[1/2 Day] Technical Workshop: (Hands On) Finetuning GenAI for Hacking and Defending
Description:
This workshop is designed for a technical audience including Appsec Pentesters, Security Engineers, Security Architects, and AI/ML practitioners, Software Developers who have started exploring GenAI.
[1/2 Day] Technical Workshop : (Hands-On) Demystifying Neural Networks And Building Cybersecurity Applications
Description:
This workshop is designed for a security technical audience including Appsec Pentesters, Security Engineers, Security Architects, and AI/ML practitioners, Software Developers who have started
exploring Neural Networks or need it for their profession.
[1 Day] Technical Workshop : (Hands-On) A Practical Approach To IoT Security : Hacking And Defending
Description:
The Internet of Things (IoT) market today is defined by product manufacturers pushing a broad spectrum of computing devices out to the hands of consumers at an ever-increasing pace, and connecting them to the Internet. They are in a rush to hit the market shelves before their competitors and they often marginalize security. In this workshop, we offer hands-on training for pentesting and hardening IoT ecosystems, with special focus on popular communication protocols such as Zigbee, Bluetooth & BLE, as well as Device - Mobile - Cloud security topics. Students will learn about weaknesses in consumer IoT devices (wearables) paired with mobile ecosystems (Android & iOS) — how information theft is scarily easy, and what steps can be taken to harden these designs. We conclude with a Capture The Flag (CTF) session, and a discussion on defensive security best practices for IoT.
[2 Day] Technical Workshop : (Hands-On) Practical Masterclass On SBOM : Building Block In Software & Supply Chain Security
Description:
SBoM’s are one of the most focused entities in current secure development paradigm. However, focus is solely on creation of SBoM owing to its compliance requirements it’s been focused as another checkbox at this point. However, SBoM’s for the first time in a long run is trying to solve the right problem i.e. Inventory. While we believe that SBoM on its own is not the final solution for supply chain security issues, we also strongly believe it’s a solid step in the right direction. Hence, we have come up with this SBoM Masterclass where we wanted to focus on not just creation but consumption and usage of SBoM. SBoM being the inventory has a myriad usage that goes beyond the limited scope of just third- party library vulnerability status detection. This course focuses on different usage and identifies scenarios where SBoM would be useful.
[2 Day] Technical Workshop : (Hands-On) A Practical Approach To Kubernetes Security: Deep Dive into Attacks, Defense & Mitigations
Description:
In an era where container orchestration is vital to scaling and managing applications, Kubernetes stands out as a pivotal technology. But with its vast landscape comes a multitude of attack vectors. This workshop is meticulously crafted for those seeking a deep, technical, hands-on immersion into the world of Kubernetes security. We begin by laying the groundwork with Kubernetes basics, understanding its architecture, and delving into its potential security pitfalls. Participants will be initiated into the intricate details of Kubernetes attack surfaces, with hands-on labs focusing on real-world vulnerabilities and their corresponding exploits.Using advanced exploitation techniques, our session will unravel sophisticated Kubernetes attack methodologies, from manipulating Role-Based Access Controls to advanced container breakout strategies. But, it's not just about offense; we also cover the art of defense. Learn how to seal your secrets, enforce stringent network policies with Cilium, and employ advanced detection mechanisms using tools like Falco and EFK.The workshop consists of a Capture The Flag (CTF) challenge, designed to test the mettle of participants, pitting their newly acquired offensive and defensive skills against real-world Kubernetes scenarios.By the end of our intensive three-day journey, attendees will not only have an expanded skill set but also the confidence to identify, exploit, and protect Kubernetes clusters in real-world environments.
Note: Cloud Based IDE is provided for hassle free learning to all participants.
Comments