Texas Cyber Summit II

Intro to Nmap Description:  Have you heard of Nmap but don’t really know where to start?  Maybe you have run a few scans but don’t feel like you know what you are doing?  Have you been told Nmap is the tool you need, but you don’t understand how or why?  Nmap 101 is here to help you. We will start from the installation (quick), to the first run of Nmap, to more complex scans, output, fingerprinting, Nmap scripts, and more.  This is the perfect place to get started or to understand better why Nmap can do what it is doing.

Pentesting or ethical hacking as it is more commonly known has become a much sought-after job by people in IT, InfoSec, or those just trying to get into the industry. In this presentation, Phillip Wylie shares the blueprint for becoming a pentester. The presentation combines Phillip’s experience as a pentester and ethical hacking instructor to give attendees a guide on how to pursue a career as a pentester. Phillip shares what has worked for his students and people that he has mentored over his years as a pentester. This presentation covers the knowledge and skills needed to become a pentester as well as the steps to achieve them.
There is another class at 11:00am PT-1012 if this one fills up.

High level introduction to Information Security and its broad base of roles.  This course will discuss ways to look at Information Security for those who want to get into the industry or options for those looking to make a change from one type of role into another.  We will be talking about how in many organizations there are many roles that touch on Information Security that may not be labeled as so, as well as how to you prior experience outside of Information Security to move into a Information Security role.

This will be a hands-on workshop exploring various Docker related
security issues. For each topic covered, attendees will learn about its
root cause, its impact, and the steps to remediate. A number of issues
will have the opportunity for hands-on exercises to practice
exploitation and detection techniques. The workshop is primarily aimed
at those starting off in Docker security. Topics discussed will include
various methods for breaking out of containers, generic security
guidance for images / running containers, and general tips and useful
network techniques within containerised and orchestration environments.

Prior docker knowledge is not a strict requirement, however, some
familiarity with Docker concepts would be beneficial.

The ABC’s of CTF’s will teach the terminology used in InfoSec/Cyber Security CTF’s at a high level. This includes the Type of CTF’s and the tools for basic operations.
Goals

1. Talk terminology Technology, and learning, 
2. Teach how to capture the flag 
3. Capture all the flags!!

Forward 
if you have never done or attended a CTF event before, it is ok, stay calm, dig in, hack, and learn. This is the exact process Hackers, Pentesters and Red Temers use to infiltrate, exploit and egress data or conduct offensive security assessments. If this is your first one EVER try and find a team, or work with experienced CTF’ers. If you can't find this its OK. Sit, dig in,  hack, abd learn. It is important to keep that mantra in mind. 
It is my experience, the InfoSec community is open, and  willing to share their knowledge with anyone interested. Social media, and IRL mentors are great ways to connect, learn and find people with similar interests. Always good to learn and teach to keep the flow of knowledge, even if you don’t think what you know has value, i promise you I want to know what you know, come teach me!

Workshop description:
New to CTFS? Always wanted to try but felt you were to "new"? Join us for Prevade's Cyber Wargame where you can experience the CTF with support and guidance of a community of mentors.Prevade's patent-pending cyber wargaming platform is comprised of ten subject domains, ten levels of difficulty, and more than fifty modules hosted in an on-demand, web-accessible, and dedicated tenancy cloud environment. Accessible from any device with a web browser and Internet connection, Metaform™ provides a unique, immersive, and hands-on experience using innovative gamification concepts and interfaces.

As a blue teamer or threat hunter, how many times have you been told to go “find evil”? How many times have you been expected to search for every adversary tactic until you MAYBE find the bad guy? NO MORE! This talk will examine what threat intelligence is and how it can be used to better inform defenders on prioritizing which bad guys to look for first.
Now when most people hear “threat intelligence” they have the same reaction as to hearing “blockchain”, “artificial intelligence”, or “synergistic management solutions”. It’s unfortunately true that threat intelligence has become a buzzword in the cyber security field. So how do we turn this buzzword into something that can be put into practice? Lucky for you, this very question will be answered here! You will see the process of discovering which specific adversaries are targeting your organization, all the way down to finding the tactics, techniques, and procedures the bad guys use to steal your data. Finally, we will close with a scenario-based story time, walking you through an example of how this threat intelligence process can be used in your organization’s regular hunt operations.