LayerOne 2025

The Fail of Things returns for 2018! The Fail of Things is a event celebrating the hilariously insecure products and software being sold under the push to have everything on the Internet. Come, laugh, drop 0day, and give these little bugs nobody cares about the appreciation they deserve. We know you’ve been facepalming at all the bugs you’ve found since last year’s LayerOne. Submit to The Fail of Things and let’s cry in our beers together!

The Fail of Things will be held in the LayerOne IoT Village on Sunday afternoon. Submission criteria and full details are available on the Fail of Things page!

Sincerely,
The LayerOne Staff

This hands-on focused course is designed to get you started with penetration testing with guidance from a full-time penetration tester with 20+ years of technical experience. Covering the phases of exploitation, real-world attack strategies, effective use of Metasploit, and privilege escalation techniques. This course is a must have for anyone who is ready to jump start their career in penetration testing. Each student will receive a take home exploitation lab with 10 vulnerable targets to practice on, printed materials, cheatsheets, compiled exploits, and walkthroughs for each target.

This course is intended for penetration testers, security analysts, security administrators, network administrators with a security focus, and anyone else interested in learning about offensive reconnaissance and exploitation techniques used by red teams and black hats. This course focuses on the fundamentals of penetration testing and ethical hacking as is appropriate for beginner to intermediate skill levels.

Seating is limited for training events. Don’t wait, register now!

View the training description to learn more about this training! Head to the Training page for more information about our 2018 training lineup!

Sincerely,
The LayerOne Staff

The Tamper-Evident King of the hill challenge returns for 2018! This is a hands-on contest where attends attempt to defeat tamper-evident devices without leaving evidence. King of the Hill offers a variety of mechanical and adhesive seals to test your skills, As always, this year includes some new seals for even the most veteran King of the Hill players! Full contest rules on the Tamper Evident KotH page.

The LayerOne Tamper-Evident Contest runs from 10:00 Saturday to 14:00 Sunday! Have you booked your ticket for LayerOne 2018? Don’t wait, get your ticket now! While you’re at it, make sure to get your discounted hotel room via this direct booking link before discounts end on May 11th. Learn more about this year’s venue on the Venue page.

More details on this year’s speaking lineup and other contests coming soon!

Sincerely,
The LayerOne Staff

Today is the last day to save big on Standard Admission tickets! Head over to the registration page to book your tickets now! Interested in attend one of our awesome one-day training seminars on Friday, May 25th? Learn more about this year’s training options on the Training page. The early-bird discount for Training Registration continues until May 1st, but we recommend to book early to make sure your favorite training doesn’t fill up!

While you’re doing your registration, don’t forget to book your hotel room and get a big discount with the LayerOne rate via the direct booking link. More information about this year’s venue on the Venue page, hotel room discount ends on May 11th.

For those submitting to the Call for Papers, this is the last day to get your CFP submissions in! View the full Call for Papers for full details, otherwise head directly to the CFP Submission Form and get your awesome talk in ASAP. Thanks to everyone who has submitted so far!

Sincerely,
The LayerOne Staff

We are proud to present this year’s Training lineup! Training occurs on Friday, May 25th, 2018 and requires Training Registration to attend. Head to the Registration page for more details. Read below for full details of each training!

Hands-on Penetration Testing and Ethical Hacking

Presented By: Geoffrey Janjua

This hands-on focused course is designed to get you started with penetration testing with guidance from a full-time penetration tester with 20+ years of technical experience. Covering the phases of exploitation, real-world attack strategies, effective use of Metasploit, and privilege escalation techniques. This course is a “must have” for anyone who is ready to jump start their career in penetration testing. Each student will receive a take home exploitation lab with 10 vulnerable targets to practice on, printed materials, cheatsheets, compiled exploits, and walkthroughs for each target.

Let’s Be Bad Guys: Advanced Post-Exploitation and Blue Team Evasion

Presented By: Dan Tentler

This course is designed to up your quiet game. In the recent years, blue teams have grown complacent with new tools and telemetry. They don’t actively hunt unless a tool tells them a box is interesting. In this course, you will learn how to tunnel your comms, stand up C2 infrastructure to be misleading, encrypt you traffic, create diversions, and other escape and evasion techniques to hide from the blue team. This course focuses on hiding on the network as well as in the system. Both Linux and Windows operating systems will be targeted for this course.

Hands-on DevOps Security and AppSec Automation

Presented By: Abhay Bhargav

Application Security is a critical piece of the DevOps puzzle. However, it is severely under-represented in the Continuous Delivery pipeline. Practitioners and Organizations run into problems with Application Security testing in the continuous delivery pipeline, often relying on very basic security tests to provide Application Security Assurance in the Continuous Delivery Pipeline. You need a practical, repeatable and scalable way to deliver Application Security to your product across the Agile and DevOps lifecycle. In this workshop you will receive powerful hands on training on how you can implement scalable and effective security for rapid-release applications.

OpenSOC Network Defense Simulation

Presented By: Eric Capuano

OpenSOC is a challenge meant to teach infosec professionals practical incident response skills in an environment that very closely resembles a real enterprise network. The virtual environment includes a scaled down version of almost everything you would find in an enterprise network to include workstations, servers, firewalls, email, web browsing, user activity, etc. Simulated users are actually browsing the Internet, downloading files, watching videos, and accessing LAN resources. This creates a high fidelity training environment for unleashing real-world attacks and testing a responder’s ability to filter out the noise and find malicious activity on the network.

Android Reverse Engineering for Bug Bounties and Vulnerability Hunting

Presented By: Ben Actis

This hands-on training course is designed to form the foundation for reverse engineering Android applications. Taught by a veteran Mobile & IoT security expert, students will leave the class being able to identify common inner process communication mistakes, insecure storage calls, intercept & modify mobile traffic, insecure crypto & web activity invocations, core constructs of dalvik/smali assembly language and basic debugging capabilities. Anyone interested in bug bounties, mobile reversing or developers interested in how others would attack their mobile applications should take this course!

Sincerely,
The LayerOne Staff