BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Creating and uncovering malicious containers.\n   Wh
 en: Saturday\, Aug 13\, 14:00 - 17:59 PDT\n   Where: Harrah's - Elko (Work
 shops) - [1]Map\n   Speakers:Adrian Wood\,David Mitchell\,Griffin Francis\
 n\n   SpeakerBio:Adrian Wood \, Security Researcher\n   Adrian Wood\, aka 
 threlfall\, discovered a love for hacking from\n   cracking and modding vi
 deo games and from the encouragement of online\n   friends. He has worked 
 as a red team consultant for WHITEHACK\, a\n   company he founded\, and la
 ter as a lead engineer for an offensive\n   research team at a US bank\, w
 here he was very interested in appsec\,\n   container security\, CI/CD sec
 urity and also founded their bug bounty\n   program. He currently works fo
 r Dropbox\, working on application\n   security. In his free time\, he enj
 oys playing saxophone\, working on\n   vintage cars\, and fly-fishing.\n\n
    SpeakerBio:David Mitchell \, Red Team\n   David Mitchell\, aka digish0\
 , started his hacking career as a script\n   kiddie running 7th Sphere in 
 mIRC in high school. Later falling in\n   with some Linux/RedHat nerds at 
 a local 2600 group at college while\n   studying CS\, etc. He got into Lin
 ux\, started an IT career\, later\n   rediscovering his hacking script kid
 die roots when a local hacker\n   space opened up and shared members with 
 a lockpicking group that\n   worked in infosec as penetration testers\, et
 c where he discovered he\n   could get paid to do the things he liked doin
 g in high school/college.\n   He now works professionally as a red team me
 mber and cyber security\n   researcher at a large financial institution. T
 he rest of the time he\n   spends being a dad/husband\, trying not to get 
 injured in Muay Thai/BJJ\n   or mountain biking\, and listening to either 
 very expensive or very\n   cheap vinyl.\n\n   SpeakerBio:Griffin Francis \
 , Security Research Consultant\n   Griffin Francis (@aussinfosec) is a lea
 d information security research\n   consultant at Wells Fargo. Previously 
 having worked at Trustwave in\n   Sydney\, Australia. His interests are wi
 thin Web Application security\n   and Bug Bounty. His research has identif
 ied vulnerabilities in\n   companies and organisations including Apple\, M
 icrosoft\, Mozilla\,\n   Oracle\, Riot Games & AT&T. When not at the compu
 ter\, Griffin can be\n   found attending music festivals and travelling.\n
    Twitter: [2]@aussinfosec\n\n   Description:\n   Containers are the futu
 re. Like it or not even the most technically\n   conservative industries a
 re shifting to them. What that means for the\n   bad actors is they get ac
 cess to an excellent delivery mechanism for\n   malware deployment in orga
 nizations\, offering a wide variety of\n   detection avoidance and persist
 ence mechanisms. Fear not protectors\,\n   containers also offer ways to d
 etect these\, but can be fraught with\n   challenges. Whether you're red\,
  blue or just container curious this\n   workshop is for you.\n\n   In thi
 s workshop\, you will get hands-on with containers and\n   kubernetes\, - 
 starting with introductory content - learning how they\n   work\, where an
 d how to hide or find things\, how to identify indicators\n   of compromis
 e\, indicators of attack\, and how to apply analysis to gain\n   a deeper 
 understanding of container malware and what is going on\n   inside contain
 ers.\n\n   This workshop will utilize the Google Cloud Platform alongside 
 command\n   line operands and a small amount of open source tooling to lea
 rn both\n   offensive and defense techniques on containers. By the end\, y
 ou’ll\n   have a solid mental model of how containers work\, how they ar
 e managed\n   and deployed\, and be equipped with the ability to analyze c
 ontainer\n   images\, identify problems\, and identify familiar patterns. 
 Ultimately\,\n   these skills will allow you to generate valuable insights
  for your\n   organization’s defense or aid you in your next attack.\n\n
    This is a fast-paced course designed to take you deep into the world\n 
   of containers\, making tooling like Kubernetes much more intuitive and\n
    easy to understand. Labs will be used to reinforce your learnings\, and
 \n   the course comes with very detailed notes and instructions for setup\
 n   which you can repeat on your own time. This course will provide\n   re
 ferences to scripts that make certain tasks easier\, but we will be\n   ch
 allenging you to learn the process and reasoning behind them rather\n   th
 an relying on automation.\n\n   Attendees will be provided with all the la
 b material used in the\n   course in digital format\, including labs\, gui
 des and virtual machine\n   setup.\n\n   Materials\n         A Google Clou
 d free tier account (basically a fresh gmail\n         account)\, and an i
 nternet connected computer. We hope to send\n         out instructions to 
 attendees prior to the class\, so they can be\n         ready on the day.\
 n\n   Prereq\n         None\, the class is well designed to allow those wi
 th little to\n         no linux\, kubernetes or cloud familiarity to follo
 w along\, but a\n         basic familiarity with Linux and terminal will a
 llow attendees\n         to focus on the work.\n\n   '\n\n   1. https://de
 fcon.outel.org/consolidated_page.html#Harrahs\n   2. https://twitter.com/a
 ussinfosec\n\n\n
DTEND:20220814T005900Z
DTSTART:20220813T210000Z
LOCATION:WS - Harrah's - Elko (Workshops)
SUMMARY:Creating and uncovering malicious containers.
END:VEVENT
END:VCALENDAR