Greg Conti & Tom Cross - Adversarial Thinking: The Art of Dangerous Ideas $2,400 (Early $2,200)

Name of training: Adversarial Thinking: The Art of Dangerous Ideas  

 Greg Conti is a hacker, maker, and computer scientist. He is a nine-time DEF CON speaker, a seven-time Black Hat speaker, and has been a Black Hat Trainer for 10 years. He’s taught Adversarial Thinking techniques at West Point, Stanford University bootcamps, NSA/U.S. Cyber Command, and for private clients in the financial and cybersecurity sectors. Greg is Co-Founder and Principal at Kopidion, a cyber security training and professional services firm. 

Formerly he served on the West Point faculty for 16 years, where he led their cybersecurity research and education programs. During his U.S. Army and Military Intelligence career he co-created U.S. Cyber Command’s Joint Advanced Cyberwarfare Course, deployed to Iraq as Officer-in-Charge of U.S. Cyber Command’s Expeditionary Cyber Support Element, and was the first Director of the Army Cyber Institute. 

Greg is co-author of On Cyber: Towards an Operational Art for Cyber Operations, and approximately 100 articles and papers covering hacking, online privacy, usable security, cyber conflict, and security visualization. Greg holds a B.S. from West Point, an M.S. from Johns Hopkins University, and a Ph.D. from the Georgia Institute of Technology, all in computer science. His work may be found at gregconti.com (https://www.gregconti.com/), kopidion.com (https://www.kopidion.com/) and LinkedIn (https://www.linkedin.com/in/greg-conti-7a8521/).

Tom Cross is an entrepreneur and technology leader with three decades of experience in the hacker community. Tom attended the first DefCon in 1993 and he ran bulletin board systems and listservs in the early 1990’s that served the hacker community in the southeastern United States. He is currently an independent security consultant, Principal at Kopidion, and creator of FeedSeer, a news reader for Mastodon. Previously he was CoFounder and CTO of Drawbridge Networks, Director of Security Research at Lancope, and Manager of the IBM Internet Security Systems X-Force Advanced Research team. He has written papers on collateral damage in cyber conflict, vulnerability disclosure ethics, security issues in internet routers, encrypting open wireless networks, and protecting Wikipedia from vandalism. He has spoken at numerous security conferences, including Black Hat Briefings, Defcon, CyCon, HOPE, Source Boston, FIRST, and Security B-Sides. He has a B.S. in Computer Engineering from the Georgia Institute of Technology. He can be found on Linkedin as https://www.linkedin.com/in/tom-cross-71455/, and on Mastodon as https://ioc.exchange/@decius

Full description of the training:
 
Hackers have a unique perspective on the world and in particular on the technological artifacts within it. When most people look at a high-tech system, they see what they were meant to see by the people who created it.  Hackers see technology as it truly is, not as it was meant to be, and this way of looking at things enables hackers to discover possibilities that were never intended in the first place.

For centuries, military and intelligence strategists have sought to view the world from a similar perspective - a perspective that can see the hidden possibilities and weaknesses in things and take advantage of them to create unexpected results. 

This unique course draws lessons from both the hacker community and from military thinking in order to deepen your ability to understand adversaries and see things the way that adversaries see them. 
 
Honing this skill is particularly valuable for people who are building technological systems that might be subject to misuse, and need to be able to anticipate that misuse. Whether you are an aspiring red teamer, a hardware engineer, software developer or product owner striving to understand how your product will be abused, or you work in fraud detection, risk analysis, election security, or any other domain where you face an adversary, you’ll find this course a valuable addition to your skill set. 

We will…

-     Survey adversarial thinking in a wide range of domains

-     Review the history of hacking and phone phreaking and understand how they influenced the development of a way of thinking about technology

-     Explore lock picking and physical security

-     Iteratively decompose an organization or complex system to find its most critical dependencies and develop methods of attacking those dependencies successfully

-     Consider how one might creatively steal from your employer and what controls are necessary to prevent this from happening

-     Examine how and why you might be targeted by foreign intelligence 

-     Practice cheating on a test

-     Understand how the mental models we develop for how things work can prevent us from seeing how they actually work

-     See how levels of abstraction in computer technology can hide vulnerabilities

-     Learn how to read technical standards and see the things that they fail to say

-     Practice fooling your customers by offering products with unstated capabilities

-     Explore how state cyber operations are organized and could target your organization

-     Study the crowdsourcing of adversaries, as seen in Ukraine

-     Explore dangerous security assumptions

-     Investigate deception techniques

-     Practice detecting and role-playing insider threats

-     And much more…

After completing the course you’ll leave with:

●   An improved offensive mindset and ability to identify weaknesses and other unintended characteristics of systems.

●   Heightened awareness of non-obvious threats and threat actors across the spectrum of the cyber, information, cognitive, and physical domains. 

●   Practical tools and techniques to better assess security risk and employ security controls.

●   A deeper understanding of threat actor TTPs and countermeasures in areas such as: state-level cyberspace operations, electronic warfare and surveillance, supply chain compromise, hardware implants, deception operations, human intelligence collection, physical security, influence operations, targeting methodologies, and novel threat intelligence analytic techniques, among numerous other topics.

●   Improved critical thinking techniques via an understanding of how the world, its threat actors, and the enterprise security environment behave in practice, not how defenders assume it to be.

●   An enhanced ability to fluidly shift from the mindset of a defender into that of an attacker, and back again.

●   Diverse sources of additional information to aid participants’ continued self-development.

This interesting and fast-moving class will include hands-on exercises to apply and reinforce the skills learned. You’ll leave this course with a fresh perspective and a toolkit of techniques to better accomplish your mission. Come join us.

Outline of the class:
 
Day 1

Course Introduction 

Lock Picking and Physical Security

Intro to Adversarial Thinking 

Case Study: HUMINT and Travel 

Reverse Engineering an Enterprise 

Fraud Competition 

Day 2

Cheating on a Test Contest

Cyberspace Operations 

Deception Techniques

Crowdsourced Adversaries 

Mental Models and Dangerous Assumptions 

Cyberspace Adversaries and the Enterprise 

Malware and Adversary Intent 

Insider Threat Game 

Technical difficulty of the class (Beginner, Intermediate, Advanced):

Beginner to Intermediate

Suggested prerequisites for the class:

This course is suitable for early career cybersecurity people and, importantly, individuals from other disciplines at any experience level who would benefit from learning the hacker mindset, those whose organizations face cybersecurity or physical threats, and those who need to better understand how adversaries think. If you are an experienced hacker looking for hands-on experience with specific technical tools this course may not be appropriate.

 

Items students will need to provide:
 
A devious and cunning mind, or a desire to develop one :)