In an era where cyber threats are increasingly sophisticated, the need for advanced defense mechanisms is paramount. This 2-day intensive course is designed for working professionals in the cybersecurity field, aiming to equip them with the knowledge and skills to leverage artificial intelligence (AI) in combating cyber threats. The course provides a comprehensive overview of AI technologies, focusing on their application in cybersecurity. Participants will gain insights into the latest AI tools and techniques used for threat detection, risk management, and response automation. Through a blend of theoretical knowledge and practical exercises, the course prepares professionals to effectively integrate AI into their cybersecurity strategies.

Learn the ins and outs of using a command-and-controls (C2) for red team operations and learn how threat actors use C2s to gain access to computers and internal networks. During this course, we will create implants with Sliver, learn how to manage a C2 with multiple operators, persist in the target’s environment, pivot to other hosts, and steal valuable credentials. Course material will be accompanied by hands-on labs and a test network to familiarize yourself with the tools and practice the techniques.

Learn how to attack and defend Kubernetes, Linux and containers from Jay Beale, the creator of Bastille Linux, the Center for Internet Security’s first Linux security benchmark, and two Kubernetes tools: the Peirates attack tool and the Bust-a-Kube CTF cluster. In this fully hands-on course, you’ll get access to our cloud training environment, where you’ll have a Kali Linux system filled with capture-the-flag (CTF) virtual machines and a Kubernetes cluster, which you will attack and defend.

This training focuses on giving you practical attack skills from real penetration tests, coupled with solid defenses to break attacks. Every single topic in the class has a long attack exercise, where you use Kali Linux to attack Kubernetes and containerized programs, and a matching short defense exercise, where you will use new skills to break that attack, confident that it will break other attacks. In this well-reviewed class, we attack the container orchestration system, Kubernetes, along with the Linux operating system and containers that make it up!

We begin with a technical introduction to Kubernetes and containers. We learn how to work with container runtimes, hands-on, and then learn the beginnings of container breakout. We then take a deep dive into Kubernetes security measures, starting with authorization, before our next lab: a multi-step Kubernetes cluster compromise. The class continues in this fashion: concepts, then attack, then defense. In all, there are 14 lab exercises, including MitM attacks, node compromises, and cluster-to-cloud-to-cluster compromise.

Our defense work will include: authorization settings, role-based access control, network policies, pod security standards, and the Kyverno admission controller. These will enable and enforce the powerful technologies we’ve learned: AppArmor, SecComp, and root capability dropping. We’ll see how both on-prem and cloud-based clusters can be attacked, attack our own clusters, and then harden those Kubernetes clusters to break our attacks.

This class teaches you how to disassemble binaries, read x86-64 assembly language, and debug black-box binaries in WinDbg and GDB. This knowledge of assembly is the fundamental skill which is required to learn reverse engineering and vulnerability exploitation. Reverse engineering is in turn a fundamental skill which is required for malware analysis and vulnerability hunting.

Dual-purpose class: This class teaches developers how to avoid writing implementation flaws, or detect ones that are already in their code...but it also teaches vulnerability-hunters how to find the flaws as well! So it's an epic battle between contentious developers and devious vulnerability hunters! Who will win?! Whoever most takes the lessons of this class to heart!

Over three-dozen CVE writeups!

This class serves as a prerequisite for a future class that will add examples on uninitialized data access, race conditions, use-after-free, type confusion, and information disclosure vulnerabilities.

This class is designed to give you all the background you need to understand how x86-64 firmware (aka UEFI BIOS) works, and what the most common security misconfigurations are. It will prepare you to be able to read and understand the existing attack and defense research in the space, taking an explicit walk through of the attack and defense moves and counter-moves threat tree. And as always, this classes teaches you to be comfortable with Reading The Fun Manual (RTFM!) to go seek out the most accurate details of how things work, and to see out new problems in new areas that no one's read yet with a security mindset.

Dual-purpose class: This class teaches developers how to avoid writing implementation flaws, or detect ones that are already in their code...but it also teaches vulnerability-hunters how to find the flaws as well! So it's an epic battle between contentious developers and devious vulnerability hunters! Who will win?! Whoever most takes the lessons of this class to heart!

Over three-dozen CVE writeups!

This class treats the material from C/C++ Implementation Vulnerabilities Part 1 as a prerequisite.