Right on time for your Christmas shopping, we bring you the BruCON 0x0C Spring training track (22-24 April 2020) and this time with an extended early-bird sales period which last till the end of January !
The line-up! :
- Corelan Exploit Dev Bootcamp for Windows 10 by Peter Van Eeckhoutte (3-day training) – Once again we bring you Corelan ! One of the best exploit development courses available, now in our spring training track. Prepare yourself for 3 long days (+10 hours/day) of intensive exploit development ! Lunch and dinner are included and, as always enough coffee to keep you going!
- Hacking Enterprises – 2020 Edition by Will Hunt and Owen Shearing (3-day Training) – Hacking Enterprises from in.security is an immersive hands-on course aimed at a technical audience. The training covers a multitude of security topics, is based around modern operating systems and using modern techniques, with an emphasis on exploiting configuration weaknesses rather than throwing traditional exploits. This means logical thinking and creativity will definitely be put to the test. All students will receive a free Hak5 LAN Turtle, a copy of the RTFM, access to our Slack channel and 14 days extended lab access along with a CTF containing subnets/hosts not seen during training!
- Hacking and Securing Cloud Infrastructure by Scott Isaac (3-day training) – This 3-day course cuts through the mystery of Cloud Services (including AWS, Azure, and G- Cloud) to uncover the vulnerabilities that lie beneath. We will cover a number of popular services and delve into both what makes them different, and what makes them the same, as compared to hacking and securing traditional network infrastructure. Whether you are an Architect, Developer, Pentester, Security or DevOps Engineer, or anyone with a need to understand and manage vulnerabilities in a Cloud environment, understanding relevant hacking techniques, and how to protect yourself from them, is critical. This course covers both the theory a well as a number of modern techniques that may be used to compromise various Cloud services and infrastructure.
- Practical DevSecOps – Continuous Security in the age of Cloud by Mohammed A. Imran (3-day training) – Ever wondered how to handle the deluge of security issues and reduce the cost of fixing before software goes to production? How unicorns like Google, Facebook, Amazon, Etsy handle security at scale? In Practical DevSecOps training, you will learn how to handle security at scale using DevSecOps practices. We will start oﬀ with the basics of the DevOps, DevSecOps and move towards advanced concepts such as Security as Code, Compliance as Code, Conﬁguration management, Infrastructure as code, etc.,
- Active Directory for Red and Blue Teams – Advanced Edition by Nikhil Mittal (3-day training) – Enterprises are managed using Active Directory (AD) and it often forms the backbone of the complete enterprise network. Therefore, to secure an enterprise from an adversary, it is inevitable to secure its AD environment. To secure AD, you must understand different techniques and attacks used by adversaries against it. Often burdened with maintaining backward compatibility and interoperability with a variety of products, AD environments lack ability to tackle latest threats. This training is aimed towards attacking modern AD Environment using built-in tools like PowerShell and other trusted OS resources. The training is based on real world penetration tests and Red Team engagements for highly secured environments.
- A hacker’s view on #Containers and #Kubernetes by Philippe Bogaerts (3-day training) – Kubernetes and containers are a very hot topic nowadays and are very easy to use. On the other hand, the underlying components that make up Kubernetes is a very complex system that few people really understand. To make things more complex, in a world where automation, registries, CI/CD and vaults rules … how to implement and automate security? Interested in learning about K8S and the pitfalls?
- Offensive Recon – Perimeter Attack Methodologies by Sudhanshu Chauhan (2-day training) – Reconnaissance the very first phase of any Risk Assessment Exercise, is often underestimated by many security professionals. Every security analyst’s arsenal should include Open Source Intelligence and active reconnaissance for an effective assessment and to measure the security posture against real world adversaries. This training not only talks about extracting data but also focuses on the significance of this data and how it could be directly enriched and used offensively for attacking and compromising Modern Day Infrastructures. The training program covers a wide range of tools, techniques and methodologies for performing real-world reconnaissance in order to launch targeted attacks against modern organizations and infrastructures.
The training location will be Novotel Ghent Centrum or NH Ghent Belfort. Location and accommodation information here
All training details and registration links can be found on the BruCON training pages (link)
your BruCON team.