ＨｉｄｅＺｅｒｏＯｎｅ

SEC505 teaches security professionals how to secure Windows environments and automate security tasks using PowerShell while maintaining robust protection against internal and external threats. The course explores techniques for hardening Windows systems, securing PowerShell scripts, and detecting malicious automation. Participants will gain practical experience in securing automation workflows, managing administrative privileges, and mitigating common attack vectors like PowerShell-based exploits. With hands-on labs and real-world examples, SEC505 enables attendees to effectively secure Windows environments, automate incident response, and safeguard against advanced threats that target Windows systems and PowerShell automation.

SEC488 provides foundational knowledge for securing cloud environments across various platforms, including AWS, Azure, and Google Cloud. This course is designed for security professionals seeking to understand cloud-specific risks, security controls, and compliance requirements. Participants will explore core topics such as identity and access management (IAM), secure configuration, data protection, and monitoring in cloud-native environments. With hands-on labs and practical exercises, students will gain the skills needed to identify vulnerabilities, implement security best practices, and safeguard cloud infrastructure. SEC488 is the ideal starting point for building a strong cloud security strategy and ensuring a secure adoption of cloud technologies.

“Security” is arguably one of the most challenging disciplines to move from being an individual contributor (IC) to being a manager. While security ICs can perform most tasks in isolation, a manager needs to regularly interact with people both inside and outside of the team. Further, “security” has its own language which can be completely foreign to people outside of the discipline. How do you take security concerns and convert them into a language that senior leaders and “C” levels can understand? Honing these skills will be the primary objective of this course. In this course, we will cover all of the steps needed to stand up and lead a security team within an organization. We start with a clean slate so that every aspect gets covered. If you are in an environment that already has a security team, this can help fill in the gaps. This course will have a heavy focus on how to integrate the security team with the rest of the business units. We’ll look at strategies for increasing funding, as well as converting “security risks” into “business risks” so they are better understood by the organization’s leadership. The course includes a lot of collateral like a full set of pre-written security policies. The goal is to help you build an effective security team in as little time as possible.

Antisyphon: Security Leadership and Management w/ Chris Brenton

Security Defense and Detection TTX is a comprehensive four-day tabletop exercise that involves the introduction to completion of security TTXs (tabletop exercises), IR playbooks, and after-action reports. The exercises are paired with video and lab demonstrations that reinforce their purpose. The training as a whole is compatible with the world’s most popular RPG rules.

The preparation phase will walk students through the creation of specific IR playbooks that can be utilized in any environment as well as during later parts of the class. The next phase introduces the gamification of the TTXs. The students split up into separate “corporations” with assigned verticals, hit points, armor class, budgets, strengths, and weaknesses. Selection of departments and skills allow the players to further their modifiers. Throughout the exercise, each company will take turns rolling their way through decisions such as large purchases, attack severity, defense capability, and incident response decisions.

 Antisyphon: Security Defense and Detection TTX w/ Amanda Berlin and Jeremy Mio