SAINTCON Trainings

Active Directory: Elevate your Domain Security

Title: Active Directory: Elevate your Domain Security
Type: 480 minute training (8 hour)
Price: $450.00

Description: 
Training Part 1: Students will participate in a dedicated Active Directory network to penetrate the domain. During this session, students will use red team tools like Mimikatz and Bloodhound, techniques such as Kerberoast and DCSync, and go through the steps of a penetration assessment. All tools will be run through a Windows VM. To wrap up the assessment, students will help report on issues found in the environment that can be addressed in part 2.

Students will need a basic background in Windows and network infrastructure as well as some command-line experience (both cmd and PowerShell). Please bring a laptop with a hypervisor installed and capable of running a Windows Server (2019 or above) VM. It is preferred if you have a base Windows VM already installed that can be joined to the Active Directory environment during the training. Please visit https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2022 to download an evaluation copy of Windows Server 2022, if needed.

Training Part 2: Students will participate in a dedicated Active Directory network that has undergone a recent penetration assessment. Based on the results of the assessment, students will implement improvements to the Active Directory domain and test if their actions improve their domain security. Most improvements will be deployed using Group Policy. Some additional tools and discussions for assessing/improving security of the domain will include PingCastle, Purple Knight, Bloodhound, NetCease, and privileged account separation.

Students will use the Windows Server VM from part 1 of the training to test our remediation actions.

Trainer #1 Name: Jim Shakespear
Trainer #1 Title: Director of IT Security, Southern Utah University
Trainer #1 Bio:
I’ve been a member of SAINT since 2012, since I started full-time at Southern Utah University. I’ve had various roles in our IT department, and currently head cybersecurity initiatives.

AI Red Teaming Made Simple

Title: AI Red Teaming Made Simple
Type: 240 minute training (4 hour)
Price: $225.00

Description: 
Dive into the essentials of Red Teaming for Large Language Model (LLM) powered applications in this introductory training! We’ll journey through a spectrum of offensive strategies, starting with foundational manual tactics and heavily focusing on more sophisticated automated testing using Promptfoo’s Red Teaming framework.  

We’ll work together through hands-on practice where you’ll test your skills against a variety of AI applications. You’ll learn and deploy multiple strategies and tactics for repeatable prompt injection, jailbreaking, crafting multi-turn attacks, and much more, ensuring you leave with practical, actionable knowledge.

Come learn how to leverage AI to test your AI!

Trainer #1 Name: Bryson Loughmiller
Trainer #1 Title: Principal Platform Security Architect @ Entrata
Trainer #1 Bio:
Bryson Loughmiller has been “doing security” for nearly a decade now.

He has had broad experience being an IC and manager across SecOps, AWS Security, Application Security, IT Security, and Incident Response. In the past year he has most recently enjoyed diving into AI Red Teaming and AI Guardrails.

In his free time he can be found taking pictures, playing instruments, producing music, camping, building unnecessary creations, traveling, finding cool rocks and neat hidden locations, or relentlessly collecting as many hobbies as possible like a madman.

Astute AWS/Azure/GCP Cloud Red Team: It’s Raining Shells!

Title: Astute AWS/Azure/GCP Cloud Red Team: It’s Raining Shells!
Type: 480 minute training (8 hour)
Price: $450.00

Description: 
Master cloud security in AWS, Azure, and GCP with this intensive, practical course. Participants will learn advanced infiltration and access expansion strategies, focusing on essential Tactics, Techniques, and Procedures (TTPs) for navigating complex cloud environments.

In this course participants will:

• Exploit serverless (e.g. Lambda, Azure Functions) applications for initial access into targets.
• Pivot between data and control planes to expand access (e.g. collecting secrets, snapshots)
• Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain undetected.
• Breach and backdoor boundaries (e.g. VPCs) to access hard to reach systems.
• Expanding access within Kubernetes (K8s) envs (e.g. GCP bypass of metadata protections)

Compete throughout the course in our hands-on Capture the Flag (CTF) tournament to earn an electronic (mini) badge!

Trainer #1 Name: Aaron Haymore
Trainer #1 Title: UltraViolet Cyber – Cloud Security Training Specialist
Trainer #1 Bio: 
Aaron is a seasoned cybersecurity professional with over 5 years of diverse industry experience. His expertise spans cloud security and consulting, cybersecurity research, 0-day vulnerability disclosure coordination, SOC analysis and engineering, as well as penetration testing and red teaming. Currently specializing in Cloud Security and Consulting, Aaron brings a wealth of knowledge to his projects. Additionally, he serves as a professor at Ensign College, where he designed and teaches an advanced penetration testing course, effectively bridging the gap between industry expertise and academic instruction.

Complete Intro to Pentesting: WebApps, External, & Internal Networks

Title: Complete Intro to Pentesting: WebApps, External and Internal Networks
Type: 480 minute training (8 hour)
Price: $450.00

Description: 
Delve into the mechanics of the full breadth of penetration testing. This intensive course will equip you with the knowledge and skills to perform cloud, external and internal network testing, including Active Directory as well as master web application attacks using Burpsuite. Crafted for anyone with a passion for cybersecurity, this hands-on training promises a practical approach to explore the multifaceted aspects of penetration testing and its potential to detect security vulnerabilities in networks and web applications.

In this course you will learn:

• The ethical hacking process using the Penetration Testing Execution Standard (PTES) framework
• Techniques for internal and external network penetration testing
• Cloud penetration testing
• Web application testing methodologies and tools
• Mastering Burpsuite for effective web application security assessments
• Utilizing additional tools like nuclei, nikto, openvas, and sqlmap
• Real-world exploitation techniques and post-exploitation strategies

Trainer #1 Name: Nathan Smith
Trainer #1 Title: A little bit of it all
Trainer #1 Bio: 
Been doing web application testing for a number of years and is now the Sr. Manager of Information Security for a company. He enjoys both sides of red and blue teaming. When not doing that he loves getting outdoors with his family.

Trainer #2 Name: Carl Bechie
Trainer #2 Title: Smashing edge cases for fun and profit
Trainer #2 Bio: 
Offensive security professional with a passion for technology. Carl has been a principal penetration tester on engagements of all sizes and environments. He enjoys learning something new every day and thrives on turning curiosity into capability. With a background spanning IT, software development, and vulnerability management, he brings a well-rounded perspective to every assessment. Outside of cybersecurity, he enjoys spending his free time with his family and staying involved in his local tech community.

From Zero Trust to Trusted Advisor: Social Engineering Your Way to Better Security

Title: From Zero Trust to Trusted Advisor: Social Engineering Your Way to Better Security
Type: 240 minute training (4 hour)
Price: $225.00

Description: 
You’ve identified the vulnerability, tested the exploit, and written the report. But they just don’t see the urgency. Now what? This 4-hour, hands-on workshop bridges the gap between technical mastery and boardroom influence. We’ll move beyond simply reporting risks to crafting compelling narratives, quantifying value, and building the relationships necessary to drive meaningful security improvements.

We’ll delve into the psychology of decision-making, explore adversarial communication tactics (used against you), and arm you with practical strategies to become a trusted advisor who can effectively advocate for security and get things done.

Trainer #1 Name: Glen Sorensen
Trainer #1 Title: vCISO, Managing Director, and Oftentimes Troublemaker
Trainer #1 Bio:
Glen Sorensen is a Virtual Chief Information Security Officer (vCISO) and Managing Director with Cyber Risk Opportunities. He has worn numerous hats in his career, in areas such as security engineering and architecture, security operations, GRC, and leadership. He has held a variety of roles as an analyst, engineer, consultant, auditor, regulator, and information security officer for a financial institution.

Glen approaches problems with practical solutions that bring good business value and has worked across many sectors, including financial services, healthcare, manufacturing, and others. He has served as a consulting expert in a large legal case involving healthcare and cyber attack detection technology. He has been in IT and security for 15+ years, longer if you count years of misspent youth bending technology and countless hours of roleplaying games. He is a sucker for a good tabletop exercise and serves as an Incident Master for HackBack Gaming, the fun kind of TTX.

Trainer #2 Name: Daniela Parker
Trainer #2 Title: Coach & Consultant
Trainer #2 Bio:
Daniela Parker is a risk and resilience professional with 20+ years of experience in the financial services industry. As the founder of Parker Solutions, she helps organizations navigate uncertainty and build resilience. Daniela brings a unique blend of deep risk management expertise and operational know-how, gained from leadership roles (including CRO and COO) at multiple credit unions.

She holds a Master’s in Business Continuity, Risk, and Security from Boston University and is a Certified Business Continuity Professional (DRI). Daniela is passionate about helping organizations identify vulnerabilities, strengthen their response capabilities, and create a culture of preparedness.

Network Threat Hunting With Zeek and Suricata

Title: Network Threat Hunting With Zeek and Suricata
Type: 480 minute training (8 hour)
Price: $450.00

Description:
Join our Network Threat Hunting Training to dive into proactive cybersecurity. We’ll cover the essentials of threat hunting, exploring key concepts and methodologies. Through real-world use cases and hands-on labs, you’ll learn to identify suspicious network traffic. The practical session will let you apply these skills in a simulated environment using open-source tools like Zeek and Suricata in an enterprise SIEM. Bring a laptop and your curiosity!

Trainer #1 Name: Mark Overholser
Trainer #1 Title: Corelight TME + Threat Hunter
Trainer #1 Bio:
Mark is a Silicon Valley tech veteran with over ten years of experience. Since the spring of 2023, he has also been a threat hunter in the Black Hat conference Network Operations Center, participating in three Black Hat conferences globally each year. His professional background includes roles as a Threat Hunter, Security Engineer, Incident Responder, and Information Security Team Lead for a multi-billion-dollar enterprise.

Trainer #2 Name: Jason Wood
Trainer #2 Title: Corelight TME and InfoSec Podcaster
Trainer #2 Bio:
Jason Wood is a TME at Corelight and a cohost of the Enterprise Security Weekly News podcast. His work focuses on finding new ways to hunt threat actors and disrupt their operations. His experience has encompassed threat hunting, penetration testing, security operations, and technical operations.

Satellite Hacking Made Simple

Title: Satellite Hacking Made Simple
Type: 480 minute training (8 hour)
Price: $450.00

Description:
Sure, maybe you’ve hacked the planet, but how about hacking off planet!? The final frontier has been designated as critical infrastructure. Satellites and other space systems are an integral part of our daily lives from navigation to communications, financial transactions, and national security. Cybersecurity for these assets is environmentally and operationally constrained in ways unfamiliar to most practitioners. What better way to gain an appreciation for the challenges of cybersecurity in space and an understanding of how attackers will behave against this attack surface than exploiting it yourself?

Things you’ll learn about:

• Operational and environmental constraints of the space domain
• Operating & attacking space systems
• Cybersecurity for space
• State of the space industry
• Adversarial tradecraft & satellite vulnerabilities
• Attack mapping with SPARTA

Things you’ll do:

• Fly and operate a simulated satellite
• Be a malicious insider threat
• Develop tradecraft in space system environments
• Learn how to hide malicious activity on space systems
• Hack space systems

Trainer #1 Name: Michael Butler
Trainer #1 Title: President – Final Frontier Security
Trainer #1 Bio: 
Michael Butler is the founder and president of Final Frontier Security. He has worked in the offensive security field for 15 years which includes time working for the US Army, NSA, Cyber command, and several commercial cyber security companies. He has taught at the NSA, Black Hat, Saintcon, and various BSides conferences. His specialty is hacking cloud environments (AWS, Azure, and GCP) and has developed and provided advanced training on these topics.

Trainer #2 Name: Jacob Oakley
Trainer #2 Title: PhD
Trainer #2 Bio: 
Jacob Oakley, PhD, DSc, is a cybersecurity professional and author with 17 years of experience. A foremost expert on offensive cybersecurity, cyber warfare, and space system cybersecurity, he has advised Department of Defense (DoD) and Fortune 500 executives on strategic mitigation of risks and threats to globally distributed, multi-domain network architectures. He is an adjunct professor at Embry-Riddle Aeronautical University, writing and teaching courses on cybersecurity for space and is the Space Segment Vice Chair for the IEEE Space System Cybersecurity Standards Working Group.