I give many presentations over the year, and really enjoy speaking. I will include links to the presentations here.. but there’s also notes in the blog as to where and how it went.
- Hacking your Mind and Emotions – a talk discussing social engineering
- TTL 0f a Penetration – this was a talk I gave looking at an attack from three perspectives:
- Attacker – what they see and how they use it
- Attackee – what you might see when they’re attacking ..
- Admin – points where you can insert yourself to detect the attack.
I also teach full day classes
Hands on Security for System Administrators
System administrators often run into interesting conflicts between sysadmin, customer, and IT security needs. These conflicts generally lead to difficulty in achieving a balance between administrative convenience, good customer service, and minimal risk. There are processes or services available that can significantly improve any of these areas; however, many times they are costly or resource intensive. This course is designed for system administrators who want to improve the security posture of their organizations, using IT security standards paired with good system administration practices, resulting in better service, lower risk, and minimal impact to time and budget.
We will walk a path, covering many domains of IT security and enterprise system administration in ways that utilize the interconnection between good system administration practices and security fundamentals. We will discuss recent risks and threats, analyze them with respect to your environment, review possible impacts and develop mitigations that you can apply immediately. Training includes instruction, discussion, many hands-on labs, and a strong dose of common sense.
Attendees should bring a laptop capable of running a Virtual Guest and will be provided a VM in which to work. The class will have access to a test network of systems for training and lab exercises.
Who should attend:
Beginning to mid-level system administrators of any stripe with an interest in IT security and a desire to improve their security. It is suggested that participants have experience with the *nix command line.
Take back to work:
A toolbox of documentation, (mostly) free software, and a good starting point for developing better practices to improve security and system administration.
- The relationship between system administration and IT security
- Security theories, standards and risk mitigation as applied by SA’s
- Information management using Trac and Subversion
- Good system administration practices that directly improve IT security
- Basic configuration driven system management using Puppet
- Host and network auditing, hardening, and monitoring
- Developing an effective security awareness program
Defending against the Dark Arts
Today’s threats to the enterprise are manifested in many ways but all share similar traits: highly intelligent, well-funded and determined to gain access. In this class, we will explore the murky world of the black-hats. We will examine your security foot-print as they view it, and discuss ways to minimize it, various vectors for attack, and how to detect and defend. We will spend time talking about current threats, and how they can impact your company, and we will build upon the foundations of good security practice. As with all my classes, this will be accompanied with a pinch of humor and a large dollop of common sense.
Who should attend:
Participants should be beginning to mid-level system administrators of any stripe with an interest in IT Security and a desire to understand their potential adversaries. It is suggested that participants have experience with *nix command line and virtual hosts. This course is a continuation of, and will build on, what is taught in Hands On Security for Sysadmins. However, attending that course is not a prerequisite.
Take back to work:
Tools, tips, tricks and a working security toolkit which can be implemented to improve monitoring, detection and defense in your organization. Experience working with (mostly) free security software tools.
- Understanding an attack from beginning to end
- Security Podiatry Social Engineering detection and prevention
- Detecting undesirable network and server behavior
- Detecting penetration attempts and successes, and stopping them
- Raising awareness