WILD WONDERFUL HACKIN’ FEST
SecureWV is excited to announce our partnership with the Wild West Hackin’ Fest and Black Hills Information Security. With the help of the Wild West Hackin’ Fest expert trainers we will be able to provide affordable world-class training at our virtual conference this year.
All of the classes will run from Monday, November 2nd through Thursday, November 5th with classes starting at 11:00 am on Monday and 12 noon the other days, ending at 4:00 pm EST every day.
Each training attendee will also receive a ticket to the SecureWV conference that will be held virtually on Friday, November 6 and Saturday, November 7.
Breaching the Cloud – $395 Instructor: Beau Bullock
This training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Active Defense and Cyber Deception – $395 Instructor: John Strand
Active Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between.
Advanced Network Threat Hunting – $395 Instructor: Chris Brenton
We will spend most of this class analyzing pcap files for Command and Control (C2) communications in order to identify malware back channels. It is assumed that the student will already understand the basics of network threat hunting, so we can immediately jump into applying that knowledge. The goal will be to create a threat hunting runbook that you can use within your own organization in order to identify systems that have been compromised.
Applied Purple Teaming – $395 Instructors: Kent Ickler and Jordan Drysdale
Applied Purple Teaming (APT) will first introduce students to threat optics on Windows systems. This course will provide instruction for configuring and installing Sysmon to gather endpoint logs. Students will also be introduced to Windows Audit Policies and will get to deploy a high visibility audit policy stack. Windows Event Collection and Forwarding will be implemented to demonstrate the free Windows logging stack built in and licensed under the existing agreement you have with Microsoft. The event collector will finally be configured to ship logs to the Hunting ELK (HELK) where students will get to review threat optics using Kibana. The majority of the class will be iterating through the TTPs of a standard pentest to demonstrate effective logging and detections against some attacks that are challenging to detect. The Atomic Purple Team lifecycle will be used to attack, hunt and detect, and defend against all of the attacks! Come join us for another round of APT with updated materials and to have a great time in the Wild West!
Modern WebApp Pentesting – $395 Instructor: Brian King
Modern WebApp Pentesting is unique in its approach to testing webapps. Too many courses are built around the assumption that a webapp pentester’s skills should grow along a straight line, starting with something like the OWASP Top Ten and culminating in something like Attacking Web Cryptography. Real webapps don’t follow that same path, and neither should real webapp pentesters. Attacking Web Sockets is not more difficult than attacking HTTP traffic, it’s just different. Web APIs are not something you’re qualified to test only after you’ve put your time in on traditional webapps … they’re just different.
Attack Emulation: Atomic Red Team, CALDERA and More – $395 Instructors: Darin and Carrie Roberts
Attack Emulation tools help you measure, monitor and improve your security controls by executing scripted attacks. Atomic Red Team and CALDERA are two open source attack emulation projects that are mapped directly to the Mitre ATT&CK Framework. This class will provide an overview of the Mitre ATT&CK framework and give you in-depth, hands-on knowledge of how to execute scripted attacks that exercise many of the techniques defined in Mitre ATT&CK. You will be provided with hands-on lab instructions for emulating a variety of attacks and creating visualizations using Mitre ATT&CK Navigator. At the end of this class you will have the knowledge and tools to begin executing simulated attacks within your own test environment where you can create and validate detections in a script-able and consistent way.Whether you are a student of information security or a seasoned red teamer or network defender there is something to learn from getting involved with in the Attack Emulation space and this course will help you do that.
Please Visit https://wildwesthackinfest.com/wwhf-at-secure-wv/ to register for any of these outstanding classes.