This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Portland 2018 Training Day"

From OWASP
Jump to: navigation, search
(Oracle Cloud Infrastructure)
(Small edits for Incident Handling workshop)
Line 30: Line 30:
 
Prerequisites: Laptop capable of running a recent version of Nmap (Windows, Linux or Mac) with admin/root privileges.
 
Prerequisites: Laptop capable of running a recent version of Nmap (Windows, Linux or Mac) with admin/root privileges.
  
=== Incident Handling - a primer ===
+
=== Incident Handling in Cloud Environment - a primer ===
 +
 
 +
==== Sponsored by ForgeRock ====
  
 
''Instructor: Derek Hill''
 
''Instructor: Derek Hill''
Line 118: Line 120:
 
| style="padding: 0.5em;" |Introduction to Computer Forensics <br>(Kris Rosenberg)
 
| style="padding: 0.5em;" |Introduction to Computer Forensics <br>(Kris Rosenberg)
 
| style="padding: 0.5em;" |Intro to Practical Internal Vulnerability Scanning <br>(Patterson Cake)
 
| style="padding: 0.5em;" |Intro to Practical Internal Vulnerability Scanning <br>(Patterson Cake)
| style="padding: 0.5em;" |Incident Handling - a primer <br>(Derek Hill)
+
| style="padding: 0.5em;" |Incident Handling in Cloud Environment - a primer <br>(Derek Hill)
 
|-
 
|-
 
| style="padding: 0.5em;" |12:00 PM - 1:30 PM
 
| style="padding: 0.5em;" |12:00 PM - 1:30 PM

Revision as of 19:58, 15 August 2018

For the third year in a row, the Portland OWASP chapter is proud to host our information security training day! This is be an excellent opportunity for those interested to receive top quality information security and application security training for prices far lower than normally offered. It's also a great chance to network with the local infosec community and meet those who share your interests.

Want to get news and information on our 2018 Training Day? Subscribe to the Portland OWASP mailing list or follow @PortlandOWASP on Twitter!

Courses

Courses will be held in two tracks: four in the morning session, and four in the afternoon session. Each participant can register for one morning course, or one afternoon course, or one of each.

Morning Session 8:30 AM - Noon

Intro to Hacking Web 3.0

Instructor: Mick Ayzenberg

Abstract: In this half day course, we will introduce several emerging Blockchain concepts such as Web 3.0, smart contracts, and decentralized applications (DApps). You will get the opportunity to explore and interact with applications on this platform, and will be introduced to several of the most common vulnerability categories found in smart contracts through a capture the flag platform. This class will be highly interactive, so bring a laptop. No previous Blockchain experience required.

Introduction to Computer Forensics

Instructor: Kris Rosenberg

Abstract: It’s 3AM and the phone rings… ok, maybe not 3AM, but you get the call that a computer system on your network is acting strange. After taking a look you realize that this system may be infected with malware, or possibly you have an active intruder inside your network. What do you do next? This session will guide you through the basic initial steps that can be taken in a security incident to effectively isolate and contain the attack and collect evidence for potential future prosecution. We will introduce the PICERL framework for incident handling and discuss each phase in detail: Planning, Identification, Containment, Eradication, Recovery, and Lessons Learned. At the end of the session you should have a basic understanding of how to respond to a potential security incident, and preserve any evidence that may be needed.

Intro to Practical Internal Vulnerability Scanning

Instructor: Patterson Cake

Abstract: If your organization has the resources to scan all of the things all of the time, this course may not be for you! If, however, you are like most organizations, struggling to keep up and to make tangible progress towards improving your security posture, read on! In this course, we'll discuss scanning tools and techniques to help you identify unknown devices, sensitive data exposure, and system misconfigurations within your environment, using open-source and built-in tools, like Nmap and PowerShell, along with some good old-fashioned NI (Natural Intelligence). We'll focus on practical, tactical ways to find things like unapproved IoT devices on your network, sensitive data shares with "Everyone" permissions, and web apps with default credentials, things you care about which are often easy to remediate but may not show up on traditional vulnerability or compliance scans.

Prerequisites: Laptop capable of running a recent version of Nmap (Windows, Linux or Mac) with admin/root privileges.

Incident Handling in Cloud Environment - a primer

Instructor: Derek Hill

Abstract: Have you ever wondered what it takes to investigate an incident inside your company network? What about your assets stored in a public cloud? When does an event become an incident? Who decides this? We will cover the important steps of an incident handling process, including getting you started in creating your own incident handling plan. We will talk about the challenges of doing this in cloud, where you don't have physical access to the machines. You will walk away with an understanding of the fundamental steps of incident handling as well as some examples of what to look for, how to handle collection and preservation of evidence.

Afternoon Session: 1:30 PM - 5:00 PM

Advanced Application Security Testing

Instructor: Timothy Morgan

Abstract: This course takes students beyond the most basic web application exploitation scenarios, focusing on advanced SQL injection, XML eXternal Entities (XXE) and server-side request forgery (SSRF) attacks. The course also covers out-of-band detection and exfiltration using the DNS, which has recently become a popular technique used by penetration testers.

AppSec Testing Beyond Pen Test

Instructor: Bhushan Gupta

Abstract: Most web application security testing efforts are concentrated around penetration testing, which is an art based on hackers’ psyche, thought process, and determination to exploit software vulnerabilities. However, does it yield a high level of confidence and sense of security in a developer’s mind? The web application developers must begin to think of building security throughout the software development life cycle (SDLC). This workshop paper focuses on an approach that aligns the web application security testing with the three basic principles of security; confidentiality, integrity, and availability (CIA). Using a simple approach, workshop teaches how to identify the most vulnerable processes in an application, highlighting the test-intensive areas. The students will learn:

  1. How to identify the security requirements for their business
  2. How to plan security testing using both statics and dynamic code analysis
  3. How to apply STRIDE model to evaluate critical web application components
  4. How to prioritizing vulnerabilities based upon DREAD model to minimize breech impact

Applied Physical Attacks on Embedded Systems, Introductory Version

Instructor: Joe FitzPatrick

Abstract: This workshop introduces several different relatively accessible interfaces on embedded systems. Attendees will get hands-on experience with UART, SPI, and JTAG interfaces on a MIPS-based wifi router. After a brief architectural overview of each interface, hands-on labs will guide through the process understanding, observing, interacting with, and exploiting the interface to potentially access a root shell on the target.

Advanced Custom Network Protocol Fuzzing

Instructor: Joshua Pereyda

Abstract: Get hands on experience writing custom network protocol fuzzers. This class will cover the basics of network protocol ""smart fuzzing."" Exercises will utilize the open source network protocol fuzzing framework, boofuzz. Attendees will gain practice reverse engineering a network protocol, implementing and iterating on a custom fuzzer, and identifying vulnerabilities. After the course:

  1. You will know the basics of fuzzing.
  2. You will know how to write custom network protocol fuzzers using state of the art open source tools.
  3. You will have hands on experience with this widely-discussed but still largely mysterious test method.

Sponsors

Interested in becoming a sponsor? Watch this space for 2018 sponsorship information!

Mixer Sponsors

Github.png

Training Session Sponsors

Newrelic.png               Summit.png               OCI Logo.png

Morning Coffee Sponsors

OCI Logo.png

General Sponsors

Simple.png

Details

OWASP Portland 2018 Training Day will be October 3, 2018. This year we'll be located at:

World Trade Center Portland
121 SW Salmon St.
Portland, OR 97204. 

Later in the evening, a social mixer will also be held at Rock Bottom Restaurant & Brewery, just a short walk away:

206 SW Morrison St
Portland, OR 97204

Schedule

Time Activity
8:00 AM - 8:30 AM Morning Registration and Continental Breakfast
8:30 AM - 12:00 PM Intro to Hacking Web 3.0
(Mick Ayzenberg)
Introduction to Computer Forensics
(Kris Rosenberg)
Intro to Practical Internal Vulnerability Scanning
(Patterson Cake)
Incident Handling in Cloud Environment - a primer
(Derek Hill)
12:00 PM - 1:30 PM Lunch on your own - Meet a new friend and grab a bite!
1:00 PM - 1:30 PM Afternoon Registration (for those attending only in the afternoon)
1:30 PM - 5:00 PM Advanced Application Security Testing
(Timothy Morgan)
AppSec Testing Beyond Pen Test
(Bhushan Gupta)
Applied Physical Attacks on Embedded Systems, Introductory Version
(Joe FitzPatrick)
Advanced Custom Network Protocol Fuzzing
(Joshua Pereyda)
5:00 PM - 7:30 PM Evening Mixer @ Rock Bottom Restaurant and Brewery

Lunch Ideas

Lunch ideas for 2018 coming soon!

How to Register

Registration information and dates coming soon!