exercises as they complete a scenario bringing a fictional organization securely into the cloud. This second day of training includes additional lecture, although students will spend most of their time assessing, building, and securing a cloud infrastructure during the exercises. A notebook computer with wireless capability is required for the second day of class. Price includes test token to take the CCSK exam.

Prerequisites

  • A laptop with wireless networking, SSH software such as PuTTY, and VirtualBox installed.
  • An Amazon EC2 account (instructions will be made available two weeks prior to class)

Chris Simpson

Chris Simpson is the owner of Bright Moon Security a Cyber Security consulting firm in San Diego, CA. He spent 27 years in the Navy and has extensive experience in the information security field. Previous assignments include a tour as the Information Assurance Manager for Commander, Combined Forces Command Afghanistan and the Third Fleet Information Systems Security Manager. Since leaving the Navy, Chris has focused on cloud security and helping people understand the security issues related to operating in the cloud. He is also an adjunct professor in Cyber Security and Information Assurance at National University.

Cryptography: How (Not) to Use It

Professor Jonathan Katz

Tuition: $795.00
Dates: April 2nd
Attendance Threshold: 8
REGISTRATION CLOSED

Many security professionals and software developers are familiar with the basic concepts of cryptography. But without a deeper understanding of cryptographic primitives, and what they are intended (and not intended) to achieve, it is easy to misuse cryptography and build a system that seems secure, but isn't. This course will give a broad overview of cryptography. We will look at the core concepts of symmetric-key encryption and message authentication, Diffie-Hellman key exchange, and RSA-based public-key encryption and digital signatures. Along the way, we will learn how these tools are constructed, how they should and should not be used, and how they can be attacked or subverted. The seminar will discuss several real-world examples of cryptographic design flaws, as well as successful instances of deployed cryptographic protocols.

The course is suitable for anyone who uses cryptography, whether via existing cryptographic libraries or by implementing their own.

Prerequisites

  • Some mathematical maturity (basic probability, modular arithmetic) is expected.

Professor Jonathan Katz

Jonathan Katz, PhD, is an associate professor in the Department of Computer Science at the University of Maryland, where he regularly teaches courses on cryptography and computer/network security. He is an active researcher in the field, with over 90 published papers and two books, and currently serves as an editor of the Journal of Cryptology. His passion for education and outreach have led him to co-author one of the most popular undergraduate textbooks on cryptography ("Introduction to Modern Cryptography"), and to give multiple tutorials and short courses on cryptography for academic, industry, and government audiences.

Metasploit Mastery

James "egypt" Lee

Tuition: $3,000.00
Dates: April 2nd - 3rd
Attendance Threshold: 8
REGISTRATION CLOSED

The Metasploit Framework is more than a pile of exploits; it is a collection of tools for gaining access where none is provided and a scaffolding for building new tools to extend an attacker's capabilities. This course dives into the newest features of the Metasploit Framework and demonstrates how easy it is to add your own features to it for when nothing exists to solve the problems you face. Topics will include generating custom backdoors in multiple formats; bypassing anti-virus; using the database for maximum benefit; creating custom modules, plugins, and tools for addressing specific tasks; and automating the post-exploitation process, including an introduction to the Meterpreter API. As most of the class will require some amount of programming, an introduction to ruby and setting up a more comfortable development environment will be covered as well.

At the end of the course, students will understand the architecture and design goals of the Metasploit Framework and be able to extend the Framework to solve new problems.

Prerequisites

  • A laptop running the most recent version of the Metasploit Framework.
  • Working knowledge of Microsoft Windows and at least one Unix-like operating system (Linux, Solaris, Mac OS X, etc).
  • Experience with some scripting language, e.g Ruby, Perl, or Python.
  • Familiarity with TCP/IP networking and configuring TCP/IP settings on Unix and Windows platforms.

Recommendations

  • A laptop running Metasploit on a recent version of Linux, BSD, or Mac OSX.
  • Experience using the Metasploit Framework.
  • Experience with exploits and vulnerability assessment tools.
  • Experience with the Ruby programming language.
  • Experience with low-level TCP/IP tools (nmap, hping, wireshark).

James "egypt" Lee

James Lee is core developer and project manager for the open source Metasploit Framework to which he has been contributing since 2008. Before joining Rapid7 to work on Metasploit full time, he discovered numerous vulnerabilities in SCADA and Industrial Control Systems at Idaho National Laboratory. James has presented at Defcon, Blackhat USA, Blackhat DC, SANS Process Control & SCADA Security Summit and other venues.