Black Hat USA 2009 //Training
Caesars Palace Las Vegas, NV • July 25-30
|
//all training |
Complete List of Black Hat USA 2009 Training Courses
Black Hat USA 2009 brings together the best minds in security to define tomorrow’s information security landscape. Featuring many new tracks and new training sessions, Black Hat USA is the biggest and best conference we've ever presented.
LEGEND :
| Weekday Course | Weekend Course |
| 4-Day Course | Course Cancelled! |
| ( | NOTICE: Registrants are notified when courses are chosen for cancellation; this training list reflects all course availabilities and is updated regularly. | ) |
Advanced Database Security Assessment
//NGS Software
Discover flaws in database security and effectively develop strategies to keep attackers out.
Advanced Malware Analysis
//Nick Harbour, Mandiant : 4 Day Course
Students will learn to combat sophisticated malware head-on by studying its anti-analysis techniques.
Advanced Malware Deobfuscation
//Jason Geffner & Scott Lambert
Learn how to manually unpack the most advanced obfuscation protections.
Advanced Memory Forensics in Incident Response
//Jamie Butler & Peter Silberman
Specifically designed for information security professionals and analysts who respond to computer security incidents. It is designed as an operational course, using case studies and hands-on lab exercises to ensure attendees are gaining experience in each topic area.
Advanced Web Application Security Testing
//Aspect Security
Students gain hands-on testing experience with freely available web application security test tools to find and diagnose flaws and learn to identify them in their own projects.
Advanced Windows Exploitation Techniques
//Offensive Security
An in depth, hardcore drilldown into advanced Windows Vulnerability Exploitation techniques.
Analyzing and Securing Enterprise Application Code
//Blueinfy (Shreeraj Shah & Vimal Patel)
The emphasis of the class would be to develop a complete understanding of source code analysis, audit methodologies, techniques and tools. Knowledge gained would help in analyzing and securing enterprise applications at all different stages - architecture, design and/or development.
Application Security: For Hackers and Developers
//Crucial Security
This course will have 4 components: reverse engineering, source code auditing, fuzzing, and exploitation. Each section contains a liberal amount of labs and hands-on exercises.
Assaulting IPS
//Craig Williams, Cisco Systems & Tod Beardsley, BreakingPoint Systems
Learn to be become a skilled and knowledgeable IPS tester.
Attacking Hardware: Unsecuring [once] Secure Devices
//Christopher Tarnovsky
An exciting and very extensive class detailing the microscopic details of silicon devices.
Building a Better Mouse Trap: The Art of Developing Effective Intrusion Detection/Prevention Signatures
//Rohit Dhamankar & Rob King
Learn how to implement effective network intrusion prevention.
Building and Testing Secure Web Applications
//Aspect Security
Hands-on exercises where the students get to perform security analysis and testing on a live web application.
Building Secure Web 2.0 Applications
//Aspect Security
This class will cover common Web 2.0 security threats and vulnerabilities and it will provide specific guidance on how to develop Web 2.0 applications to defend against these threats and vulnerabilities.
Building Secure Web Services
//Aspect Security
This class includes hands-on exercises where the students get to perform security analysis and testing on a live web application.
Certified Ethical Hacker (C|EH) Version 6
//EC-Council
Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.
CISSP® Boot Camp
//Shon Harris
This Logical Security course trains students in all areas of the security Common Body of Knowledge (CBK). Using this course, students prepare for the exam, while at the same time obtaining essential security knowledge that can be immediately used to improve organizational security.
CISSP® Review Seminar
//Shon Harris
This 1-Day Review Seminar has been designed to provide all the materials needed from our instructor led classroom training.
Computer Hacking Forensic Investigator (CHFI)
//EC-Council
The CHFI course will give participants the necessary skills to identify an intruder's footprints and to properly gather the necessary evidence to prosecute.
Cryptographic Primitives (Symmetric)
//Andrew Lindell July 27-28 only
In this course, students will gain an in-depth understanding of how cryptographic primitives are constructed and broken.
Detecting & Mitigating Attacks Using Your Network Infrastructure
//Randy Ivener, Cisco Systems, Joseph Karpenko, Cisco Systems & Tim Sammut, Cisco Systems
Learn leading network security practices from experts who develop these techniques and put them to practical use.
ECSA/LPT Certification Preparation
//EC-Council
The ECSA course equips one with the knowledge and know-hows to become an EC-Council Licensed Penetration Tester.
Effective Fuzzing: Using the Peach Fuzzing Platform
//Michael Eddington, Leviathan and Blake Frantz, Leviathan
The first comprehensive hands-on fuzzing course centered on the industry standard Peach Fuzzing Platform. Learn how to fuzz just about anything with Peach. No coding required, but recommended.
Enterprise Security From Day 1 to Completion:
A Practical Approach to Developing an Information Security Program
//Chris Conacher
July 27-28 only
A practical, step-by-step approach to securing an entire organization.
The Exploit Laboratory
//Saumil Udayan Shah
Learn how to expose the inner mechanisms of exploits and how they work. The class is highly hands-on and very lab intensive.
Finding Security Bugs in Closed-source Software: Beginner
//Halvar Flake
July 25-26 only
Intense course encompassing binary analysis, reverse engineering and bug finding.
Finding Security Bugs in Closed-source Software: Advanced
//Halvar Flake
July 27-28 only
Intense course encompassing binary analysis, reverse engineering and bug finding.
Gray Hat Hacking: Exploit and Metasploit Module Development
//Allen Harper
Working through lab examples and real world vulnerabilities to take you to the next level
Hacking by Numbers: Bootcamp by SensePost
Novice level. A highly practical course that teaches method-based hacker thinking, skills and techniques.
Hacking by Numbers: Cadet
//SensePost
Novice level. A highly practical course that teaches method-based hacker thinking, skills and techniques.
Hacking by Numbers: Combat Training
//SensePost
Advanced level. This course is all hack, no talk.
Hacking by Numbers: PCI Edition - Hack Like You Mean It!
//SensePost
A practical, technical course aimed at beginner penetration testers, that teaches method-based hacker thinking, skills and techniques, specifically focusing on the approach and priorities for penetration testing required by the PCI DSS standard.
Hacking by Numbers: Web 2.0
//SensePost
Web 2.0 is a whole new world and Hacking By Numbers - Web 2.0 Edition is a course designed to prepare you for it.
Hacking Oracle PL/SQL
//Kevin Dunn and Marcus Pinto, NGS software
This course will teach you how to hack into Oracle database servers; only by truly grasping the mechanics of attacks can a complete and effective defense be built.
Hands-On Hardware Hacking and Reverse Engineering Techniques: Black Hat Edition
//Joe Grand
This course is the first of its kind and focuses entirely on hardware hacking.
Hands on Penetration Testing with BackTrack 4
//Offensive Security
This is an intensive, hardcore, hands on Security class by the creators of Backtrack especially designed for delivery in BlackHat Trainings.
Incident Response: Black Hat Edition
//Kevin Mandia and Kris Harms, MANDIANT
Specifically designed for information security professionals and analysts who respond to computer security incidents.
Infrastructure Attacktecs™ & Defentecs™: Hacking Cisco Networks
//Steve Dugan
Extremely popular and intense hands-on course.
Intercepting Secure Communications
//Moxie Marlinspike
Attendees will be given advanced copies of exploit tools used to intercept secure email, web, and VPN traffic as well as training and practice in using them covertly and effectively... attendees will walk away with everything they need to intercept several types of secure communication.
Introduction to Malware Analysis
//Jason Geffner & Scott Lambert
No Source? No Symbols? No Problem.
Leading, Planning, and Executing an Application Security Initiative
//Aspect Security
For executives and managers - get the education and practical guidance you need to ensure that your software projects properly address security in this collaborative workshop 2 day session.
Lock Picking and Physical Security: From Beginner to Expert
//Deviant Ollam
Those who attend this session will leave with a full awareness of how to best protect buildings and grounds from unauthorized access.
Mac Hacking Class
//Vincenzo Iozzo
The aim of this class is to provide the student with all the skills needed in order to fully perform research on this OS. Specifically how to write payloads, what are the tools needed to perform research and all the hidden oddities of OS X which other UNIX-based systems don’t have.
Malware Analysis: Black Hat Edition
//MANDIANT
This introductory course is for those interested in entering the field of malicious software analysis.
Mastering the Metasploit Framework
//HD Moore
This course dives into the newest features of the Metasploit Framework and demonstrates how to use these features in every aspect of a penetration test.
Microsoft Ninjitsu: Black Belt Edition
//Timothy Mullen, Jim Harrison & Dr. Thomas Shinder
This one-of-a-kind training course will arm attendees with the skills needed to design, deploy, maintain and secure even the most sophisticated Microsoft infrastructures. This "special edition" course will also include the development and design of ISA Server DMZ configurations and deployments to further secure your Microsoft installations
ModSecurity: Deployment and Management
//Ryan Barnett, Breach Security
Designed for those people who want to quickly learn how to build, deploy, and use ModSecurity in the most effective manner possible.
NSA InfoSec Assessment Methodology Course (IAM) - Level 1
//Security Horizon
You will need this course before you can take the IEM course. Earn NSA Certification.
NSA InfoSec Assessment Methodology Course (IEM) - Level 2
//Security Horizon
The follow-up course to the IAM. Earn NSA certification.
Reverse Engineering with IDA Pro
//Chris Eagle
Essential background material for effective reverse engineering.
Reverse Engineering on Windows
//Pedram Amini and Ero Carrera
This class is meant to impart cutting-edge understanding of malicious code analysis upon attendees, ultimately taking them to an advanced level of reverse engineering skills applicable to other security domains.
Reverse Engineering Rootkits and Active Reversing
//Greg Hoglund, HBGary and Rich Cummings, HBGary
This two day class will cover useful techniques and methods for incident response in the field when machines are suspected of intrusion with stealthy malware.
RFID, Access Control & Biometric Systems
//Zac Franken & Adam Laurie
This workshop is geared towards security professionals whose duties and responsibilities include guiding security decisions for whole departments or even entire companies.
SAP (In)security
//Mariano Nuñez Di Croce, CYBSEC July 27-28 only
How to secure an SAP system? How to perform a security assessment of an SAP system? These are two questions that this course will answer.
Secure Coding for Java EE
//Aspect Security
Hands-on exercises where the students get to perform security analysis and testing on a live Java EE web application.
Security for Web-Based Database Applications
//Aspect Security
This class includes hands-on exercises where the students get to perform security analysis and testing on a live web application supported by a back end database.
Secure the Human
//Lance Spitzner, Honeytech
Everything you need to plan, deploy and maintain a successful awareness and training program.
Senior System Manager (CNSS-4012 Certified)
//Information Assurance Associates (IA2)
Very intense, highly concentrated, non-technical professional training necessary to achieve the fundamental knowledge needed to define, design, integrate and manage information system security policies, processes, practices, and procedures within federal interest information systems and networks.
Side Channel Analysis and Countermeasures
//Riscure
Learn how to protect embedded and smart card technology against side channel analysis
Tactical Exploitation
//HD Moore
Using a combination of new tools and lesser-known techniques, attendees will learn how hackers compromise systems without depending on standard exploits.
TCP/IP Weapons School 2.0
//Richard Bejtlich, TaoSecurity
Learn how networks can be abused and subverted, while analyzing the attacks, methods, and traffic that make it happen.
Ultimate Hacking: Black Hat Edition
//Foundstone
The definitive training regimen for assessing and securing your networks.
Ultimate Hacking: Expert
//Foundstone
In depth coverage of current security topics. Not for Beginners.
Ultimate Hacking: Wireless
//Foundstone
In depth coverage of current security topics. Not for Beginners.
Understanding and Deploying DNSSEC
//Paul Wouters and Patrick Nauber
This one-of-a-kind training course will arm attendees with the skills needed to design, deploy, maintain and secure even the most sophisticated Microsoft infrastructures. This "special edition" course will also include the development and design of ISA Server DMZ configurations and deployments to further secure your Microsoft installations
Understanding Stealth Malware
//Joanna Rutkowska and Alexander Tereshkin
July 25-26 only
An in-depth understanding of how advanced stealth malware works, how it interacts with the operating system, underlying hardware and network.
Virtualization (In)Security
//Rafal Wojtczuk & Joanna Rutkowska July 27-28 only
An unbiased view on the security of recent Xen systems (Xen 3.3 and 3.2), show exemplary attacks and a study of how various technology (e.g. Intel VT-d and TXT) and clever design of the VMM can help to improve security.
Web Application (In)security
//NGS Software
If you are concerned with the security of web applications and the insecurity they introduce to your back end information systems this is the workshop for you.