Workshops

---

In this hands-on workshop, we will use multiple tools to identify services, including software package and version information running on unknown systems. Network services to be targeted will include those running on non-standard ports or behind firewalls. After exploring the use of network scanning tools, we will switch our attention to analyzing website data by extracting website contents and exploring its metadata. Attendees will be provided access to their own lab environment.

Learners will be introduced to digital forensics techniques, such as analyzing memory and filesystems using industry-standard tools. Students will be provided access to their own environment to use during this hands-on workshop!

This hands-on, "Packet Analysis for Security Operations" workshop explores the advanced filtering and analysis capabilities of Wireshark and associated tools to examine common network protocols and then apply these concepts to deconstruct captures of live attacks. Wireshark's analysis and data extraction tools will be employed to gather evidence from the capture.

This one-day, hands-on workshop offers an introduction to detection engineering focused specifically on common credential attacks. Participants will explore Microsoft Windows credential attack methods and learn to build effective detection mechanisms to identify these threats. Attendees will explore the shortcomings of default configurations, re-configure the Windows operating system to support security monitoring requirements, and then develop custom detection rules to detect credential attacks

This half-day, hands-on course will equip you with the essential knowledge and skills to fortify your Secure Shell (SSH) servers against unauthorized access and attacks. You will dive deep into secure SSH server configuration attributes, implementing best practices to harden your environment. Through practical exercises and real-world scenarios, you will gain hands-on experience in configuring key-based authentication, disabling unnecessary features, and implementing robust logging mechanisms.

This one-day, intensive course explores the fascinating world of reverse engineering and threat hunting. Participants will acquire hands-on experience examining malware to understand its behavior and develop detection rules. Through hands-on practice using real-world examples, participants will perform static and dynamic malware analysis, develop rules to support threat detection activities, and explore assembly language fundamentals.

This one-day, interactive, hands-on course provides a practical introduction to Bash and its scripting capabilities. Participants will explore essential Bash commands for navigating the file system, managing processes, manipulating text, and how to write and execute Bash scripts to automate repetitive tasks. The course will utilize real-world use cases of Bash in cybersecurity, such as incident response, vulnerability scanning, and log analysis.

This one-day, interactive, hands-on course provides a practical introduction to PowerShell. Participants will master essential PowerShell commands for navigating the file system, managing processes, manipulating data, and writing and executing PowerShell scripts to automate tasks, which are valuable skills in cybersecurity operations. The course will explore real-world use cases of PowerShell in cybersecurity, such as incident response, vulnerability scanning, log analysis, and Active Directory.

This one-day, interactive, hands-on course provides a practical introduction to Python programming, tailored specifically for cybersecurity applications. Participants will explore essential Python syntax, data structures, and control flow, enabling them to write and execute Python scripts to automate tasks. The course explores real-world use cases of Python in cybersecurity, such as network interactions, basic cryptography, and packet manipulation using popular libraries.

This workshop provides participants with a better understanding of the unique security challenges faced by Operational Technology (OT) and Industrial Control Systems (ICS/SCADA) environments. Attendees will learn about important security controls, best practices, and risk mitigation strategies to protect critical infrastructure from cyber threats. The workshop will explore common vulnerabilities and the interplay between OT and ICS/SCADA systems.

This course explores the tools and techniques used in Security Operations Centers (SOCs). Participants will explore how a SOC uses different software, including platforms such as Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), and Security Orchestration, Automation, and Response (SOAR).

This half-day course provides a comprehensive overview of post-quantum cryptography (PQC), exploring the emerging threats posed by quantum computing and the proactive measures organizations should implement to safeguard sensitive data. Participants will gain a solid understanding of quantum computing fundamentals, their potential impact on current cryptographic systems, and the evolving landscape of PQC solutions.