Daniel
Womens Training Scholarship
SensePost and BlackHat are proud to announce a new scholarship initiative for a woman in the information security field. The scholarship will include a ticket to Black Hat USA 2017 in Las Vegas, complimentary access to one of our training courses, airfare, and accommodation.
The scholarship will be awarded to a woman who demonstrates a strong desire to hone her InfoSec skills (more below).
How To Enter?
To enter, send us reasons as to why you believe *you* should attend one of our training courses and Blackhat USA. This could be in the form of an essay, examples of projects you are working on, stuff you’ve built or building or generally anything you think supports your claim for a place.
What to look for in a training provider
In the last few years, the infosec training scene has exploded. Arguably, the largest training provider is Blackhat, and in the last 15 years we’ve seen it grow from a handful of courses to 106 at the last BlackHat USA. With many courses purportedly offering the same or similar content, it’s getting harder to choose as a student.
This blog entry will cover some of the stuff we think makes our courses pretty great, and why we’re so proud of them. It may also help you to evaluate whether our courses are what you’re looking for at at least how to spot the better courses (not just ours) in a list of 100+.
The Basics
It’s our belief that if you have a deep passion for the work you do, then not only will you work hard to be great at it, you’ll also enjoy sharing that passion by teaching others. It’s held true for us for many years, and we make a point of putting our best analysts, rather than specialised trainers, to run our courses.
Where SensePost meets the real world
SensePost Training at Blackhat USA
What is SensePost infrastructure training about and what does it give you as a novice pentester? What does it give you as a pentester looking to move into infrastructure hacking? Training at SensePost focuses on learning the Trade and not just the trick, thus our focus is on your testing methodology rather than simply showing you some cool tools. And what is this methodology you may ask, well it is one that aims to emulate real-world scenarios and push you into doing the attacks that are actively happening.
SensePost Training
Over those years, we’ve trained thousands of students in the art of offensive and defensive security through our Hacking by Numbers courses.
Our courses are taken directly from the work we do. When we compromise networks, or applications with new techniques, they’re turned into modules in the appropriate course. We also don’t use trainers; every course is given by one of our analysts to keep it authentic.
For our fifteenth year, we’ve decided it was time to retire the ‘Hacking by Numbers’ name and just call it was it really always has been: SensePost Training.
The SensePost Academy: Wrecking Balls
There is a serious skills shortage in our industry. There are just not enough skilled hackers out there to fill all the open positions. In November of last year, I proposed a new approach for us at SensePost to address these concerns. I looked at what we could do as a company to ensure the next generation of hackers were being educated correctly (no, it’s not about how you use a tool) and moulded into what we, at SensePost, perceive to be good penetration testers.
SenseCon 2014
What originally started as one of those “hey, wouldn’t this be cool?” ideas, has blossomed into a yearly event for us at SensePost. SenseCon is a time for all of us to descend on South Africa and spend a week, learning/hacking/tinkering/breaking/building, together and in person.
A few years ago we made the difficult, and sometimes painful, shift to enable remote working in preparation for the opening of our UK and Cape Town offices. Some of you probably think this is a no-brainer, but the benefit of being in the same room as your fellow hackers can’t be overlooked. Being able to call everyone over to view an epic hack, or to ask for a hand when stuck is something tools like Skype fail to provide. We’ve put a lot of time into getting the tech and processes in place to give us the “hackers in the same room” feel, but this needs to be backed with some IRL interaction too.
Combat Reloaded
The British Special Air Service (SAS) have a motto that’s rather fitting for their line of work – Who Dares Wins
To a degree, the same could be said for our newly updated Hacking by Numbers course, Combat. Penetration testing is sometimes more than following a checklist or going for the easy kill. A good penetration tester knows how to handle all thrown at them, be it a Joomla implementation, or *shudder* an OpenBSD box.
Goodbye to 2013, hello to 2014
With 2013 coming to a close, I thought it pertinent to look back at the year we’ve had and also forward to what’s promising to be an incredibly exciting 2014 for us.
2013 for SensePost, was a year of transition. With a new leadership structure in myself, Shane and Dominic, we had a chance to stamp our style and vision and also learn from Charl and Jaco. One of the first leadership choices was to expand our reach and open our first office in London, aptly in a borough called Hackney. Here, we grew our family and welcomed some amazing people into the plak. After a few short months, we had outgrown the office and needed to look for bigger premises, this time in another aptly named area: Whitechapel (think Jack the Ripper).
Never mind the spies: the security gaps inside your phone
For the last year, Glenn and I have been obsessed with our phones; especially with regard to the data being leaked by a device that is always with you, powered on and often provided with a fast Internet connection. From this obsession, the Snoopy framework was born and released.
After 44con this year, Channel 4 contacted us to be part of a new experimental show named ‘Data Baby‘, whose main goal is to grab ideas from the security community, and transform them into an easy-to-understand concept screened to the public during the 7 o’clock news.
44CON 2013
In one week, it’s 44CON time again! One of our favourite UK hacker cons. In keeping with our desire to make more hackers, we’re giving several sets of training courses as well as a talk this year.
Training: Hacking by Numbers – Mobile Edition
If you’re in a rush, you can book here.
We launched it at Blackhat USA, and nobody threw anything rotting, in-fact some said it went pretty well; our latest addition to the Hacking by Numbers training.
Page 1 of 2
Next