BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Black Hills Information Security, Inc. - ECPv6.15.20//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-ORIGINAL-URL:https://www.blackhillsinfosec.com
X-WR-CALDESC:Events for Black Hills Information Security, Inc.
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20210314T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20211107T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20220313T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20221106T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20230312T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20231105T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20221209T120000
DTEND;TZID=America/New_York:20221209T160000
DTSTAMP:20260426T133821
CREATED:20220627T202859Z
LAST-MODIFIED:20220920T181251Z
UID:10000575-1670587200-1670601600@www.blackhillsinfosec.com
SUMMARY:Security Defense and Detection TTX w/ Amanda Berlin and Jeremy Mio
DESCRIPTION:Security Defense and Detection TTX is a comprehensive four-day tabletop exercise that involves the introduction to completion of security TTXs (tabletop exercises)\, IR playbooks\, and after-action reports. The exercises are paired with video and lab demonstrations that reinforce their purpose. The training as a whole is compatible with the world’s most popular RPG rules. \nThe preparation phase will walk students through the creation of specific IR playbooks that can be utilized in any environment as well as during later parts of the class. The next phase introduces the gamification of the TTXs. The students split up into separate “corporations” with assigned verticals\, hit points\, armor class\, budgets\, strengths\, and weaknesses. Selection of departments and skills allow the players to further their modifiers. Throughout the exercise\, each company will take turns rolling their way through decisions such as large purchases\, attack severity\, defense capability\, and incident response decisions. \nhttps://www.antisyphontraining.com/security-defense-and-detection-ttx-w-amanda-berlin-and-jeremy-mio/
URL:https://www.blackhillsinfosec.com/event/security-defense-and-detection-ttx-w-amanda-berlin-and-jeremy-mio/2022-12-09/
LOCATION:MD
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Security-Defense-and-Detection-TTX.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20221209T120000
DTEND;TZID=America/New_York:20221209T160000
DTSTAMP:20260426T133821
CREATED:20220628T202847Z
LAST-MODIFIED:20220920T181037Z
UID:10000595-1670587200-1670601600@www.blackhillsinfosec.com
SUMMARY:Breaching the Cloud w/ Beau Bullock
DESCRIPTION:Register: https://www.antisyphontraining.com/breaching-the-cloud-w-beau-bullock/ \nDo you want to level up your cloud penetration testing skills? The attack surface of many organizations has changed to include third-party hosted services such as Amazon Web Services\, Microsoft Azure\, and Google Cloud Platform. In this training course\, hacking concepts will be introduced for each of those services. \nThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services\, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization. \nPost-compromise techniques of cloud infrastructure differ from the techniques used in typical on-premise environments. You will learn situational awareness techniques that ultimately will impact how you will escalate privileges in the cloud. With most cloud-based authentication being publicly exposed this presents new and interesting persistence techniques that are non-existent to on-premise environments. With productivity tools like G-Suite and Microsoft 365 many organizations are making their email and other data that is normally protected by a firewall available to remote employees. You will learn how to discover\, pillage\, and exfiltrate data from these services. \nMany organizations are fully leveraging cloud services for their production infrastructure. This can include web servers\, SQL databases\, storage\, virtual machines\, and more. In this training\, you will learn how to assess and compromise these resources. Some cloud deployments are directly connected to on-premise environments via VPN. This presents an opportunity to pivot access from cloud to on-prem or vice-versa. \nFinally\, in this training\, we will not only be attacking cloud infrastructure but also leveraging it for red team operations. You will learn techniques that leverage cloud services for techniques such as phishing\, domain fronting\, and command & control. \nTools and techniques used on real-world penetration tests against cloud assets will be shared including hands-on demonstrations. At the end of this training\, you will have new skills for assessing cloud-based infrastructure! \n\n\n\n 
URL:https://www.blackhillsinfosec.com/event/breaching-the-cloud-w-beau-bullock/2022-12-09/
LOCATION:MD
CATEGORIES:Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/BreachingCloud_1920x1080-1-1536x864-1.jpeg
END:VEVENT
END:VCALENDAR