Trainings 2023

Get Your Training Tickets Here!

Training Location: Rochester Institute of Technology 1 Lomb Memorial Drive, Rochester, NY, 14623, United States

Specific classroom details will be sent to ticket holders.

The following workshops will be offered on Friday, the day before the main conference:

Date: Friday, March 17th 2023

NOTE: Most classes require a laptop

OSINT Fundamentals: Introduction to the Art of Open Source Intelligence

Length: 4 hours, 8AM - 12PM

Instructor: Michael James

This is a basic training to get student comfortable with OPSEC/Open source Intelligence and the tools used in research. The training is for anyone interested in OSINT and will last 3-4 hours with a couple of labs for practical experience.

Price: $100

The Art of OSINT Analysis: Advanced Tools and Strategies for Intelligence Collection

Length: 4 hours, 1PM - 5PM

Instructor: Michael James

This training is for students that have good understanding of OPSEC and want to dig into more specific areas of OSINT. Several labs for this training as well. Runs 4 hours.

Price: $100

Penetration Testing for Systems and Network Admins

Length: 8 hours, 8AM - 5PM

Instructor: Qasim Ijaz

The objective of this Capture-the-Flag style class is to take students with existing networks or systems administration experience and teach them how to:

    1. Perform a comprehensive penetration test against Active Directory environments.
    2. Spot a bad penetration test. 

We understand that not everyone taking a pen test class will want to be a penetration tester. Hence, we have organized this class to be a well-rounded experience, allowing both aspiring red teamers and blue teamers to get the most out of it. This class will provide students with hands-on experience with all phases of a penetration test, from information gathering to reporting.

Price: $100

Mobile Analysis Methodology & 3rd Party App Analysis Hands-On Training

Length: 4 hours, 1PM - 5PM

Instructor: Jessica Hyde

This course teaches a methodology for mobile forensic analysis of unsupported applications and artifacts. It teaches a 5-part methodology; Discover, Test, Parse, Find, and Script. These are necessary skills to parse 3rd party applications.

Price: $75.

Defense-in-depth Engineering

Length: 4 hours, 8AM - 12PM

Instructor: John Poulin

The 2021 OWASP Top Ten introduced a category “Insecure Design” to focus on risks related to design flaws. In this training, we will focus on building defense-in-depth software. What can we do to proactively architect software to be more resilient to attacks? What type of findings may not be discovered via automated static analysis? How can we design our software to be more friendly during incident response scenarios?

This half day training is perfect for engineers as well as security practitioners that have some familiarity with the OWASP top 10. During this training, we will focus on identifying often-overlooked architectural anti-patterns and vulnerabilities to be on the lookout for. We will utilize source code review to analyze patterns for improvement in both real-world applications as well as intentionally vulnerable applications. Every interactive exercise will involve discovering concerns and writing code to engineer solutions. The course will wrap up with real-world vulnerability analysis of open-source software with an effort to help provide more secure architectural recommendations for these projects.

Engineers will leave this training with a solid understanding of defense-in-depth software architecture and design. Security engineers or consultants can expect to leave with an increased understanding of insecure design patterns and vulnerabilities.

Price: $100

Student Price: $50 ( edu address is required)