Summit 2023
Antisyphon Snake Oil? Summit 2023
OnlineJoin us for the Antisyphon Snake Oil Summit, where we will embark on a journey through the intricate landscape of cybersecurity, demystifying over-hyped products and solutions that flood the market.
Snake Oil Talk: An Investigation of Exploitation by the Certification Federation
OnlineJoin Graham Helton as he goes over the problem with the current training and certification industry by discussing some of the tactics used to generate revenue off of your curiosity and ambition. As well as discussing key elements you can look for in a training or certification to identify if it is worthy of your time and money.
Snake Oil Talk: TBD
Online"Hacking the Mind" is a 30-minute exploration into the uncharted territory of mental health in the realm of cybersecurity. Join Nithissh Sathish to uncover the hidden mental health challenges that professionals in this field often face, offering real-world insights and stories to shed light on the issue.
Snake Oil Talk: Rattling Gears – OSINT and Recon Automation that Actually Works
OnlineIn the areas of offensive and defensive security, valuable information and insights derived from OSINT and reconnaissance can be the backbone of success. But gathering the needed data is not easy, it demands immense effort. In this talk Paul Zenker wants to share some insights on how you can develop capabilities to automate a lot of the work involved in data collection.
Snake Oil Talk: Cloud this, Cloud that, what is this under my hat?
Online"What's with all the Cloud acronyms? Do we need them? Are they just snake oil for vendors to sell you more tools? What's the difference between these and what do they do? Do the tools that use these acronyms actually provide value? Join Matt Marks as he helps you decipher if these cloud-native tools are snake oil.
Snake Oil Talk: Defense Against the Snake Oil Arts-Dealing with Vendors
OnlineLike in most things to try make sure we navigate working with vendors correctly we have to have a good plan. Too many times we go into discussions with vendors and we’re mainly winging it. Then we’re surprised when things don’t go our way! Jonathan Rogers will share how to handle vendor negotiations, product assessments and vendor relationship management while trying to avoid snake oil.
Snake Oil Talk: Your Phishing Program is a Waste of Time and Money
OnlineWhat if I told you this was worse that Clark Stanley wishes he invented phishing emulation tests instead of his Snake Oil Liniment? Join Sean Goodwin as he explains why your phishing programs are wasting your time and money.
Snake Oil Talk: Components of a Bespoke Incident Response Plan
OnlineMagic bullet security solutions missed their mark? Exploited vulnerabilities got you down? Data exposure events have you feeling ill? When things go wrong in cybersecurity (as they often do) it is paramount to 'dig the well before you are thirsty'. Join Blake Regan as he highlights five essential components of a highly effective incident response plan to deliver confidence and assurance to respond to your next incident.
Snake Oil Talk: Value Reduced Reselling: When VARs cease to add value
OnlineThis talk will introduce the major concepts and business models in the VAR/channel space, and a brief explainer on the major concepts. Additionally, there will be plenty of horror stories of the channel gone wrong, as well as techniques to see through the snake oil and even see tricks to get past the vendor BS and VAR lock-in.
Intro to Offensive Tooling
OnlineThis hands-on course covers a variety of offensive tools, such as Nmap, Recon-ng, Metasploit, Proxychains, Responder, and many more. Through a series of practical labs, you will gain experience in using these tools to assess the security of systems and networks. In addition to learning how to use these tools effectively, you will also explore the ethical considerations surrounding offensive tooling, how to responsibly use these tools to protect sensitive information, and prevent cyber attacks.
Advanced Endpoint Investigations
OnlineFor most security teams, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility, most critical incidents will require the acquisition and analysis of additional endpoint data.
Advanced Network Threat Hunting
OnlineSo far we’ve had over 21,000 students attend our one-day network threat hunting course. Many have asked that we provide an extended class with more hands-on lab time. That is exactly what we have rolled into this 16-hour course!
Breaching the Cloud
OnlineThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Hacking Active Directory: Fundamentals and Techniques
OnlineThe majority of enterprise networks today are managed using Microsoft Active Directory and it is crucial for a security professional to understand the current threats to a modern Windows environment.
The course begins with an overview of Active Directory architecture and how it can be leveraged by attackers to gain access to critical assets. Participants will learn about the various attack vectors and methods used to compromise Active Directory, such as password attacks, service abuse and privilege escalation.
Incident Response Foundations
OnlineThe goal of this course is to provide the core components that make up a successful Incident Response program. Students will learn how to get started on their IR journey, what to prioritize, and why boring stuff like policies and procedures are just as important as technical digital forensics skills.
Introduction to Pentesting
OnlineIn this training course, we will examine the different types of penetration testing engagements and take a deep dive into establishing a repeatable testing methodology for executing quality tests. We will look at some tools of the trade to understand what they are doing under the hood, identify what separates a great finding from a good finding in reports, and really zero in on establishing your own methodology!
Introduction to Python
OnlineThis course aims to teach the fundamentals of the Python programming language such that a student will gain a beginning to intermediate level of competency with the language. Labs will be presented in a Capture the Flag (CTF) style format as well as some more comprehensive programming tasks.
Network Forensics and Incident Response
OnlineIncident responders are continually faced with the challenge of collecting and analyzing relevant event data—network communications is no exception. This course uses an assortment of network data acquisition tools and techniques with a focus on open-source, vendor-neutral solutions. Students who take this course will learn how to perform network traffic and protocol analysis that ultimately supports cybersecurity incident response efforts. From reconnaissance to data exfiltration, network traffic scales to provide a bird’s-eye view of attacker activity. Leveraging the vantage point of key network traffic chokepoints, this course explores nearly every phase of an attacker’s methodology. Students will learn network traffic analysis concepts and work through hands-on lab exercises that reinforce the course material using real-world attack scenarios.
Next Level OSINT
OnlineThe course progresses from basic to very advanced practical OSINT techniques that you can use in your investigative routine. No special software, operating system, or paid licenses are required. Bookmarks for all tools and websites used will be provided for quick access.
Ransomware Attack Simulation and Investigation for Blue Teamers
OnlineAs a cyber security defender and investigator, we often just get to analyze an environment that suffered a ransomware attack after the ransomware execution, where we are trying to make our way back in time to understand the scope and initial infection vectors of a breach. However, knowing how attackers operate and having an understanding of their tools can help tremendously to conduct a more effective analysis and response and ultimately lower the impact of such attacks. This is why in this workshop we will teach you how to perform the common steps of every phase in a ransomware attack scenario as the attacker, from initial infection to impact.
Security Defense and Detection TTX
OnlineSecurity Defense and Detection TTX is a comprehensive four-day tabletop exercise that involves the introduction to completion of security TTXs (tabletop exercises), IR playbooks, and after-action reports. The exercises are paired with video and lab demonstrations that reinforce their purpose. The training as a whole is compatible with the world’s most popular RPG rules.
x86_32 Assembly and Shellcode-Lab for Linux
OnlineExplore the world of Shellcoding designed for x86 architecture! This detailed course will introduce you to the basic principles of crafting low-level codes. Learn about the assembly language, gain fundamental insights into the process of writing shellcode. We will focus mostly on shellcoding, but also touch aspects of exploitation to offer a well-rounded understanding.
Intro to Offensive Tooling
OnlineThis hands-on course covers a variety of offensive tools, such as Nmap, Recon-ng, Metasploit, Proxychains, Responder, and many more. Through a series of practical labs, you will gain experience in using these tools to assess the security of systems and networks. In addition to learning how to use these tools effectively, you will also explore the ethical considerations surrounding offensive tooling, how to responsibly use these tools to protect sensitive information, and prevent cyber attacks.
Advanced Endpoint Investigations
OnlineFor most security teams, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility, most critical incidents will require the acquisition and analysis of additional endpoint data.
Advanced Network Threat Hunting
OnlineSo far we’ve had over 21,000 students attend our one-day network threat hunting course. Many have asked that we provide an extended class with more hands-on lab time. That is exactly what we have rolled into this 16-hour course!
Hacking Active Directory: Fundamentals and Techniques
OnlineThe majority of enterprise networks today are managed using Microsoft Active Directory and it is crucial for a security professional to understand the current threats to a modern Windows environment.
The course begins with an overview of Active Directory architecture and how it can be leveraged by attackers to gain access to critical assets. Participants will learn about the various attack vectors and methods used to compromise Active Directory, such as password attacks, service abuse and privilege escalation.
Breaching the Cloud
OnlineThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Incident Response Foundations
OnlineThe goal of this course is to provide the core components that make up a successful Incident Response program. Students will learn how to get started on their IR journey, what to prioritize, and why boring stuff like policies and procedures are just as important as technical digital forensics skills.
Introduction to Pentesting
OnlineIn this training course, we will examine the different types of penetration testing engagements and take a deep dive into establishing a repeatable testing methodology for executing quality tests. We will look at some tools of the trade to understand what they are doing under the hood, identify what separates a great finding from a good finding in reports, and really zero in on establishing your own methodology!
Introduction to Python
OnlineThis course aims to teach the fundamentals of the Python programming language such that a student will gain a beginning to intermediate level of competency with the language. Labs will be presented in a Capture the Flag (CTF) style format as well as some more comprehensive programming tasks.
Network Forensics and Incident Response
OnlineIncident responders are continually faced with the challenge of collecting and analyzing relevant event data—network communications is no exception. This course uses an assortment of network data acquisition tools and techniques with a focus on open-source, vendor-neutral solutions. Students who take this course will learn how to perform network traffic and protocol analysis that ultimately supports cybersecurity incident response efforts. From reconnaissance to data exfiltration, network traffic scales to provide a bird’s-eye view of attacker activity. Leveraging the vantage point of key network traffic chokepoints, this course explores nearly every phase of an attacker’s methodology. Students will learn network traffic analysis concepts and work through hands-on lab exercises that reinforce the course material using real-world attack scenarios.
Next Level OSINT
OnlineThe course progresses from basic to very advanced practical OSINT techniques that you can use in your investigative routine. No special software, operating system, or paid licenses are required. Bookmarks for all tools and websites used will be provided for quick access.
Ransomware Attack Simulation and Investigation for Blue Teamers
OnlineAs a cyber security defender and investigator, we often just get to analyze an environment that suffered a ransomware attack after the ransomware execution, where we are trying to make our way back in time to understand the scope and initial infection vectors of a breach. However, knowing how attackers operate and having an understanding of their tools can help tremendously to conduct a more effective analysis and response and ultimately lower the impact of such attacks. This is why in this workshop we will teach you how to perform the common steps of every phase in a ransomware attack scenario as the attacker, from initial infection to impact.
Security Defense and Detection TTX
OnlineSecurity Defense and Detection TTX is a comprehensive four-day tabletop exercise that involves the introduction to completion of security TTXs (tabletop exercises), IR playbooks, and after-action reports. The exercises are paired with video and lab demonstrations that reinforce their purpose. The training as a whole is compatible with the world’s most popular RPG rules.
x86_32 Assembly and Shellcode-Lab for Linux
OnlineExplore the world of Shellcoding designed for x86 architecture! This detailed course will introduce you to the basic principles of crafting low-level codes. Learn about the assembly language, gain fundamental insights into the process of writing shellcode. We will focus mostly on shellcoding, but also touch aspects of exploitation to offer a well-rounded understanding.