underground.org.mx => Noticias y Eventos => Mensaje iniciado por: hkm en Enero 13, 2020, 06:39:54 pm

Título: NorthSec Montreal [Mayo 10 - 17]
Publicado por: hkm en Enero 13, 2020, 06:39:54 pm

May 10-11-12-13, 2020
High-quality training sessions, given by the absolute best experts in their field. We strive to provide the highest level of exclusive content, giving you a unique opportunity to improve your applied security knowledge.

May 14-15, 2020
Subjects covered will be as diverse as pentesting, network security, software and/or hardware exploitation, web hacking, reverse engineering, malware and cryptography.

Competition (CTF)
May 15-17, 2020
Competition (CTF)
Our applied security contest (also called "Capture The Flag") opposes 75 teams of 8 people trying to obtain the most points by capturing flags.

NorthSec is pleased to announce its high-quality training sessions, given by the absolute best experts in their field. We strive to provide you with the highest level of exclusive content, giving you a unique opportunity to improve your applied security knowledge during NorthSec.

Training Sessions include
Full ticket to the NorthSec Conference
Full ticket to the NorthSec Conference
Coffee, refreshments, snacks and lunch
Coffee, refreshments, snacks and lunch
Special Networking Event
Special Networking Event
2020 Sessions
Crypto Attacks and Defenses
JP Aumasson
Philipp Jovanovic
May 12, 13th
This training familiarizes developers and security professionals of any level with modern cryptography concepts and best practices. It covers basic notions, including randomness generation, authenticated encryption, and elliptic curves, as well as applications like TLS 1.3, password security protocols, libraries and APIs, and software side-channel attacks. Finally, our training offers an overview of advanced topics including post-quantum cryptography. More information

Mastering Burp Suite Pro 100% Hands-On
Nicolas Gregoire
May 11, 12 and 13th
Burp Suite Pro is the leading tool for auditing Web applications at large. Mastering it allows users to get the most out of the tool, optimizing time spent. Work will be faster, more effective and more efficient. What’s more, advanced automation techniques allow detection of additional vulnerabilities whether complex or subtle. Attendees will also learn to measure the quality of their attacks, a crucial skill in real-life engagements. More information

Advanced Web Hacking
Dhruv Shah
May 11, 12 and 13th
Advanced Web Hacking class talks about a wealth of hacking techniques to compromise web applications, APIs and associated end-points. This class focuses on specific areas of app-sec and on advanced vulnerability identification and exploitation techniques (especially server side flaws). This hands-on class covers neat, new and ridiculous hacks which affected real life products and have found a mention in real bug-bounty programs. In this class vulnerabilities selected are ones that typically go undetected by modern scanners or the exploitation techniques are not so well known. More information

Mastering Container Security
Rory McCune
NCC Group
May 12, 13th
Containers and container orchestration platforms such as Kubernetes are on the rise throughout the IT world, but how do they really work and how can you attack or secure them? This course takes a deep dive into the world of Linux containers, covering fundamental technologies and practical approaches to attacking and defending container-based systems such as Docker and Kubernetes. In the 2020 version of the course we'll be focusing more on Kubernetes as it emerges as the dominant core of cloud native systems and looking at the wider ecosystem of products which are used in conjunction with Kubernetes. More information

Dark Side Ops: Malware Dev
SilentBreak Security
May 10, 11th
Dark Side Ops: Malware Dev focuses on the goals, challenges, architecture, and operations of advanced persistent threat (APT) tooling. Participants will dive deep into source code to gain a strong understanding of execution vectors, payload generation, automation, staging, command and control, and exfiltration. More information

Adversary Tactics: Detection
May 10, 11, 12 and 13th
Enterprise networks are under constant attack from adversaries of all skill levels. Blue teamers are facing a losing battle; as the attacker only needs to be successful once to gain access. This course builds on standard network defense and incident response (which target flagging known malware) by focusing on abnormal behaviors and the use of attacker Tactics, Techniques, and Procedures (TTPs). We will teach you how to create threat hunting hypotheses based on attacker TTPs to perform threat hunting operations and detect attacker activity. In addition, you will use free and open source data collection and analysis tools (Sysmon, ELK and Automated Collection and Enrichment Platform) to gather and analyze large amounts of host information to detect malicious activity. You will use these techniques and toolsets to create threat hunting hypotheses and perform threat hunting in a simulated enterprise network undergoing active compromise from various types of threat actors. More information

Adversary Tactics: Red Team Ops
May 10, 11, 12 and 13th
Upgrade your Red Team engagements with bleeding-edge Tactics, Techniques, and Procedures (TTPs) used by attackers in real-world breaches. This course will teach students how to infiltrate networks, gather intelligence, and covertly persist in a network like an advanced adversary. Students will use the skillsets taught in Adversary Tactics: Red Team Ops to go up against live incident responders in an enterprise lab environment designed to mimic a mature real-world network. Students will learn to adapt and overcome Blue Team response through collaborative feedback as the course progresses. More information

Fine print
Training sessions take place right before the conference from Sunday til Wednesday. Dates vary by individual training, make sure to check. Training sessions start at 9am and finish at 5pm. Trainers can lengthen the schedule if they want to.

Full ticket to the NorthSec Conference (Thursday and Friday)
Coffee, refreshments, snacks and lunch
Access to a special networking event with drinks on May 12th
If you already purchased your conference ticket, write us un email at registration@nsec.io to get a refund. Note that we reserve the right to cancel a training if a minimum number of participants isn’t met.

See individual training pages for pricing.

Early bird until December 31st: 20% off*
Not-so Early bird until February 29th: 10% off*
Student pricing (50% off) is available upon request and on selected training. Contact us for details.
Prices are in $CAD before taxes and eventbrite fees
* NEW: There is a 5 ticket per training limit on the number of early bird and not-so early bird tickets. The next early bird pricing will be automatically available when the previous one is sold out.

The training sessions will be hosted at the Downtown Holiday Inn Hotel this year. See our Venue page for details.

Continuing Professional Education (CPE) Credits
We can emit proof of CPE credits for those who are certified through (ISC)2 upon request.

16 CPE credits for a two-day training session
24 CPE credits for a three-day training session
32 CPE credits for a four-day training session

Título: Re:NorthSec Montreal [CANCELADO]
Publicado por: hkm en Marzo 17, 2020, 12:33:29 pm
Posted: Mar 13, 2020
Now categorized as a global pandemic by the WHO, the SARS-CoV-2 (COVID-19/Coronavirus) has spread at dramatic speeds in Canada and Quebec with multiple cases coming up every day through the province and nation, triggering an exceptional response from governments officially requesting the cancellation of events of more than 250 participants.

Throughout the entire year and even as we speak, the entire NorthSec volunteer team deployed an incredible energy to build an awesome event with phenomenal trainings, awesome speakers and tons of CTF challenges in a new venue configuration that allowed for even more community projects.

In light of recent news about the advancement of the virus, it is therefore with great sadness that we are compelled to take the hard but necessary decision to cancel this year’s edition of the event, at least in its original physical form.

The health and safety of attendees & volunteers is our primary concern. As such, we cannot take the risk to create a hotbed for the propagation of the virus while most companies have enforced travel bans, instituted work-from-home or self-quarantine policies, and other events are being cancelled throughout the country.

In the next weeks we will be issuing refunds for all purchased tickets through our Eventbrite platform, and hope that you will understand that we had to take this difficult decision rapidly in order to try and help minimize the financial impact to everyone.

That being said, we’re looking for the best way possible to still celebrate NorthSec 2020 during its original dates in the form of an online presence, even if we’re conscious that the main distinctive and attractive aspect of NorthSec being an on-site CTF with physical challenges and in-person socialization.

The next weeks are going to be pivotal for us as we try and prepare this online mini-version of the event, but rest assured that we are already working to plan 2021 with an even more awesome edition that builds on what we had planned for 2020 and adds some more on top of it!

We’ll keep everyone updated soon; follow us on Twitter for all the updates as they come.