OnDemand Training - Best Special Offers of the Year Ending Soon - Learn More

San Francisco Fall 2018

San Francisco, CA | Mon, Nov 26, 2018 - Sat, Dec 1, 2018
This event is over,
but there are more training opportunities.

Oh, You Got This? Practical Attacks on Modern Infrastructure

  • Moses Frost
  • Wednesday, November 28th, 7:15pm - 8:15pm

Have you ever been on a Web Assessment, Bug Bounty, Pen Test, or Red Team and encountered a component using the latest frameworks, languages, libraries, or on the infrastructure? This presentation will provide a practical guide to approach these types of scenarios. Many of these technologies are strikingly new, probably visually stunning, but are they entirely secure? This talk will explore concepts like Modernized languages, Exposed In-Memory Databases, Proxies, Breaking Microservices, and more. We will show demos of how to abuse the latest architectures and frameworks. Follow me as we break the stuff that everyone else is just riding by, or discovering on accident.

Let's go attack the cloud people! This talk walks through the land of the cloud in a fun and storybook way. Let's also figure out along the way how to break, attack, and pillage, for good.

Moses Frost is a veteran in the Security Industry. He is a SANS Instructor for the SANS SEC642 Advanced Web App Penetration Testing Course, SANS SEC542 Web Application Penetration Testing Course, SANS SEC560 Network Penetration Testing Course and others. He currently works at Cisco Systems as a Security Architect, where changing the world is possible.

Bonus Sessions

The following bonus sessions are open to all paid attendees at no additional cost. There are many different types of events that fall into these categories:

  • SANS@Night: Evening presentations given after day courses have ended. This category includes Keynotes.
  • Special Events: SANS-hosted events and other non-technical recreational offerings. This category includes, but is not limited to, Receptions and Information Tables.
  • Lunch & Learn: Short presentations given during the lunch break.
Monday, November 26
Session Speaker Time Type
General Session - Welcome to SANS Jeff McJunkin Monday, November 26th, 8:00am - 8:30am Special Events
The Answer is on the Endpoint. Alissa Torres Monday, November 26th, 7:15pm - 9:15pm Keynote
Tuesday, November 27
Session Speaker Time Type
What Every Security Pro Should Know About Cloud Hacking Madhu Somu, Director of Technology Tuesday, November 27th, 12:30pm - 1:15pm Lunch and Learn
Building Your Own Kickass Home Lab Jeff McJunkin Tuesday, November 27th, 7:15pm - 8:15pm SANS@Night
Wednesday, November 28
Session Speaker Time Type
Oh, You Got This? Practical Attacks on Modern Infrastructure Moses Frost Wednesday, November 28th, 7:15pm - 8:15pm SANS@Night
Thursday, November 29
Session Speaker Time Type
Passing GIAC Exams for Fun and Profit Jon Gorenflo Thursday, November 29th, 7:15pm - 8:15pm SANS@Night