Black Hat USA 2010 //Training
Caesars Palace Las Vegas, NV • July 24-27
|
//all training |
Complete List of Black Hat USA 2010 Training Courses:
|
Black Hat USA 2010 brings together the best minds in security to define tomorrow’s information security landscape. Featuring many new tracks and new training sessions, Black Hat USA is the biggest and best conference we've ever presented. Training Category Matrix - get printable pdf » |
TRAINING: SCHEDULE »
LEGEND:
| Weekday Course | Weekend Course |
| 4-Day Course | Course Cancelled! |
| ( | NOTICE: Registrants are notified when courses are chosen for cancellation; this training list reflects all course availabilities and is updated regularly. | ) |
Advanced Malware Analysis by MANDIANT
//MANDIANT (Nick Harbour & Jay Smith) - Four Day Course
Students will learn to combat sophisticated malware head-on by studying its anti-analysis techniques.
Advanced Malware Analysis Using Responder Professional //NEW 2010
//HBGary (Greg Hoglund & Shawn Bracken)
Students will learn to combat sophisticated malware head-on by studying its anti-analysis techniques.
Advanced Malware Deobfuscation
//Jason Geffner & Scott Lambert
Learn how to manually unpack the most advanced obfuscation protections.
Advanced Memory Forensics in Incident Response
//Jamie Butler & Peter Silberman
Specifically designed for information security professionals and analysts who respond to computer security incidents. It is designed as an operational course, using case studies and hands-on lab exercises to ensure attendees are gaining experience in each topic area.
Advanced Vulnerability Scanning Techniques Using Nessus //NEW 2010
//Paul Asadoorian, Tenable Security
This course teaches advanced scanning techniques by using a real-world scenario to demonstrate how these techniques help to solve problems in an example work environment.
Advanced Web Application Pen-Testing: Web 2.0 Edition //NEW 2010
//Aspect Security
Students gain hands-on testing experience with freely available web application security test tools to find and diagnose flaws and learn to identify them in their own projects.
Advanced Windows Exploitation Techniques
//Offensive Security (Matteo Memelli & Jim O’Gorman) - Four Day Course
An in depth, hardcore drilldown into advanced Windows Vulnerability Exploitation techniques.
Application Security: For Hackers and Developers
//Jared DeMott, Harris
This course will have 4 components: reverse engineering, source code auditing, fuzzing, and exploitation. Each section contains a liberal amount of labs and hands-on exercises.
AppSec Leadership Essentials //NEW 2010
//Aspect Security
A practical, step-by-step approach to securing an entire organization.
Assaulting IPS
//Craig Williams, Mike Caudill & Kevin Timm, Cisco Systems
Learn to be become a skilled and knowledgeable IPS tester.
Assessing and Exploiting Web Applications with Samurai-WTF
//NEW 2010
//InGuardians
Using open source tools to perform web application assessments, this course will take attendees through the process of application assessment using the open source tools included in the Samurai Web Testing Framework Live CD (Samurai-WTF).
Basic Malware Analysis Using Responder Professional //NEW 2010
//HBGary (Martin Pillion & Rich Cummings)
Students will learn to combat sophisticated malware head-on by studying its anti-analysis techniques.
Building a Better Mouse Trap: The Art of Developing Effective Intrusion Detection/Prevention Signatures
//Rohit Dhamankar & Rob King
Learn how to implement effective network intrusion prevention.
CISSP® Boot Camp
//Shon Harris - Four Day Course
This Logical Security course trains students in all areas of the security Common Body of Knowledge (CBK). Using this course, students prepare for the exam, while at the same time obtaining essential security knowledge that can be immediately used to improve organizational security.
CISSP® Review Seminar
//Shon Harris - Tuesday, July 27 Only
This Logical Security course trains students in all areas of the security Common Body of Knowledge (CBK). Using this course, students prepare for the exam, while at the same time obtaining essential security knowledge that can be immediately used to improve organizational security.
Designing Secure Protocols and Intercepting Secure Communication
// Moxie Marlinspike - Weekend Only
This is a new and special training that covers both designing and attacking secure protocols. Attendees will learn the fundamentals of how to design a secure protocol, and be armed with the knowledge of how to evaluate the security of and discover weaknesses in existing protocols.
Detecting & Mitigating Attacks Using Your Network Infrastructure
// Cisco Systems (Randy Ivener, Joseph Karpenko & Tim Sammut)
Learn leading network security practices from experts who develop these techniques and put them to practical use.
Effective Fuzzing: Using the Peach Fuzzing Platform
//Leviathan (Michael Eddington & Adam Cecchetti)
The first comprehensive hands-on fuzzing course centered on the industry standard Peach Fuzzing Platform. Learn how to fuzz just about anything with Peach. No coding required, but recommended.
Enterprise Security From Day 1 to Completion
//Chris Conacher - July 24 - 27 only
A practical approach to developing an information security program.
The Exploit Laboratory
//Saumil Udayan Shah & S.K. Chong
Learn how to expose the inner mechanisms of exploits and how they work. The class is highly hands-on and very lab intensive.
The Exploit Laboratory: Black Belt Edition //NEW 2010
//Saumil Udayan Shah & S.K. Chong
Black Belt is a new and advanced class continuing from where The Exploit Laboratory left off. This class is for those curious to dig deeper into the art and craft of software exploitation.
Finding Security Bugs in Closed-source Software: Advanced
//Halvar Flake -
July 24 - 27 only
Intense advanced course encompassing binary analysis, reverse engineering and bug finding.
Finding Security Bugs in Closed-source Software: Beginner
//Halvar Flake - July 24 - 25 only
Intense beginner course encompassing binary analysis, reverse engineering and bug finding.
Gray Hat Hacking: Moving to the Next Level //UPDATED 2010
//Allen Harper
Working through lab examples and real world vulnerabilities to take you to the next level
Hacking by Numbers: Bootcamp
//SensePost
Novice level. A highly practical course that teaches method-based hacker thinking, skills and techniques.
Hacking by Numbers: Cadet
//SensePost
Novice level. A highly practical course that teaches method-based hacker thinking, skills and techniques.
Hacking by Numbers: Combat Training
//SensePost
Advanced level. This course is all hack, no talk.
Hacking by Numbers: Web 2.0
//SensePost
Web 2.0 is a whole new world and Hacking By Numbers - Web 2.0 Edition is a course designed to prepare you for it.
Hands-On Hardware Hacking and Reverse Engineering Techniques: Black Hat Edition
//Joe Grand - Weekend Only
This course is the first of its kind and focuses entirely on hardware hacking.
IDA Pro Class: Reverse Engineering with IDA Pro
//Chris Eagle
Essential background material for effective reverse engineering.
Incident Response: Black Hat Edition by MANDIANT
//
MANDIANT (Kris Harms & Dan McWhorter)
Specifically designed for information security professionals and analysts who respond to computer security incidents.
Infrastructure Attacktecs™ & Defentecs™: Hacking Cisco Networks
//Steve Dugan
Extremely popular and intense hands-on course.
Introduction to Malware Analysis
//Jason Geffner & Scott Lambert
No Source? No Symbols? No Problem.
Mac Hacking Class //NEW 2010
//Vincenzo Iozzo & Dino Dai Zovi
The aim of this class is to provide the student with all the skills needed in order to fully perform research on this OS. Specifically how to write payloads, what are the tools needed to perform research and all the hidden oddities of OS X which other UNIX-based systems don’t have.
Malware Analysis: Black Hat Edition by MANDIANT
//MANDIANT (Michael Sikorski & Steve Davis)
This introductory course is for those interested in entering the field of malicious software analysis.
Pentesting High Security Environments //NEW 2010
//Joseph McCray - July 26-27 Only
Focus on penetration testing techniques that can be used when testing highly secured environments.
Pentesting with BackTrack //NEW 2010
//Offensive Security (Mati Aharoni & Chris Hadnagy) - Four Day Course
This is an intensive, hardcore, hands on Security class by the creators of Backtrack especially designed for delivery in BlackHat Trainings.
Pentesting with Perl //NEW 2010
//Joshua Abraham - Tuesday, July 27 Only
Utilize Perl to streamline the tedious aspects of pentesting.
Physical Penetration Testing: From Beginner to Expert
//Deviant Ollam - July 26-27 Only
Those who attend this session will leave with a full awareness of how to best protect buildings and grounds from unauthorized access.
Real World Security: Attack, Defend, Repel //NEW 2010
//Peak Security - July 26-27 Only
An intensive 2 day course/exercise for the security professional that wants to up the ante on their current skill sets in offensive and defensive security. Learn new tactics and receive guidance from expert instructors while you test yourself in a team vs team environment. Hands on and technical.
RFID, Access Control & Biometric Systems
//Zac Franken & Adam Laurie
This workshop is geared towards security professionals whose duties and responsibilities include guiding security decisions for whole departments or even entire companies.
The RSA Cryptosystem: Attacks and Implementation Dangers //NEW 2010
//Andrew Lindell - Sunday, July 25 Only
This workshop is geared towards security professionals whose duties and responsibilities include guiding security decisions for whole departments or even entire companies.
SAP Security In-Depth //NEW 2010
// Mariano Nuñez Di Croce, Onapsis - July 26-27 Only
Have you ever wondered whether your business-critical SAP implementation was secure? Do you know how to check it? Have you imagined which could be the impact of an attack to your core business platform? Do you know how to prevent it? This training is the answer to these questions.
Secure the Human
//Lance Spitzner, Honeytech
Everything you need to plan, deploy and maintain a successful awareness and training program.
Senior System Manager (CNSS-4012 (Certified)), ISSM/IAM
//Information Assurance Associates (IA2) - Four Day Course
Very focused, highly concentrated, non-technical professional training necessary to achieve the fundamental knowledge needed to define, design, integrate and manage information system security policies, processes, practices, and procedures within federal interest information systems and networks.
Static Code Analysis for Enterprise Applications, Web Services and Web 2.0 //NEW 2010
//Shreeraj Shah, Blueinfy
We will be covering analysis techniques, with tools, for assessment and review of enterprise application source code. Enterprise 2.0 and mashups, along with other different Web 2.0 concepts, reinforced by hands-on experience, will help in understanding next generation application requirements.
StegAnalysis Investigations: Investigator Training //NEW 2010
//WetStone Technologies - July 24-25 Only
Students will participate in hands on experiments with stego’d images, multimedia files, advanced network protocols and Steganographic file systems. Detailed analytical and jamming methods will be utilized to both discover and disrupt Steganographic operations.
Symmetric Cryptography: Constructions and Cryptanalysis //NEW 2010
//Andrew Lindell - July 26-27 Only
Hands-on, in-depth understanding of how symmetric cryptographic primitives are constructed and broken, with a focus on block ciphers and cryptographic hash functions.
Tactical Exploitation
//HD Moore
Using a combination of new tools and lesser-known techniques, attendees will learn how hackers compromise systems without depending on standard exploits.
TCP/IP Weapons School 2.0
//Richard Bejtlich, TaoSecurity
Learn how networks can be abused and subverted, while analyzing the attacks, methods, and traffic that make it happen.
Ultimate Hacking: Black Hat Edition //UPDATED 2010
//Foundstone
This course delivers hands on application of Foundstone's hacker methodology. This course has long been considered essential for penetration testers.
Ultimate Hacking: Wireless
//Foundstone
This course delivers hands on application of Foundstone's wireless hacking methodology. This course takes you from configuring interfaces to the latest attacks.
Understanding and Deploying DNSSEC
//Paul Wouters and Patrick Naubert
This one-of-a-kind training course will arm attendees with the skills needed to design, deploy, maintain and secure even the most sophisticated Microsoft infrastructures. This "special edition" course will also include the development and design of ISA Server DMZ configurations and deployments to further secure your Microsoft installations
Virtualization for Incident Responders //NEW 2010
//Eric Fiterman - Methodvue
Principles and techniques for recovering evidence from virtualized systems and cloud environments - this course is intended for information security personnel who are responsible for handling incidents involving virtual infrastructure, cloud service providers, or desktop virtualization platforms.
Virtualization (In)Security
//Joanna Rutkowska & Rafal Wojtczuk - July 26-27 only
An unbiased view on the security of recent Xen systems (Xen 3.3 and 3.2), show exemplary attacks and a study of how various technology (e.g. Intel VT-d and TXT) and clever design of the VMM can help to improve security.
WAF Virtual Patching Workshop //NEW 2010
//
Ryan C. Barnett & Brian Rectanus - Tuesday, July 27 Only
This workshop is intended to provide an overview of the recommended practices for utilizing a web application firewall for virtual patching.
WarfaRE - Offensive Reverse Engineering //NEW 2010
// Pedram Amini & Ero Carrera
Understanding the inner workings of advanced malware goes beyond simply reverse engineering it. Thinking like the attacker helps in anticipating future techniques.
The Web Application Hacker's Handbook - Live Edition //NEW 2010
//Dafydd Stuttard & Marcus Pinto
This course follows the chapters of The Web Application Hacker’s Handbook, with strong focus on practical attacks and methods and concludes with a Capture the Flag contest.
Web Application (in)Security
//John Heasman & Daniel Martin
Finally, the long awaited successor to NGS’s hugely popular Web Application (In)Security Course is coming to BlackHat Vegas this year!
This is a cutting-edge, hands-on course aimed at hackers who want to exploit web applications, and developers who want to know how to defend them.
Web Security //NEW 2010
//Hristo Bojinov, Dan Boneh, Elie Bursztein & John Mitchell - July 26-27 Only
Get a 360-degree overview of web application security.
Windows Physical Memory Acquisition and Analysis //NEW 2010
//Matthieu Suiche
Want to learn all about memory dumps, including how they work and deep analysis using Windbg.