Trainings 2023
Get Your Training Tickets Here!
Training Location: Rochester Institute of Technology 1 Lomb Memorial Drive, Rochester, NY, 14623, United States
Specific classroom details will be sent to ticket holders.
The following workshops will be offered on Friday, the day before the main conference:
Date: Friday, March 17th 2023
NOTE: Most classes require a laptop
OSINT Fundamentals: Introduction to the Art of Open Source Intelligence
Length: 4 hours, 8AM - 12PM
Instructor: Michael James
This is a basic training to get student comfortable with OPSEC/Open source Intelligence and the tools used in research. The training is for anyone interested in OSINT and will last 3-4 hours with a couple of labs for practical experience.
Price: $100
The Art of OSINT Analysis: Advanced Tools and Strategies for Intelligence Collection
Length: 4 hours, 1PM - 5PM
Instructor: Michael James
This training is for students that have good understanding of OPSEC and want to dig into more specific areas of OSINT. Several labs for this training as well. Runs 4 hours.
Price: $100
Penetration Testing for Systems and Network Admins
Length: 8 hours, 8AM - 5PM
Instructor: Qasim Ijaz
The objective of this Capture-the-Flag style class is to take students with existing networks or systems administration experience and teach them how to:
1. Perform a comprehensive penetration test against Active Directory environments.
2. Spot a bad penetration test.
We understand that not everyone taking a pen test class will want to be a penetration tester. Hence, we have organized this class to be a well-rounded experience, allowing both aspiring red teamers and blue teamers to get the most out of it. This class will provide students with hands-on experience with all phases of a penetration test, from information gathering to reporting.
Price: $100
Mobile Analysis Methodology & 3rd Party App Analysis Hands-On Training
Length: 4 hours, 1PM - 5PM
Instructor: Jessica Hyde
This course teaches a methodology for mobile forensic analysis of unsupported applications and artifacts. It teaches a 5-part methodology; Discover, Test, Parse, Find, and Script. These are necessary skills to parse 3rd party applications.
Price: $75.
Defense-in-depth Engineering
Length: 4 hours, 8AM - 12PM
Instructor: John Poulin
The 2021 OWASP Top Ten introduced a category “Insecure Design” to focus on risks related to design flaws. In this training, we will focus on building defense-in-depth software. What can we do to proactively architect software to be more resilient to attacks? What type of findings may not be discovered via automated static analysis? How can we design our software to be more friendly during incident response scenarios?
This half day training is perfect for engineers as well as security practitioners that have some familiarity with the OWASP top 10. During this training, we will focus on identifying often-overlooked architectural anti-patterns and vulnerabilities to be on the lookout for. We will utilize source code review to analyze patterns for improvement in both real-world applications as well as intentionally vulnerable applications. Every interactive exercise will involve discovering concerns and writing code to engineer solutions. The course will wrap up with real-world vulnerability analysis of open-source software with an effort to help provide more secure architectural recommendations for these projects.
Engineers will leave this training with a solid understanding of defense-in-depth software architecture and design. Security engineers or consultants can expect to leave with an increased understanding of insecure design patterns and vulnerabilities.
Price: $100
Student Price: $50 ( edu address is required)