Subverted Security - Attack and Defend Arsenal - DCTV2025
Name of Training: Attack & Defend Arsenal
Trainer(s): Subverted Security
Dates: August 11-12, 2025
Time: 8:00 am to 5:00 pm PT
Venue: Las Vegas Convention Center
Cost: $1800
Course Description:
Helping you grow as an attacker and defender!
This course is designed to take you from a complete beginner and provide you with a strong foundation in cybersecurity, giving you the confidence to begin your journey in this critical field. Whether you’re starting out as a pentester or looking to reinforce your skills in a defense role, our training provides the essential knowledge and tools you need to succeed.
Master the Core Tools: If you're new to pentesting, this course will introduce you to the four foundational tools every aspiring professional should know: Wireshark, Nmap, and Burp Suite. You'll gain not just a basic understanding, but the practical skills needed to use these tools effectively in real-world scenarios. Learn when to deploy each tool, what to look out for, and insider tips to maximize their effectiveness. This course is not designed to teach vulnerabilities, instead it is designed to teach how and when to use different tools with the aid of different vulnerabilities. This understanding and skills growth will enhance your approaches and methodologies when doing pentests, ensuring you know the capabilities of the trusted tools in your arsenal.
Empowerment Through Verification: For those in defensive roles, such as entry-level SOC positions and network engineering positions, this course offers the critical skills needed to verify the work of pentesters. You’ll learn how to independently scan hosts, understand vulnerabilities, and cross-check findings with confidence. By the end of this training, you’ll feel empowered to not only understand the pentesting process but also to validate its results, ensuring your organization’s security posture is accurately assessed.
Join us in a fun and exciting training where you have the freedom to hone in on tool sets like never before.
We are here to challenge the norms and disrupt the status quo ./
Course Goals:
- Master core cybersecurity tools that’s used by offensive and defensive teams in the information security industry
- Understand how a defender sees your traffic/Understand how to see signs of an attacker in your network
- Verification of attacks to understand how/why an attacker was able to perform an attack and be able to replicate the results yourself
What You’ll Get:
- During the training you’ll get access to a dedicated lab environment and all course materials including a hardcopy training handbook and cheatsheet.
- After the training you’ll have continued access to the provided training lab for 1 month.
Tools We’ll Dive Into:
- Nmap
- Wireshark
- Burp Suite
Our Goals For You:
- From Novice to Pro: We’re committed to transforming you from a beginner into a skilled user of Wireshark, Nmap and Burp Suite. You'll leave with a deep understanding of how and when to use these tools, and the knowledge to get the most out of them.
- Reinforcing Defense Expertise: If you’re in a defense role, our course will strengthen your ability to detect, understand, and verify the work of pentesters. We’ll equip you with the know-how to analyze logs and verify data, making you a more effective and informed defender.
- Avoiding Script-Kiddie Mentality: Instead of blindly using tools and hoping for an outcome we’ll ensure you understand the inner-workings and approaches of tools to enhance your outcomes rather than dictate it, thus growing your capability to approach testing and verification beyond just operating a tool.
Course Outline
We’ll be covering the following core modules during the 2-day training:
- Introduction & Welcoming
- Penetration testing objectives
- Network mapping
- Packet Analyser
- HTTP PITM Proxies
- Key Takeaways and Summary
Each module consists of multiple sub-modules and focused topics.
We strive for practical learning and this training has a 50/50 split between content and hands-on practicals.
Difficulty level
This is a beginner to intermediate level course.
Minimal experience is required however familiarity with the command-line and basic networking would be beneficial.
Suggested Prerequisites:
For this training, we recommend that you come prepared with a strong willingness to learn. The focus of the training is on having fun while engaging in the various different practical exercises and sub-practical tasks, and we encourage you to approach it with an open mind and a sense of adventure.
In terms of physical items, you’ll only need to bring along a laptop with a browser.
(No requirement for any tools, VMs, special configurations or weirdness - just your laptop. :D )
We will provide all other necessary materials and equipment for the training.
Who should take this course?
Anyone looking to strengthen their core cybersecurity toolbox skills. This course is designed for both offensive and defensive entry level positions wanting to learn the ins and outs of the most essential tools in cybersecurity.
- Anyone with an interest to start a career in cybersecurity
- Aspiring penetration testers/red team member
- SOC Team Members
- Network Engineers
- Developers and SecDevOps Engineers
Aspiring blue team members
Trainer(s) Bio
Subverted is a South African based boutique cybersecurity consultancy aimed at making an impact in the information technology industry by providing world-class training and education in the information security space. We are a team of highly skilled and experienced ethical hackers with a strong drive to innovate and make a difference.
We are all about pushing boundaries and disrupting the norms – hence “subverted”.
Jason Spencer is an experienced trainer, penetration tester and currently the CTO at Subverted. Having trained people in the art offensive tactics all over the world for the last 5 years you’ll surely be in good hands. His combined experience as a senior penetration tester, pentesting team leader as well as a trainer will provide you with an unparalleled opportunity to learn from a well-rounded professional in the industry.
Ulrich Swart has a history of pushing the limits of infosec training. He has managed the technical growth of various trainers, analysts and students through trainings he has delivered internationally for the last 8 years. Currently the CEO at Subverted, Ulrich drives forward his passion of teaching others through high quality practical technical trainings.
Registration Terms and Conditions:
Trainings are refundable before July 8, 2025, minus a non-refundable processing fee of $250.
Trainings are non-refundable after July 8, 2025.
Training tickets may be transferred. Please email us at training@defcon.org for specifics.
If a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).
Failure to attend the training without prior written notification, will be considered a no-show. No refund will be given.
By purchasing this ticket you agree to abide by the DEF CON Training Code of Conduct and the registration terms and conditions listed above.
Several breaks will be included throughout the day. Please note that food is not included.
All courses come with a certificate of completion, contingent upon attendance at all course sessions.
Training Justification Request – DEF CON Training
To: [Manager Name]
From: [Employee Name]
Date: [Date]
Subject: Business Justification for Attendance at DEF CON Training
Dear [manager’s name],
I am requesting approval to attend DEF CON Training, one of the cybersecurity industry's most recognized technical training programs. I’ve reviewed the options and selected a course to expand my skills with [1-2 key skills focus areas for the course].
DEF CON has been one of the world’s leading cybersecurity communities for more than three decades, known for convening industry, government, and independent experts to exchange advanced knowledge and practical skills. Building on this tradition, DEF CON Training delivers intensive courses taught by recognized global instructors. DEF CON Training courses offer hands-on instruction in a challenging, fast-paced environment. Many of the courses offered by DEF CON Training align with the National Institute of Standards and Technology (NIST) NICE Framework and Department of Defense Cyber Workforce Framework (DCWF), and attending this course will help me build and sharpen the skills required for my role.
Training: [Name of DEF CON Training Course]
Instructor/Provider: [Trainer Name(s)]
Dates: [Training Dates]
Location: Las Vegas, NV
Cost: [Course Fee]
Travel Expenses: [estimated travel & accommodations costs]
Course Description: [Copy short description of the selected class from the website here]
Trainer Bio: [Copy bio of the trainers of the selected class from the website here]
Once I’ve completed the course, I’ll be able to:
[copy student outcomes from course page where available or choose 3-4 skills or topic areas from the outline that are applicable to your current role, will help you fill a skill gap, etc.]
Business Need
As cyber threats continue to evolve, it is critical that our organization maintains current knowledge of emerging techniques and industry best practices. The selected DEF CON training aligns directly with my responsibilities in [your role/field here - for example, security operations, incident response, threat detection and hunting, application security, cloud security, risk management, security engineering].
The course will provide practical, hands-on experience that can be immediately applied to our environment and security initiatives. DEF CON training emphasizes real-world attack and defense scenarios, enabling participants to develop skills that extend beyond traditional classroom learning.
Request for Approval
I respectfully request approval and funding to attend DEF CON Training this August in Las Vegas. The knowledge, hands-on experience, and industry insights gained will directly support our cybersecurity objectives and contribute to strengthening our organization's security capabilities.
Thank you for your consideration. Please let me know if you have questions or need additional information to support this request.
Sincerely,
[Employee name]