44CON CYBER SECURITY 2015 Workshops

Breaking In: How to hack your way to a Cybersecurity career, and how to hack it if you already have one

Presented By: Steve Lord

Many people on the red side of the information security fence look at systems all the time and break them. When you walk into a room you’re checking for exits and CCTV cameras. When you get a router or a new digibox from your ISP,  you’re sat there wondering what else it does and whether or not you want it on your network. We apply our mindset to most things except people, including ourselves because we’re trained to hack systems.

People are a system. You are a system. Your career is a system.

Whether you’re starting out or a seasoned pro, you can apply the principles of hacking to your career to raise your career profile, influence the things that matter to you and make better career judgements. From pay rises to CVs, from job applications to interviews. Everything’s open to be hacked, so let’s hack it!

Based on content from Steve’s 30 day e-mail course on how to hack your career and his upcoming book, Breaking In: The Pentester’s Hidden Handbook, this workshop will teach you the basics of hacking your career.

In this workshop you will learn how to:

  • Hack your CV
  • Build a targeted profile for the job you want
  • Use OSINT to find the right certs and experiences
  • Manage recruiters
  • Hack a phone interview
  • Hack a face-to-face interview

Over 700 people have learned how to hack their career on Steve’s free 30-day career hacking by email course at https://rawhex.com/hack-your-career/.Hacking your career can be the difference between an unrewarding job and the career you want. This workshop is being delivered exclusively for the first time at 44CON Cyber Security. If you’re not hacking your career, you’re only stealing from your own potential. Book your 44CON tickets now as this workshop is expected to fill up quickly.


Essentials of Incident Response (Working Title)

Presented By: Steve Armstrong

This workshop aims to cover the three key areas required to build an effective Incident Response capability:

  1. Legal
    • Contracts/NDAs/permission to call in other staff/work off site/take IP data away from the network/site.
    • Noting that EU/US Privacy/SEC laws/Regulation in play here (Plus IP etc) – as in many IR companies are US based, what do we do about privacy/disclosure/Ip protection.
  2. Working with the team
    • What to expect when they are onsite – space/access/briefing needs
    • Getting the basis together: Points of Contact, Network Schematics, OS/App deployment info, Barrier info (AV, FW, SIEM, Logs, N/HIPS, Netflow etc).
    • What to release to who, when and how – secure methods of communicating with the team, sharing files and getting legal’s approval for all this.
    • Getting quotes or ROMs for extras like “We will just send this back to the office for off-site malware analysis”
    • What does a badly controlled engagement look like? Where does the fault lie?
  3. Tech
    • What to configure to improve logging fidelity
    • Various new MS updates for logins exe hashes, File system journalling, prefetch enabling, shadow copy enabling etc.
    • When to call it a day
    • What to do afterwards – making the remediation hold
    • Maintaining the momentum
    • Fixing the problem to prevent the reoccurrence