BEGIN:VCALENDAR VERSION:2.0 PRODID:Data::ICal 0.24 BEGIN:VEVENT DESCRIPTION: 'Title: Creating and uncovering malicious containers Redux\n (Pre-Registration Required)\n When: Saturday\, Aug 12\, 09:00 - 12:59 PDT\n Where: Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin - [1]M ap\n Speakers:Adrian "threlfall" Wood\,David "digish0" Mitchell\n\n Sp eakerBio:Adrian "threlfall" Wood \, Dropbox\n Adrian Wood\, aka threlfal l\, discovered a love for hacking from\n cracking and modding video game s and from the encouragement of online\n friends. He has worked as a red team consultant for WHITEHACK\, a\n company he founded\, and later as a lead engineer for an offensive\n research team at a US bank\, where he was very interested in appsec\,\n container security\, CI/CD security an d also founded their bug bounty\n program. He currently works for Dropbo x\, working on their red team. In\n his free time\, he enjoys playing sa xophone\, working on vintage cars\,\n and fly-fishing.\n\n SpeakerBio: David "digish0" Mitchell\n David Mitchell\, aka digish0\, started his ha cking career as a script\n kiddie running 7th Sphere in mIRC in high sch ool. Later falling in\n with some Linux/RedHat nerds at a local 2600 gro up at college while\n studying CS\, etc. He got into Linux\, started an IT career\, later\n rediscovering his hacking script kiddie roots when a local hacker\n space opened up and shared members with a lockpicking gr oup that\n worked in infosec as penetration testers\, etc where he disco vered he\n could get paid to do the things he liked doing in high school /college.\n He now works professionally as a red team member and cyber s ecurity\n researcher at a large financial institution. The rest of the t ime he\n spends being a dad/husband\, trying not to get injured in Muay Thai/BJJ\n or mountain biking\, and listening to either very expensive o r very\n cheap vinyl.\n\n Description:\n Containers allow bad actors access to an excellent delivery mechanism\n for malware deployment in o rganizations\, offering a wide variety of\n detection avoidance and pers istence mechanisms. Fear not protectors\,\n containers also offer ways t o detect these\, but can be fraught with\n challenges. Whether you're re d\, blue or just container curious this\n workshop is for you.\n\n In this workshop\, you will get hands-on with containers and\n kubernetes\, - starting with introductory content - learning how they\n work\, where and how to hide or find things\, how to identify indicators\n of compro mise\, indicators of attack\, and how to apply analysis to gain\n a deep er understanding of container malware and what is going on\n inside cont ainers.\n\n This workshop will utilize the Google Cloud Platform alongsi de command\n line operands and a small amount of open source tooling to learn both\n offensive and defense techniques on containers. By the end\ , you’ll\n have a solid mental model of how containers work\, how they are managed\n and deployed\, and be equipped with the ability to analyz e container\n images\, identify problems\, attack container supply chain s and identify\n familiar patterns. Ultimately\, these skills will allow you to generate\n valuable insights for your organization’s defense o r aid you in your\n next attack.\n\n This course is designed to take y ou deep into the world of containers\,\n making tooling like Kubernetes much more intuitive and easy to\n understand.There’s lots of labs whic h will be used to reinforce your\n learnings\,in both attack and defense and the course comes with very\n detailed notes and instructions for se tup which you can repeat on your\n own time. This course will provide re ferences to scripts that make\n certain tasks easier\, but we will be ch allenging you to learn the\n process and reasoning behind them rather th an relying on automation.\n\n Attendees will be provided with all the la b material used in the\n course in digital format\, including labs\, gui des and virtual machine\n setup.\n\n Skill Level: Beginner to Intermed iate\n\n Prerequisites for students:\n - None! the class is well desig ned to allow those with little to no\n linux\, kubernetes or cloud famil iarity to follow along\, but a basic\n familiarity with Linux and termin al will allow attendees to focus on\n the work.\n\n Materials or Equip ment students will need to bring to participate: - A\n Google Cloud free tier account (basically a fresh gmail account) - an\n internet connecte d computer\n - We will send out instructions to attendees prior to the c lass\, so\n they can be ready on the day.\n\n '\n\n 1. #FlamingoLowe rLevel\n\n\n DTEND:20230812T195900Z DTSTART:20230812T160000Z LOCATION:WS - Flamingo - Exec Conf Ctr - Foyer - Workshop Checkin SUMMARY:Creating and uncovering malicious containers Redux (Pre-Registratio n Required) END:VEVENT END:VCALENDAR