"I felt that the pace and level of difficulty was well managed, and the defense-then-offense aspect was a great way to learn!"
I'm happy to announce that registration for TCP/IP Weapons School 3.0 at Black Hat USA 2011 is now open. I will teach two sessions, on 30-31 July and 1-2 August in Las Vegas.
Black Hat has four remaining price points and deadlines for registration.
- Early ends 30 April
- Regular ends 15 June
- Late ends 29 July
- Onsite starts at the conference
Seats are filling -- it pays to register early!
While keeping the distinctions from other offerings that I described last year, I've extended this third version of the class to include explicit offensive and defensive portions. Students will receive two VMs, one running a modified version of Doug Burks' SecurityOnion distro as an attack/monitor platform, and the second running a Windows workstation as a victim platform.
The purpose of this class is to develop the investigative mindset needed by digital security professionals. Junior- to intermediate-level security and information technology (IT) staff are the intended audience. The class is a balance of discussion and hands-on labs.
Defensive aspects of the labs emphasize how to discover suspicious and malicious activity in network and log evidence. Offensive aspects of the labs offer the student a chance to do the same sorts of actions that caused the suspicious and malicious activity in the labs. I encourage students to keep an open mind and feel free to expand their interaction with the labs beyond the required material. Take advantage of this time away from the office to enjoy defensive and offensive aspects of the digital security arena!
I do not have any other classes scheduled, although my training page lists a few other possibilities.