Influence Operations: Tactics, Defense, and Exploitation - Greg Conti & Tom Cross - DCTLV2026 **Saturday-Sunday Course**

Name of Training: Influence Operations: Tactics, Defense, and Exploitation
Trainer(s): Greg Conti & Tom Cross
Dates: August 8-9, 2026 **Saturday-Sunday Training**
Time: 8:00 am to 5:00 pm 
Venue: Las Vegas Convention Center
Cost: $2,750 (USD)

**Please note: This two-day training will be offered on Saturday and Sunday (August 8-9). Participants will receive a DEF CON Human Badge with their registration**

Short Summary:

Information is power, and influence operations weaponize it at scale. This hands-on course teaches how modern influence campaigns are planned, executed, amplified, and countered. Students will learn to recognize, defend against, and respond to influence operations targeting individuals, organizations, and nations, culminating in a live influence operations contest.

Course Description:

Information is power, and modern adversaries increasingly use it as a weapon. Influence operations shape beliefs, decisions, and behavior by manipulating narratives, exploiting cognitive bias, and controlling how information flows through societies and organizations. This unique two-day DEF CON training course examines how state and non-state actors plan and execute influence campaigns, from coordinated online manipulation to deception-driven operations that affect elections, markets, reputations, and trust. Participants learn how influence operations work in practice, why they succeed, and where individuals and organizations are most vulnerable.

The course is fast-paced and hands-on, built around discussion, real-world examples, and practical exercises. Participants break down real influence campaigns, explore deception and psychological techniques, and examine how adversaries exploit assumptions, bias, and information flows. A live influence operations exercise gives participants the opportunity to experiment with these ideas in a controlled, ethical environment. By the end of the course, you will be better at spotting manipulation, questioning narratives, and understanding how influence moves through people and systems, helping you protect yourself and the organizations and communities and organizations you interact with despite an environment where information is routinely weaponized.

Course Outline:

DAY 1
Course Introduction - Establishes course goals, structure, ground rules, and frames influence operations as a security and adversarial problem space.

History of Influence Operations - Surveys historical and modern influence operations to show how techniques, technologies, and effects have evolved over time, but rhyme with the past.

Introduction to Influence Operations - Introduces core concepts, terminology, and models that explain how influence operations are planned and executed.

Psychological Operations (PSYOP) - Explores how cognition, emotion, bias, and perception are deliberately targeted to shape behavior and decision-making.

Deception - Examines deception strategies, tactics, and indicators, including how deceptive campaigns are designed and detected.

Effects - Focuses on defining, measuring, and assessing desired and undesired effects of influence operations.

Day 1 Wrap-up and Contest Preparation - Synthesizes day one material and prepares students for the hands-on influence operations contest.

Homework: Contest Preparation - After class, students prepare and refine their influence operations contest entries based on the techniques and concepts learned during Day 1.

DAY 2
Cognition and Bias - Deepens understanding of how cognitive biases and mental shortcuts are exploited by adversaries at scale.

Channels and Amplification - Analyzes how messages propagate through communication channels and how amplification and suppression occur.

Incident Response - Applies incident response concepts to influence operations, including detection, triage, response, and recovery.

Offensive and Defensive Techniques - Surveys common adversary techniques and practical defensive measures for countering influence operations.

Automation - Explores how automation, bots, and tooling are used to scale influence operations and defensive responses.

Contest Review – Students present their entries to the class. Discuss lessons learned, successes, failures, and defensive insights. Prizes awarded based on class vote.

Artificial Intelligence and Influence Operations - Examines how AI enables new influence capabilities and introduces new risks and defensive challenges.

Course Wrap-up, Final Exam and Feedback – Consolidate key takeaways, connect concepts across both days, and gather student feedback. 

Difficulty Level:

Beginner to Intermediate

Beginner Definition - The student has an interest in the topic presented and general technology knowledge that a power user or undergraduate student may have acquired.

Intermediate Definition - The student has education and some experience in the field and familiarity with the topic being presented. The student has foundational knowledge that the course will leverage to provide practical skills on the topic.

Suggested Prerequisites:

No formal prerequisites are required. This course is appropriate for motivated beginners and practitioners with some experience in information security or related disciplines who want to understand how influence operations are designed, executed, and countered. It may be less suitable for those seeking deep technical instruction in programming, exploitation, or tool development.

What Students Should Bring:

A laptop is recommended if you want to participate in the contest. An authorized social media account (X or Mastodon preferred) is helpful for the contest, but we’ll also provide an offline option for those wishing to avoid real-world interaction.

What the Trainer Will Provide:

All course materials, exercises, and contest prizes.

Trainer(s) Bio:

Greg Conti is a hacker, maker, and computer scientist. He is a ten-time DEF CON speaker, a seven-time Black Hat speaker, and has been a Black Hat Trainer for 10 years. He’s taught hacking and information security techniques at West Point, Stanford University bootcamps, NSA/U.S. Cyber Command, and for private clients in the financial, non-profit, and cybersecurity sectors. Greg is Co-Founder and Principal at Kopidion, a cyber security training and professional services firm. 

Formerly he served on the West Point faculty for 16 years, where he led their cybersecurity research and education programs. During his U.S. Army and Military Intelligence career he co-created U.S. Cyber Command’s Joint Advanced Cyberwarfare Course, deployed to Iraq as Officer-in-Charge of U.S. Cyber Command’s Expeditionary Cyber Support Element, and was the first Director of the Army Cyber Institute. 

Greg is co-author of On Cyber: Towards an Operational Art for Cyber Operations, and approximately 100 articles and papers covering hacking, online privacy, usable security, cyber conflict, and security visualization. Greg holds a B.S. from West Point, an M.S. from Johns Hopkins University, and a Ph.D. from the Georgia Institute of Technology, all in computer science. His work may be found at gregconti.com (https://www.gregconti.com/), kopidion.com (https://www.kopidion.com/) and LinkedIn (https://www.linkedin.com/in/greg-conti-7a8521/).
 
Tom Cross is an entrepreneur and technology leader with three decades of experience in the hacker community. Tom attended the first DefCon in 1993 and he ran bulletin board systems and listservs in the early 1990’s that served the hacker community in the southeastern United States. He is currently the Head of Threat Research at GetReal Security, Principal at Kopidion, and creator of FeedSeer, a news reader for Mastodon. Previously he was CoFounder and CTO of Drawbridge Networks, Director of Security Research at Lancope, and Manager of the IBM Internet Security Systems X-Force Advanced Research team. He has written papers on collateral damage in cyber conflict, vulnerability disclosure ethics, security issues in internet routers, encrypting open wireless networks, and protecting Wikipedia from vandalism. He has spoken at numerous security conferences, including Black Hat Briefings, Defcon, CyCon, HOPE, Source Boston, FIRST, and Security B-Sides. He has a B.S. in Computer Engineering from the Georgia Institute of Technology. He can be found on Linkedin as https://www.linkedin.com/in/tom-cross-71455/, and on Mastodon as https://ioc.exchange/@decius. 

Proficiency Exam Option:

This course has the option for a proficiency certificate add-on. If you choose the proficiency add-on, you will complete a written exam that evaluates your understanding of the course content. You must score at least 70% to pass.

Please reach out to training@defcon.org for any questions related to the proficiency exam and certificate option.

Registration Terms and Conditions: 

Trainings are refundable before July 11, 2026, minus a non-refundable processing fee of $250.

Between July 11, 2026 and August 5, 2026 partial refunds will be granted, equal to 50% of the course fee minus a processing fee of $250.

All trainings are non-refundable after August 5, 2026.

Training tickets may be transferred to another student. Please email us at training@defcon.org for specifics.

If a training does not reach the minimum registration requirement, it may be cancelled. In the event the training you choose is cancelled, you will be provided the option of receiving a full refund or transferring to another training (subject to availability).

Failure to attend the training without prior written notification will be considered a no-show. No refund will be given.

DEF CON Training may share student contact information, including names and emails, with the course instructor(s) to facilitate sharing of pre-work and course instructions. Instructors are required to safeguard this information and provide appropriate protection so that it is kept private. Instructors may not use student information outside the delivery of this course without the permission of the student.

By purchasing this ticket you agree to abide by the DEF CON Training Code of Conduct and the registration terms and conditions listed above.

Several breaks will be included throughout the day. Please note that food is not included.

All courses come with a certificate of completion, contingent upon attendance at all course sessions. Some courses offer an option to upgrade to a certificate of proficiency, which requires an additional purchase and sufficient performance on an end-of-course evaluation.