The fun and cheap way to earn CEU'sInstead of paying way too much to listen to some guy in a suit try and sell you something, you can pay just a few bucks to hear actual programmers and hackers talk about the unfiltered side of Cybersecurity.
Instead of trying to think of questions that will expose the salesperson as a fraud, you can have
interesting exchanges with people that have actually gained access to high security facilities.
BSides Huntsville is the conference for those that work in the trenches of Cybersecurity. This is the
opportunity for you to engage in fierce discussions about the next big ideas or the worst product you've
ever seen, but in a friendly and informal setting.
BSides Huntsville presented by NAC-ISSA! This will be BSides's 7th year in the Rocket City and we intend to make it a great virtual event. All the BSides volunteers are working hard to put together an educational and exceptional virtual experience. Virtual meeting expands the possibility to include more training, workshops, talks, capture the flag, or moderated panels. All provided at an unbeatable price. So if you are just getting started, trying to level up or are already a mad scientist of Cyber Security looking for the next project, go ahead and grab your ticket, there is a hard limit and once they are gone there will be no more. Keep an eye on the site and your email after you grab a ticket, we will be updating the agenda, and you don't want to miss out on any special offerings we will post up here 1st.Training day is February 5th, Showtime is February 6th! Cyber Security companies and organizations, do you want to get the word out in the Huntsville area? We will have a few hundred dedicated highly motivated technical experts all converging in one spot for a few hours. They all want to learn, and you want them to learn about your products and capabilities. We have limited availability for sponsorships on a first come basis. We will also post your logo right on the BSides page so every ticket holder and agenda viewer will see it. So reserve today we have limited sponsorships available. Submit questions to firstname.lastname@example.org.Have an exciting project? Want to share your ideas for cyber security, but you've never spoken before? No problem. Besure to ask for a "speaker mentor" when you submit to our call for papers here: Submit Paper
Secure Coding Tournament Added Provided by Secure Code Warrior
Date & Time: Saturday February 6th, 10:00am CST - 3:45pm CST
We’ve partnered with Secure Code Warrior to bring you a defensive security-based tournament from a developer's perspective. The tournament allows you to test your skill against the other participants in a series of vulnerable code challenges that ask you to identify a problem, locate insecure code, and fix a vulnerability.
The tournament is run virtually so you can join through your laptop from the most convenient location and time. It should take only a few hours, drop-in as you see fit during the duration of the event to complete all the challenges and win prizes!
The Secure Code Warrior platform will be open before and after the tournament, so feel free to practice in the “Training” tab.
Monitor the live leaderboard to see how you're performing!
Please note: You must register at the link above in order to play.
Capture the Flag Added
Join Trend Micro’s security experts on February 6th for a hands-on learning experience as you navigate a simulated cyberattack in real-time. Learn to “think like a hacker” and respond to and defend valuable assets. Whether you are a novice or a skilled security professional, this experience has something for everyone.
Compete individually or in teams alongside your peers to run cyberattacks in a controlled environment. Premium prizes will be given to the individual or team with the most email@example.com.
Join this action-packed session and learn to:
- Understand the tools and techniques used by hackers
- Identify infrastructure security gaps
- Plan and implement security measures
- Sign up for free when you get your BSides Ticket
Get ready to bring your best game!
5th - 6th
300 Tickets Only
Stay in touch with this area to see all the speakers and events to do at BSides 2021! Be on the look out for extra event activities as more is being added all the time.
Workshop Overview: In this workshop you will learn system hacking, following this you will learn how to hack and assess web applications. Once you have practiced these hacks, you will learn attacks that target wireless devices as well as mobile devices. You will be introduced to techniques to identify the attack surface and then the vectors for attack depending on the device(s) encountered.
This is a condensed version of our 3 day Professionally Evil Network Test (PENT) class; a hands-on course that teaches attendees a robust methodology for network penetration testing and an introduction to the tools and processes used to test networks. Students will walk through the phases of Reconnaissance, Mapping, Discovery, Exploitation, and Post-Exploitation with demonstrations of various tools and tactics used in each phase. The course is heavily focused on hands-on labs so that attendees have the opportunity to actually use common tools and techniques. By the end of the training, students will understand the structure of a penetration test and have the experience necessary to begin practicing the demonstrated toolsets.
Professionally Evil Application Security class (3-4 hours) taught by Ochaun Marshall
The Professionally Evil Application Security (PEAS) course is designed to teach developers, IT professionals, and penetration testers of all skill levels. This course focuses on the techniques used to assess and exploit applications; including web and mobile applications, APIs, and HTTP-based systems. We combine these techniques with explanations of the risks exposed and defenses required to improve the security of your organization.
The course uses a large number of hands-on exercises to reinforce the techniques and understanding an attendee will gain so that they benefit on the very first day back to work. The course focuses on manual techniques for discovery and exploitation while teaching an industry-standard methodology of reconnaissance, mapping, discovery, and exploitation. This methodology provides a comprehensive standard for assessing applications and APIs. This is also a condensed version of our normal 3 day class.
Introduction to People OSINT/Missing People Powered by The OSINTION
This course, taught by a member of the winning team at the DEFCON 28 OSINT Search party, is designed to hone specifically in on the processes and tools used to perform "People OSINT" in situations where investigators are seeking to find missing people, some of which do not want to be found. This focuses on validating the information discovered and using it to pivot to valuable information, in both a CTF setting (such as Trace Labs' CTFs -https://www.tracelabs.org/getinvolved/ctf/) and law enforcement.
In brief, this course covers the following:
OSINT Processes and Cycles
A simulated CTF where the class collaboratively works to try to find an actual missing person (The primary reason that this course is not ever recorded)