LayerOne 2025

New for 2018! The InfoSec Career Panel is a live Q&A session where audience members can ask questions to a panel of information security professionals with 90 years of experience between them. Audience members will have the opportunity to ask security professionals from the entry-level to decades of experienced on topics like: career advice, the path they took to get to their current profession, what certifications are valuable, advice on how to pass them, and what technical skills are needed in today’s security industry. Audience members are encouraged to ask about other topics and areas!

The InfoSec Career Panel takes place on Saturday, May 26, 2018 at 3:00 PM in the Hardware Hacking Village.

Panelist Bios

Geoffrey Janjua is the founder of Exumbra Operations Group is a former US DoD civilian with 12+ years of operational field experience conducting offensive computer operations. Specializing in computer exploitation, technical operations, and covert-entry. He is currently conducting full-scope penetration testing, vulnerability research and exploit development of high-value products for a Fortune 500 company, has identified multiple zero-days, and holds many security related industry certifications to include OSCP, GPEN, CEPT, CPT, ECSA, CEH, and CRT..

Jack Baker is a full time penetration tester, reverse engineer, and bug bounty hacker. Jack has 3+ years of penetration testing and vulnerability research experience, reported multiple zero-days, a Google bug bounty, and has the OSCP, OSCE, and GXPN certifications.

Mark Liphardt has been involved in computers since the dark ages (before WWW). During his career in the technology industry he has worked for small companies, mid-sized companies, Fortune 500 companies and started a few of my own. For many years now Mark has been making a living doing InfoSec and computer forensics investigations. Mark has been a Defcon goon for 25 years and a longtime privacy advocate. Mark holds the CISSP and CFE certifications.

Matthew Stits, currently a Security Architect and Researcher for Adobe, has been in the security industry for nearly 20 years. He’s consulted and worked for a number of fortune 500 companies in the Communications, Finance, Casino Gaming and Payment Card industries. Matt’s current roles focuses on emerging technologies and business cases.

Patrick Albert, currently the Director of Security Engineering @ Appdynamics, is a military Veteran and tech enthusiast with over a decade of experience in DevOps and Security. Focused on building resilient and automated Secure SDLC pipelines, and increasing security awareness wherever possible. Keen on reducing risk and the ability to solve problems at their source through creative solution – In general, passionate about building, and securing all the things.

Sam Bowne, currently a teacher at City College San Francisco, has been teaching computer networking and security classes since 2000. He has given talks and hands-on trainings at DEFCON, HOPE, B-Sides SF, B-Sides LV, BayThreat, LayerOne, Toorcon, and many other schools and conferences. He has a B.S., a PhD, a CISSP, and is like, really smart.

Hebocon is a Robotic Battle for those on an extreme budget. Originating in Japan, it pits poorly constructed robots, modified electric toys and last-minute creations against one another in a Sumo-style arena.

It’s easy to play: Build a robot. A really terrible robot. You can either build your robot and bring it to the conference, or build it on-site in our renowned Hardware Hacking Village. There should be plenty of electronics rework equipment in the HHV, but feel free to bring some extras to guarantee that you have tools to work with or share with others. See the Hebocon Contest Page for full contest rules and restrictions for robot construction and operation! Don’t forget to sign up on Challonge to participate!

Don’t forget to register for our fantastic one-day Training events before discounts end! Both Training and Standard Registration are available over on the Registration page!

Don’t forget to book your hotel room before the discounted room rate ends! Use this direct link to book now, and learn more about the conference accomodations on the Venue page.

Sincerely,
The LayerOne Staff

Capture the Flag is back! This year’s contest is graciously hosted by the folks over at Qualcomm. The game will use a Jeopardy style board with challenges. This contest is for both beginners and experienced CTFers. Challenges will span many domains including web hacking, system hacking, forensics, reverse engineering, and crypto. Registration will be ON SITE, no qualifications necessary.

You can follow the CTF team on twitter at @LayerOneCTF for clues and additional information.

Sincerely,
The LayerOne Staff

Don’t forget! Early-bird discounts for 2018 Training ends on May 1st! Head over to the Registration page to book your tickets NOW!

Known for our extremely hands-on, “learn by doing” atmosphere, LayerOne offers full one day trainings on Friday, May 25th, 2018. Click on any training title below to see pricing and training information.

Hands-on Penetration Testing and Ethical Hacking

Presented By: Geoffrey Janjua

This hands-on focused course is designed to get you started with penetration testing with guidance from a full-time penetration tester with 20+ years of technical experience. Covering the phases of exploitation, real-world attack strategies, effective use of Metasploit, and privilege escalation techniques. This course is a “must have” for anyone who is ready to jump start their career in penetration testing. Each student will receive a take home exploitation lab with 10 vulnerable targets to practice on, printed materials, cheatsheets, compiled exploits, and walkthroughs for each target. Learn more!

Let’s Be Bad Guys: Advanced Post-Exploitation and Blue Team Evasion

Presented By: Dan Tentler

This course is designed to up your quiet game. In the recent years, blue teams have grown complacent with new tools and telemetry. They don’t actively hunt unless a tool tells them a box is interesting. In this course, you will learn how to tunnel your comms, stand up C2 infrastructure to be misleading, encrypt you traffic, create diversions, and other escape and evasion techniques to hide from the blue team. This course focuses on hiding on the network as well as in the system. Both Linux and Windows operating systems will be targeted for this course.Learn more!

Hands-on DevOps Security and AppSec Automation

Presented By: Abhay Bhargav

Application Security is a critical piece of the DevOps puzzle. However, it is severely under-represented in the Continuous Delivery pipeline. Practitioners and Organizations run into problems with Application Security testing in the continuous delivery pipeline, often relying on very basic security tests to provide Application Security Assurance in the Continuous Delivery Pipeline. You need a practical, repeatable and scalable way to deliver Application Security to your product across the Agile and DevOps lifecycle. In this workshop you will receive powerful hands on training on how you can implement scalable and effective security for rapid-release applications.Learn more!

OpenSOC Network Defense Simulation

Presented By: Eric Capuano

OpenSOC is a challenge meant to teach infosec professionals practical incident response skills in an environment that very closely resembles a real enterprise network. The virtual environment includes a scaled down version of almost everything you would find in an enterprise network to include workstations, servers, firewalls, email, web browsing, user activity, etc. Simulated users are actually browsing the Internet, downloading files, watching videos, and accessing LAN resources. This creates a high fidelity training environment for unleashing real-world attacks and testing a responder’s ability to filter out the noise and find malicious activity on the network. Learn more!

Android Reverse Engineering for Bug Bounties and Vulnerability Hunting

Presented By: Ben Actis

This hands-on training course is designed to form the foundation for reverse engineering Android applications. Taught by a veteran Mobile & IoT security expert, students will leave the class being able to identify common inner process communication mistakes, insecure storage calls, intercept & modify mobile traffic, insecure crypto & web activity invocations, core constructs of dalvik/smali assembly language and basic debugging capabilities. Anyone interested in bug bounties, mobile reversing or developers interested in how others would attack their mobile applications should take this course! Learn more!

LayerOne is proud to announce the 2018 speaker roster!

Aatif Khan – Hacking the Drone
Amit Serper – Adware is just Malware with a Legal Department
Brian Contos – Go Hack Yourself: Moving Beyond Assumption-based Security
Katie Knowles – Signal Safari: Investigating RF Controls with RTL-SDR
Leigh-Anne Galloway & Timur Yunusov – Hack In, Cash Out: Hacking and Securing Payment Technologies
Matthew Stits – From Security to Risk: Shifting the focus and changing the conversation
Matt Hoy – Data Security: How to avoid an embarrassing breach
Robert Adams – How to Security Research Without Getting Sucked into a Courtroom
Rtzq0 – Git for Hackers
Security Panda – HTTP2 and You
Wasabi – Can You Hear Me Now? – Wireless Communication for Pentesters
z0rro – Leeky Onions – Deanonymizing Live Tor Hidden Services

See full details of all presentations and speaker bios over on the Speakers page.

Don’t have your tickets yet? Well, that won’t do. Head over to the registration page to book your tickets now! Interested in attend one of our awesome one-day training seminars on Friday, May 25th? Learn more about this year’s training options on the Training page. The early-bird discount for Training Registration continues until May 1st, but we recommend to book early to make sure your favorite training doesn’t fill up!

While you’re doing your registration, don’t forget to book your hotel room and get a big discount with the LayerOne rate via the direct booking link. More information about this year’s venue on the Venue page, hotel room discount ends on May 11th!

Sincerely,
The LayerOne Staff