This year we had some excellent submissions for TelcoSecDay. Here are the first four confirmed speakers who are going to talk about the below mentioned topics:
Tag: TROOPERS
#TR19 Active Directory Security Track
As some of you might recall we’ve introduced a dedicated “Active Directory Security Track” at last year’s Troopers. For Troopers19 we’ve expanded it to two days (as the SAP Security Track was discontinued), and in the following I’ll provide a list of talks in the track.
Continue reading “#TR19 Active Directory Security Track”
Continue readingTROOPERS19 Training Teaser: Hacking mobile applications
“If it’s a thing, then there’s an app for it!”…We trust mobile apps to process our bank transactions, handle our private data and set us up on romantic dates. However, few of us care to wonder,”How (in)secure can these apps be?” Well… at Troopers 19, you can learn how to answer this question yourself!
In our 2 day long “Hacking mobile applications” workshop, we teach how to find security vulnerabilities in mobile apps, exploit them and defend against them. We start from scratch, therefore no prior experience in hacking or developing mobile apps is required. Whether you want to learn how to pentest mobile apps, you are an app developer that fancies to secure his/her apps, or just curios, our workshop is a jumpstart to your goal.
Continue reading “TROOPERS19 Training Teaser: Hacking mobile applications”
Continue readingTROOPERS19 Training Teaser: Insight Into Windows Internals
Windows 10 is one of the most commonly deployed operating systems at this time. Knowledge about its components and internal working principles is highly beneficial. Among other things, such a knowledge enables:
- in-depth studies of undocumented, or poorly documented, system functionalities;
- development of performant and compatible software to monitor or extend the activities of the operating system itself; and
- analysis of security-related issues, such as persistent malware.
Continue reading “TROOPERS19 Training Teaser: Insight Into Windows Internals”
Continue readingTROOPERS19 Training Teaser: Hacking 101
Hi there,
like in recent years the popular Hacking 101 workshop will take place on TROOPERS19, too! The workshop will give you an insight into the hacking techniques required for penetration testing. These techniques will cover various topics:
- Information gathering
- Network scanning
- Web application hacking
- Low-level exploitation
…and more!
Continue reading “TROOPERS19 Training Teaser: Hacking 101”
Continue readingTROOPERS19 Training Teaser: Windows & Linux Binary Exploitation
Once again Troopers will have its Windows & Linux Binary Exploitation workshop. Its main focus are the ever-present stack-based buffer overflows still found in software today (e.g. CVE-2018-5002, CVE-2018-1459, and CVE-2018-12897) and their differences with regard to exploitation on Windows and Linux systems. If you ever wanted to know the details of the exploit development process for these systems then this workshop is for you. Continue reading “TROOPERS19 Training Teaser: Windows & Linux Binary Exploitation”
Continue readingTROOPERS19 Training Teaser: Hardening Microsoft Environments
“Credential Theft” or “Credential Reuse” attack techniques are the biggest known threats to Active Directory environments. This can be attributed to significant advances in and broad distribution of attack and reconnaissance tools such as mimikatz or Bloodhound. This means that after the first system in an environment is compromised it often takes less than 48 hours for a complete compromise of an Active Directory but unfortunately typically 8 to 9 months until the attack is discovered. Continue reading “TROOPERS19 Training Teaser: Hardening Microsoft Environments”
Continue readingSecure CI/CD Pipelines @Troopers ’19
In the last couple of months we participated in an increasing count of customer projects following current trends of agile software development approaches and corresponding toolstacks. Especially the terms Continuous Integration and Continuous Delivery kept (and still keep) popping up on every corner. The frameworks and processes behind those two hypes aid developing software at higher quality in shorter release cycles. This is especially relevant since end consumers nowadays expect fast releases including the newest features. If companies neglect this demand, competitors might take advantage of their better time-to-market which might result in increased market share and -dominance. A lot of changes are happening in the space of CI/CD. Existing tools become more mature, gaining increased attention, and new ones are appearing every month including better ways of integrating them into existing or new processes. Companies benefit from more choices, increased flexibility, and faster integration into existing company policies.
Continue reading “Secure CI/CD Pipelines @Troopers ’19”
Continue readingCatching fire with Docker, DevOps & Security in Enterprise Environments
Docker has become the go-to technology in enterprise- and DevOps contexts. Yet, before mastering a skill, there is the thumb rule: one must learn the basics to have solid fundament before building a house on top. Continue reading “Catching fire with Docker, DevOps & Security in Enterprise Environments”
Continue readingBlackhoodie at TROOPERS19
We are going to have a Blackhoodie event at Troopers 2019 on March 18th and 19th in Heidelberg. With a very exciting event last year, we have decided to roll it once again during Troopers.
Continue reading “Blackhoodie at TROOPERS19”
Continue reading