BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Black Hills Information Security, Inc. - ECPv6.15.18//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:Black Hills Information Security, Inc.
X-ORIGINAL-URL:https://www.blackhillsinfosec.com
X-WR-CALDESC:Events for Black Hills Information Security, Inc.
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20210314T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20211107T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20220313T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20221106T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20230312T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20231105T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220831T110000
DTEND;TZID=America/New_York:20220831T160000
DTSTAMP:20260404T061004
CREATED:20220719T221554Z
LAST-MODIFIED:20220719T221636Z
UID:10000784-1661943600-1661961600@www.blackhillsinfosec.com
SUMMARY:Advanced Endpoint Investigations w/ Alissa Torres
DESCRIPTION:For most security teams\, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility\, most critical incidents will require the acquisition and analysis of additional endpoint data. This course focuses on four core investigative competencies: endpoint data collection\, investigative triage\, incident response pivots\, and root cause analysis. \nAfter learning about key endpoint artifact and memory analysis techniques for Windows and Linux\, attendees will work through real-world scenarios in hands-on labs. We’ll pivot from initial detection into host triage analysis to discern attackers’ discovery\, defense evasion and lateral movement techniques. Attendees will learn to identify key indicators for the generation of high-fidelity detections. \n\n\n\nhttps://www.antisyphontraining.com/advanced-endpoint-investigations-w-alissa-torres/
URL:https://www.blackhillsinfosec.com/event/advanced-endpoint-investigations-w-alissa-torres-2/2022-08-31/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/advanced-endpoint-investigations-graphic-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220831T080000
DTEND;TZID=America/New_York:20220831T140000
DTSTAMP:20260404T061005
CREATED:20220719T221156Z
LAST-MODIFIED:20230209T223825Z
UID:10000942-1661932800-1661954400@www.blackhillsinfosec.com
SUMMARY:Active Defense & Cyber Deception w/ John Strand
DESCRIPTION:Register: https://www.antisyphontraining.com/active-defense-cyber-deception-w-john-strand/ \nActive Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between. \nIn this class\, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly\, you will find out how to do the above legally. \nThe current threat landscape is shifting. Traditional defenses are failing us. We need to develop new strategies to defend ourselves. Even more importantly\, we need to better understand who is attacking us and why. Some of the things we talk about you may implement immediately\, others may take you a while to implement. Either way\, consider what we discuss as a collection of tools at your disposal when you need them to annoy attackers\, attribute who is attacking you\, and finally\, attack the attackers. \nThis class is based on the DARPA funded Active Defense Harbinger Distribution live Linux environment. This VM is built from the ground up for defenders to quickly implement Active Defenses in their environments. This class is also very heavy with hands-on labs. We will not just talk about Active Defenses. We will be doing hands-on labs and through them in a way that can be quickly and easily implemented in your environment.
URL:https://www.blackhillsinfosec.com/event/active-defense-cyber-deception-w-john-strand/2022-08-31/
CATEGORIES:Pay What You Can,Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/ActDefCybDecept_1920x1080.jpg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220830T163000
DTEND;TZID=America/New_York:20220830T173000
DTSTAMP:20260404T061005
CREATED:20220624T204221Z
LAST-MODIFIED:20220920T184909Z
UID:10000470-1661877000-1661880600@www.blackhillsinfosec.com
SUMMARY:AASLR: Antisyphon Address Space Layout Randomization
DESCRIPTION:AASLR will have infosec professionals sharing their knowledge on tools\, techniques\, and procedures and then answering a lot of your questions on everything you can think to ask. \nStreamed live every Tuesday and Wednesday @ 4:30 pm. \nhttps://www.twitch.tv/antisyphon
URL:https://www.blackhillsinfosec.com/event/aaslr-antisyphon-address-space-layout-randomization/2022-08-30/
CATEGORIES:Livestream
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/antisyphon_livestream_v1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220830T120000
DTEND;TZID=America/New_York:20220830T160000
DTSTAMP:20260404T061005
CREATED:20220719T222243Z
LAST-MODIFIED:20220719T222243Z
UID:10000701-1661860800-1661875200@www.blackhillsinfosec.com
SUMMARY:Hiring Handbook: How to Build an InfoSec Team that Gets Stuff Done w/ Kip Boyle
DESCRIPTION:In this class\, Kip shows InfoSec supervisors how to build the team of their dreams. Students will learn how to attract and retain top tier talent. The kind of talented people who could work anywhere\, but choose to work with you. Team members who get stuff done and don’t think much about changing employers. \nWhat’s more\, this kind of team throws open the door for you to become a powerful influencer on InfoSec strategy with your senior decision makers. Why? Because your team will let you work “on your program” instead of working “in your program.” And that will allow you to spend more time learning about the business your team protects and building relationships with the other top influencers across your organization. \nDuring this workshop\, we’ll be referring to the “Cybersecurity Hiring Manager Handbook” an open source document published under the Creative Commons Attribution 4.0 International (CC BY 4.0) license. \nhttps://www.antisyphontraining.com/hiring-handbook-how-to-build-an-infosec-team-that-gets-stuff-done-w-kip-boyle/
URL:https://www.blackhillsinfosec.com/event/hiring-handbook-how-to-build-an-infosec-team-that-gets-stuff-done-w-kip-boyle/2022-08-30/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/Hiring_Handbook_Graphic.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220830T120000
DTEND;TZID=America/New_York:20220830T160000
DTSTAMP:20260404T061005
CREATED:20220719T221938Z
LAST-MODIFIED:20221206T205239Z
UID:10000697-1661860800-1661875200@www.blackhillsinfosec.com
SUMMARY:Enterprise Security for All w/ Bob Hewitt & Rich Fifarek
DESCRIPTION:Register: https://www.antisyphontraining.com/enterprise-security-for-all-w-bob-hewitt-rich-fifarek/ \nThis 16-hour Information Security training class is targeted for newly appointed or dual-roled (your primary job + security) security professionals within a Small or Medium Business (SMB) or similar sized organization. \nSMBs and organizations face unique challenges in Information Security yet are often presented with solutions that may be out of reach due to cost\, time\, and staffing. We believe Information Security should be accessible and achievable by any organization\, regardless of their size. \nThis course will walk the student through real-world examples\, demonstrating how to prevent and defend against these threats\, utilizing widely adopted frameworks\, while focusing on simpler and more affordable solutions. \nThe course includes a virtual machine image for hands-on exercises that will contain tools that participants may utilize in their environments after the class.
URL:https://www.blackhillsinfosec.com/event/enterprise-security-for-all-w-bob-hewitt-rich-fifarek/2022-08-30/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/Enterprise-Security-for-All-w_-Rich-Fifarik-Bob-Hewitt-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220830T110000
DTEND;TZID=America/New_York:20220830T160000
DTSTAMP:20260404T061005
CREATED:20220719T221554Z
LAST-MODIFIED:20220719T221636Z
UID:10000783-1661857200-1661875200@www.blackhillsinfosec.com
SUMMARY:Advanced Endpoint Investigations w/ Alissa Torres
DESCRIPTION:For most security teams\, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility\, most critical incidents will require the acquisition and analysis of additional endpoint data. This course focuses on four core investigative competencies: endpoint data collection\, investigative triage\, incident response pivots\, and root cause analysis. \nAfter learning about key endpoint artifact and memory analysis techniques for Windows and Linux\, attendees will work through real-world scenarios in hands-on labs. We’ll pivot from initial detection into host triage analysis to discern attackers’ discovery\, defense evasion and lateral movement techniques. Attendees will learn to identify key indicators for the generation of high-fidelity detections. \n\n\n\nhttps://www.antisyphontraining.com/advanced-endpoint-investigations-w-alissa-torres/
URL:https://www.blackhillsinfosec.com/event/advanced-endpoint-investigations-w-alissa-torres-2/2022-08-30/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/advanced-endpoint-investigations-graphic-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220830T080000
DTEND;TZID=America/New_York:20220830T140000
DTSTAMP:20260404T061005
CREATED:20220719T221156Z
LAST-MODIFIED:20230209T223825Z
UID:10000941-1661846400-1661868000@www.blackhillsinfosec.com
SUMMARY:Active Defense & Cyber Deception w/ John Strand
DESCRIPTION:Register: https://www.antisyphontraining.com/active-defense-cyber-deception-w-john-strand/ \nActive Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between. \nIn this class\, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly\, you will find out how to do the above legally. \nThe current threat landscape is shifting. Traditional defenses are failing us. We need to develop new strategies to defend ourselves. Even more importantly\, we need to better understand who is attacking us and why. Some of the things we talk about you may implement immediately\, others may take you a while to implement. Either way\, consider what we discuss as a collection of tools at your disposal when you need them to annoy attackers\, attribute who is attacking you\, and finally\, attack the attackers. \nThis class is based on the DARPA funded Active Defense Harbinger Distribution live Linux environment. This VM is built from the ground up for defenders to quickly implement Active Defenses in their environments. This class is also very heavy with hands-on labs. We will not just talk about Active Defenses. We will be doing hands-on labs and through them in a way that can be quickly and easily implemented in your environment.
URL:https://www.blackhillsinfosec.com/event/active-defense-cyber-deception-w-john-strand/2022-08-30/
CATEGORIES:Pay What You Can,Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/ActDefCybDecept_1920x1080.jpg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220829T163000
DTEND;TZID=America/New_York:20220829T173000
DTSTAMP:20260404T061005
CREATED:20220624T174740Z
LAST-MODIFIED:20220627T143602Z
UID:10000401-1661790600-1661794200@www.blackhillsinfosec.com
SUMMARY:BHIS | Talkin' Bout Infosec News
DESCRIPTION:Join the BHIS team as we talk about current infosec news. \nStreamed live every Monday @ 4:30 pm. \nhttps://www.youtube.com/BlackHillsInformationSecurity
URL:https://www.blackhillsinfosec.com/event/bhis-talkin-bout-infosec-news/2022-08-29/
CATEGORIES:Newscast
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/MicrosoftTeams-image-10.jpg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220829T120000
DTEND;TZID=America/New_York:20220829T160000
DTSTAMP:20260404T061005
CREATED:20220719T222243Z
LAST-MODIFIED:20220719T222243Z
UID:10000700-1661774400-1661788800@www.blackhillsinfosec.com
SUMMARY:Hiring Handbook: How to Build an InfoSec Team that Gets Stuff Done w/ Kip Boyle
DESCRIPTION:In this class\, Kip shows InfoSec supervisors how to build the team of their dreams. Students will learn how to attract and retain top tier talent. The kind of talented people who could work anywhere\, but choose to work with you. Team members who get stuff done and don’t think much about changing employers. \nWhat’s more\, this kind of team throws open the door for you to become a powerful influencer on InfoSec strategy with your senior decision makers. Why? Because your team will let you work “on your program” instead of working “in your program.” And that will allow you to spend more time learning about the business your team protects and building relationships with the other top influencers across your organization. \nDuring this workshop\, we’ll be referring to the “Cybersecurity Hiring Manager Handbook” an open source document published under the Creative Commons Attribution 4.0 International (CC BY 4.0) license. \nhttps://www.antisyphontraining.com/hiring-handbook-how-to-build-an-infosec-team-that-gets-stuff-done-w-kip-boyle/
URL:https://www.blackhillsinfosec.com/event/hiring-handbook-how-to-build-an-infosec-team-that-gets-stuff-done-w-kip-boyle/2022-08-29/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/Hiring_Handbook_Graphic.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220829T120000
DTEND;TZID=America/New_York:20220829T160000
DTSTAMP:20260404T061005
CREATED:20220719T221938Z
LAST-MODIFIED:20221206T205239Z
UID:10000696-1661774400-1661788800@www.blackhillsinfosec.com
SUMMARY:Enterprise Security for All w/ Bob Hewitt & Rich Fifarek
DESCRIPTION:Register: https://www.antisyphontraining.com/enterprise-security-for-all-w-bob-hewitt-rich-fifarek/ \nThis 16-hour Information Security training class is targeted for newly appointed or dual-roled (your primary job + security) security professionals within a Small or Medium Business (SMB) or similar sized organization. \nSMBs and organizations face unique challenges in Information Security yet are often presented with solutions that may be out of reach due to cost\, time\, and staffing. We believe Information Security should be accessible and achievable by any organization\, regardless of their size. \nThis course will walk the student through real-world examples\, demonstrating how to prevent and defend against these threats\, utilizing widely adopted frameworks\, while focusing on simpler and more affordable solutions. \nThe course includes a virtual machine image for hands-on exercises that will contain tools that participants may utilize in their environments after the class.
URL:https://www.blackhillsinfosec.com/event/enterprise-security-for-all-w-bob-hewitt-rich-fifarek/2022-08-29/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/Enterprise-Security-for-All-w_-Rich-Fifarik-Bob-Hewitt-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220829T110000
DTEND;TZID=America/New_York:20220829T160000
DTSTAMP:20260404T061005
CREATED:20220719T221554Z
LAST-MODIFIED:20220719T221636Z
UID:10000782-1661770800-1661788800@www.blackhillsinfosec.com
SUMMARY:Advanced Endpoint Investigations w/ Alissa Torres
DESCRIPTION:For most security teams\, high operational tempo (measured in dumpster fire lumens) incentivizes analysts to stick to well-tailored playbooks that prioritize remediation at the expense of proper incident scoping and root cause analysis. Though modern endpoint security products have significantly improved host visibility\, most critical incidents will require the acquisition and analysis of additional endpoint data. This course focuses on four core investigative competencies: endpoint data collection\, investigative triage\, incident response pivots\, and root cause analysis. \nAfter learning about key endpoint artifact and memory analysis techniques for Windows and Linux\, attendees will work through real-world scenarios in hands-on labs. We’ll pivot from initial detection into host triage analysis to discern attackers’ discovery\, defense evasion and lateral movement techniques. Attendees will learn to identify key indicators for the generation of high-fidelity detections. \n\n\n\nhttps://www.antisyphontraining.com/advanced-endpoint-investigations-w-alissa-torres/
URL:https://www.blackhillsinfosec.com/event/advanced-endpoint-investigations-w-alissa-torres-2/2022-08-29/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/advanced-endpoint-investigations-graphic-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220829T080000
DTEND;TZID=America/New_York:20220829T140000
DTSTAMP:20260404T061005
CREATED:20220719T221156Z
LAST-MODIFIED:20230209T223825Z
UID:10000940-1661760000-1661781600@www.blackhillsinfosec.com
SUMMARY:Active Defense & Cyber Deception w/ John Strand
DESCRIPTION:Register: https://www.antisyphontraining.com/active-defense-cyber-deception-w-john-strand/ \nActive Defenses have been capturing a large amount of attention in the media lately. There are those who thirst for vengeance and want to directly attack the attackers. There are those who believe that any sort of active response directed at an attacker is wrong. We believe the answer is somewhere in between. \nIn this class\, you will learn how to force an attacker to take more moves to attack your network. These moves may increase your ability to detect them. You will learn how to gain better attribution as to who is attacking you and why. You will also find out how to get access to a bad guy’s system. And most importantly\, you will find out how to do the above legally. \nThe current threat landscape is shifting. Traditional defenses are failing us. We need to develop new strategies to defend ourselves. Even more importantly\, we need to better understand who is attacking us and why. Some of the things we talk about you may implement immediately\, others may take you a while to implement. Either way\, consider what we discuss as a collection of tools at your disposal when you need them to annoy attackers\, attribute who is attacking you\, and finally\, attack the attackers. \nThis class is based on the DARPA funded Active Defense Harbinger Distribution live Linux environment. This VM is built from the ground up for defenders to quickly implement Active Defenses in their environments. This class is also very heavy with hands-on labs. We will not just talk about Active Defenses. We will be doing hands-on labs and through them in a way that can be quickly and easily implemented in your environment.
URL:https://www.blackhillsinfosec.com/event/active-defense-cyber-deception-w-john-strand/2022-08-29/
CATEGORIES:Pay What You Can,Training
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/ActDefCybDecept_1920x1080.jpg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220827T090000
DTEND;TZID=America/New_York:20220827T170000
DTSTAMP:20260404T061005
CREATED:20220822T212717Z
LAST-MODIFIED:20220822T214139Z
UID:10000706-1661590800-1661619600@www.blackhillsinfosec.com
SUMMARY:BSides Atlanta
DESCRIPTION:
URL:https://www.blackhillsinfosec.com/event/bsides-atlanta/
LOCATION:Kennesaw University\, 1000 Chastain Rd NW\, Kennesaw\, GA\, 30144\, United States
CATEGORIES:Conference
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/08/bsidesatl-light-rgb.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220826T170000
DTEND;TZID=America/New_York:20220826T190000
DTSTAMP:20260404T061005
CREATED:20220822T212321Z
LAST-MODIFIED:20220822T212357Z
UID:10000705-1661533200-1661540400@www.blackhillsinfosec.com
SUMMARY:Atlanta Infosec Meet-Up
DESCRIPTION:Hi friends! \nThe Black Hills Team is in town for BSides Atlanta on Saturday\, August 27th\, and we would love to catch up with you the Friday before! \nIf you’d like to hang out with us\, hang out with each other\, and pick up some cool swag\, RSVP so we’ll know how to plan.
URL:https://www.blackhillsinfosec.com/event/atlanta-infosec-meet-up/
LOCATION:Ponce City Market\, 675 Ponce De Leon Ave.\, Atlanta\, GA\, 30308\, United States
CATEGORIES:Meet-up
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/08/Screen-Shot-2022-08-22-at-4.23.04-PM.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220826T120000
DTEND;TZID=America/New_York:20220826T160000
DTSTAMP:20260404T061005
CREATED:20220715T165308Z
LAST-MODIFIED:20220715T165609Z
UID:10000676-1661515200-1661529600@www.blackhillsinfosec.com
SUMMARY:Enterprise Attack Initial Access w/ Steve Borosh
DESCRIPTION:https://www.antisyphontraining.com/enterprise-attack-initial-access-w-steve-borosh/
URL:https://www.blackhillsinfosec.com/event/enterprise-attack-initial-access-w-steve-borosh/2022-08-26/
CATEGORIES:Training
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220826T120000
DTEND;TZID=America/New_York:20220826T160000
DTSTAMP:20260404T061005
CREATED:20220628T211918Z
LAST-MODIFIED:20220719T220333Z
UID:10000645-1661515200-1661529600@www.blackhillsinfosec.com
SUMMARY:Operation Purple w/Tim Schulz
DESCRIPTION:Ever wondered how purple teaming can supercharge your cyber capability? In this 16-hour\, hands-on course\, attendees will learn the balance between threat understanding and detection understanding to run their own purple team exercises. Attendees will start by learning the underlying methodologies that make purple teaming successful and metrics for success before diving into leveraging the ATT&CK framework to create threat informed emulation plans. Once attendees have successfully built plans\, they can leverage tools like SCYTHE or the Slingshot C2 VM to automate the emulation process. Finally\, attendees will learn to identify and build detections to their emulated attacks. \n\n\n\nhttps://www.antisyphontraining.com/operation-purple-w-tim-schulz/
URL:https://www.blackhillsinfosec.com/event/operation-purple-w-tim-schulz/2022-08-26/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Operation-Purple-Placeholder-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220826T120000
DTEND;TZID=America/New_York:20220826T160000
DTSTAMP:20260404T061005
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000585-1661515200-1661529600@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-08-26/2/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220826T080000
DTEND;TZID=America/New_York:20220826T170000
DTSTAMP:20260404T061005
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000849-1661500800-1661533200@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-08-26/1/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220825T130000
DTEND;TZID=America/New_York:20220825T140000
DTSTAMP:20260404T061005
CREATED:20220715T162706Z
LAST-MODIFIED:20220715T164104Z
UID:10000668-1661432400-1661436000@www.blackhillsinfosec.com
SUMMARY:ACM Webcast: Cyber Deception in AC-Hunter | Logan Lembke | 1-Hour
DESCRIPTION:Thursday\, August 25\, 2022 – 1 pm (UTC -4) \nRegister: https://zoom.us/webinar/register/WN_Nwx4p22dT_-SuGekLdjExQ \nCyber Deception is a strategy used to attract cyber criminals away from an enterprise’s true assets and divert them to a monitored decoy. \nIn version 6.0 of AC-Hunter\, we added a Cyber Deception module. This module allows for the creation and monitoring of two types of canary tokens. File-access tokens will generate an alert when a designated file has been accessed. User-access tokens will generate an alert when an authentication attempt is made against a monitored user\, or a Kerberos ticket is requested for that user. \nIn this webcast\, AC-Hunter developer Logan Lembke will explain why we added this module to AC-Hunter and show you how it works. \nJoin our Threat Hunter Community Discord Server to join in on the conversation during and after the webcast: https://discord.gg/threathunter
URL:https://www.blackhillsinfosec.com/event/acm-webcast-cyber-deception-in-ac-hunter-logan-lembke-1-hour/
CATEGORIES:BHIS Webcast
ATTACH;FMTTYPE=image/jpeg:https://www.blackhillsinfosec.com/wp-content/uploads/2018/11/logan.jpg
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220825T120000
DTEND;TZID=America/New_York:20220825T160000
DTSTAMP:20260404T061005
CREATED:20220719T220809Z
LAST-MODIFIED:20220719T220809Z
UID:10000679-1661428800-1661443200@www.blackhillsinfosec.com
SUMMARY:OWASP TOP 10 w/ Kevin Johnson
DESCRIPTION:Since 2003\, OWASP has released the Top 10 Most Critical Web Application Security Risks list. It has been the basis of much development and consternation\, but do you really understand what each of these issues and their corresponding controls mean? As a developer\, do you know how to prevent these issues? As a security professional\, do you truly know what they are and how to evaluate their effectiveness? \nIn this course\, Secure Ideas will walk attendees through the various items in the latest OWASP Top 10 and corresponding controls. Students will leverage modern applications to explore how the vulnerabilities work and how to find them in their own applications. \nhttps://www.antisyphontraining.com/owasp-top-10/
URL:https://www.blackhillsinfosec.com/event/owasp-top-10-w-kevin-johnson/2022-08-25/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/OWASP_Top_10-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220825T120000
DTEND;TZID=America/New_York:20220825T160000
DTSTAMP:20260404T061005
CREATED:20220715T165308Z
LAST-MODIFIED:20220715T165609Z
UID:10000675-1661428800-1661443200@www.blackhillsinfosec.com
SUMMARY:Enterprise Attack Initial Access w/ Steve Borosh
DESCRIPTION:https://www.antisyphontraining.com/enterprise-attack-initial-access-w-steve-borosh/
URL:https://www.blackhillsinfosec.com/event/enterprise-attack-initial-access-w-steve-borosh/2022-08-25/
CATEGORIES:Training
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220825T120000
DTEND;TZID=America/New_York:20220825T160000
DTSTAMP:20260404T061005
CREATED:20220628T211918Z
LAST-MODIFIED:20220719T220333Z
UID:10000644-1661428800-1661443200@www.blackhillsinfosec.com
SUMMARY:Operation Purple w/Tim Schulz
DESCRIPTION:Ever wondered how purple teaming can supercharge your cyber capability? In this 16-hour\, hands-on course\, attendees will learn the balance between threat understanding and detection understanding to run their own purple team exercises. Attendees will start by learning the underlying methodologies that make purple teaming successful and metrics for success before diving into leveraging the ATT&CK framework to create threat informed emulation plans. Once attendees have successfully built plans\, they can leverage tools like SCYTHE or the Slingshot C2 VM to automate the emulation process. Finally\, attendees will learn to identify and build detections to their emulated attacks. \n\n\n\nhttps://www.antisyphontraining.com/operation-purple-w-tim-schulz/
URL:https://www.blackhillsinfosec.com/event/operation-purple-w-tim-schulz/2022-08-25/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Operation-Purple-Placeholder-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220825T120000
DTEND;TZID=America/New_York:20220825T160000
DTSTAMP:20260404T061005
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000584-1661428800-1661443200@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-08-25/2/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220825T080000
DTEND;TZID=America/New_York:20220825T170000
DTSTAMP:20260404T061005
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000848-1661414400-1661446800@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-08-25/1/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220824T163000
DTEND;TZID=America/New_York:20220824T173000
DTSTAMP:20260404T061005
CREATED:20220624T204221Z
LAST-MODIFIED:20220920T184909Z
UID:10000469-1661358600-1661362200@www.blackhillsinfosec.com
SUMMARY:AASLR: Antisyphon Address Space Layout Randomization
DESCRIPTION:AASLR will have infosec professionals sharing their knowledge on tools\, techniques\, and procedures and then answering a lot of your questions on everything you can think to ask. \nStreamed live every Tuesday and Wednesday @ 4:30 pm. \nhttps://www.twitch.tv/antisyphon
URL:https://www.blackhillsinfosec.com/event/aaslr-antisyphon-address-space-layout-randomization/2022-08-24/
CATEGORIES:Livestream
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/antisyphon_livestream_v1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220824T120000
DTEND;TZID=America/New_York:20220824T160000
DTSTAMP:20260404T061005
CREATED:20220719T220809Z
LAST-MODIFIED:20220719T220809Z
UID:10000678-1661342400-1661356800@www.blackhillsinfosec.com
SUMMARY:OWASP TOP 10 w/ Kevin Johnson
DESCRIPTION:Since 2003\, OWASP has released the Top 10 Most Critical Web Application Security Risks list. It has been the basis of much development and consternation\, but do you really understand what each of these issues and their corresponding controls mean? As a developer\, do you know how to prevent these issues? As a security professional\, do you truly know what they are and how to evaluate their effectiveness? \nIn this course\, Secure Ideas will walk attendees through the various items in the latest OWASP Top 10 and corresponding controls. Students will leverage modern applications to explore how the vulnerabilities work and how to find them in their own applications. \nhttps://www.antisyphontraining.com/owasp-top-10/
URL:https://www.blackhillsinfosec.com/event/owasp-top-10-w-kevin-johnson/2022-08-24/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/07/OWASP_Top_10-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220824T120000
DTEND;TZID=America/New_York:20220824T160000
DTSTAMP:20260404T061005
CREATED:20220715T165308Z
LAST-MODIFIED:20220715T165609Z
UID:10000674-1661342400-1661356800@www.blackhillsinfosec.com
SUMMARY:Enterprise Attack Initial Access w/ Steve Borosh
DESCRIPTION:https://www.antisyphontraining.com/enterprise-attack-initial-access-w-steve-borosh/
URL:https://www.blackhillsinfosec.com/event/enterprise-attack-initial-access-w-steve-borosh/2022-08-24/
CATEGORIES:Training
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220824T120000
DTEND;TZID=America/New_York:20220824T160000
DTSTAMP:20260404T061005
CREATED:20220628T211918Z
LAST-MODIFIED:20220719T220333Z
UID:10000643-1661342400-1661356800@www.blackhillsinfosec.com
SUMMARY:Operation Purple w/Tim Schulz
DESCRIPTION:Ever wondered how purple teaming can supercharge your cyber capability? In this 16-hour\, hands-on course\, attendees will learn the balance between threat understanding and detection understanding to run their own purple team exercises. Attendees will start by learning the underlying methodologies that make purple teaming successful and metrics for success before diving into leveraging the ATT&CK framework to create threat informed emulation plans. Once attendees have successfully built plans\, they can leverage tools like SCYTHE or the Slingshot C2 VM to automate the emulation process. Finally\, attendees will learn to identify and build detections to their emulated attacks. \n\n\n\nhttps://www.antisyphontraining.com/operation-purple-w-tim-schulz/
URL:https://www.blackhillsinfosec.com/event/operation-purple-w-tim-schulz/2022-08-24/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/Operation-Purple-Placeholder-1536x864-1.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220824T120000
DTEND;TZID=America/New_York:20220824T160000
DTSTAMP:20260404T061005
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000583-1661342400-1661356800@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-08-24/2/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20220824T080000
DTEND;TZID=America/New_York:20220824T170000
DTSTAMP:20260404T061005
CREATED:20220627T205029Z
LAST-MODIFIED:20230209T184749Z
UID:10000847-1661328000-1661360400@www.blackhillsinfosec.com
SUMMARY:HackerOps w/ Ralph May
DESCRIPTION:To conduct an advanced attack\, you need more than just a collection of simple scripts. In addition to talent\, you need a large amount of managed and unmanaged code. The more code and resources that are required to conduct an engagement\, the more time we need. Time is something we don’t have a lot of on an engagement. \nToday\, to be an advanced and effective attacker\, you need to move fast\, and that speed requires a move to a DevOps style of managing infrastructure and code. With cloud resources and APIs to manage these resources\, the days of manual setup are long behind us. \nWhere do we get started? And how does it all work? \nIn this training\, we learn the fundamentals of DevOps and how we can code our TTPs. Coding TTPs allows for new tactics and improved OPSEC to be shared without the cost of knowledge transfer and manual setup. This class will introduce students to Terraform Ansible and Docker with the goal of writing TTPs to use and share. \nIn this class\, we will learn the fundamentals of Terraform Ansible and Docker with an emphasis on how we can use these tools to code our TTPs. After we have the fundamentals\, we will start coding and get comfortable with YAML and will review how to create resources and customize TTPs. Lastly\, we will work through multiple labs and examples that you can take with you for your next engagement. \nhttps://www.antisyphontraining.com/hackerops-w-ralph-may/
URL:https://www.blackhillsinfosec.com/event/hackerops/2022-08-24/1/
CATEGORIES:Training
ATTACH;FMTTYPE=image/png:https://www.blackhillsinfosec.com/wp-content/uploads/2022/06/hackerops-Training-Graphics.png
END:VEVENT
END:VCALENDAR