ShellCon University

Training has been generously provided by two corporate sponsors this year. Classes will be running all day Friday and Saturday in the Career Hall. Classes are included with the cost of general registration. Bring your laptop!

Scholarships

We have a scholarship program for veterans which includes conference registration and priority enrollment in our training. For more information, DM @ShellConLA

Students also enjoy a discount rate for web registration at the conference. For more information, DM @ShellConLA.

Training Classes:

Linux Essentials Cram Session

Trainer: Mike Weilgart

Sponsored by: Vertical Sysadmin, Inc.
Abstract:

The LPI Linux Essential Cram Session will be lead by Mike Weilgart, Vertical Sysadmin, Inc. Mike will cover the published list of LPIC-1 exam Objectives and field technical questions to help prepare attendees to take the test. But attendees who aren't exam bound will also find this class an eye-opening general survey of what the profession considers essential Blue Team material.

Exam bound or not, this is a great refresher for pros who haven't studied their Linux craft in awhile. Fill in those critical gaps that arose as technology advanced. Attendees planning on investing in the LPIC-1 will learn about the importance of understanding the objectives, the test structure, and how obtaining this certification is beneficial to Information Security professionals.

Take it as a personal challenge to find out how much Linux you know. And bring your questions!

Exam Objectives

Target Audience:

Everyone

Bio:

Mike Weilgart has loved maths and computers all his life. He worked in a variety of positions including software QA, calculus teacher, and graphic design, before resolving to put his love of computers to professional use as a Linux sysadmin and trainer. Mike currently consults at a Fortune 50 company as an automation specialist, and enjoys nothing more than training people to full mastery of their tools.

LPI DevOps Tool Engineer Exam Cram Session

Trainer: Aleksey Tsalolikhin

Sponsored by: Vertical Sysadmin, Inc.
Abstract:

Integrating security with the development and deployment process begins with a fundamental understanding of the tools DevOps uses. This competence is highly desired by companies, but often missing in the Information Security discipline. Get your DevOps down with this LPI DevOps Tool Engineer lead by Aleksey Tsalolikhin, Vertical Sysadmin, Inc..

This content is for infosec engineers working in a DevOps environment with Software Engineering, Container Deployment, Configuration Management and Monitoring. Even attendees who aren't exam bound will appreciate learning about Blue Team tools like Docker, Vagrant, Ansible, Puppet, Git, and Jenkins.

Aleksey will field technical questions and help prepare attendees for taking the exam. He will explain the importance of understanding the objectives, the test structure, and how obtaining the certification is professionally beneficial. Bring your questions!

Exam Objectives

Target Audience:

Everyone

Bio:

Aleksey Tsalolikhin has been a UNIX/Linux system administrator for 20 years, starting at EarthLink in the mid-nineties. Aleksey's mission is increasing efficiency, productivity and quality of life of engineers through world-class training in excellent technologies. Aleksey is the organizer of the Los Angeles chapter of the League of Professional System Administrators and is a member the UNIX Users Association of Southern California.

Aleksey's firm, Vertical Sysadmin Inc., has trained staff from world-class organizations like AT&T, Samsung, Chevron, LinkedIn, VISA, Intel, Lawrence Berkeley National Laboratory, Los Alamos National Laboratory, Deluxe Technicolor and many others.

We present materials so that students deeply understand them, and real learning occurs. Students have said this type of training was the best training they've ever had.

We are an authorized GitLab training partner.

Perfect Fit Hiring Practices

Trainer: Lori Barfield

Sponsored by: Vertical Sysadmin, Inc.
Abstract:

Managers: Is your team’s workload growing faster than you can hire new talent? Do you agonize over which candidate would be best for your team? Do you have trouble persuading candidates to say yes, even when it looks like a perfect fit? We will overview job posting, phone screening, evaluating, and selecting candidates- to give attendees a distillation of best practices for creating new job positions and filling them.


Bio:

Lori joined her first Internet startup as a senior system administrator. When that company went public, she was hooked, and helping smaller firms prevail against well established rivals has been her passion ever since. She is currently COO at a company that specializes in technical consulting and training. Lori is also a mother of five. Between the kids, the dog, and the horse, she is grateful for a full and happy home, and the occasional escape to the woods with her husband.

LinkedIn: vpglobalops

Exercises in Tactical Attack and Defense - Purple Team Scenarios

Trainer: James Shewmaker

Sponsored by: SANS Institute
Abstract:

This training is comprised of attack and defense exercises in modern Windows environments. Using the virtual enterprise environment provided by SANS, participants will first attack the infrastructure, then detect and defeat the same attack. They will step through each attack scenario, then step through detailed instructions to defeat the attack. This training is excerpted from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses.

Exercises include:

  • NTLVMv2 Sniffing and Relays vs. Enterprise Hardening
  • Malicious scripts vs. Applocker + JEA
  • Credential theft: mimikatz vs. Credential Guard

Bio:

James Shewmaker has over 20 years of technical experience in IT, primarily developing appliances for automation and security for broadcast radio, internet, and satellite devices. He is the founder and principal consultant at Bluenotch Corporation, Long Beach, California, which provides customized security services focusing on investigations, penetration testing, and analysis to various clients.

Shewmaker graduated with a bachelor of science in computer science from the University of Idaho in 1998 and holds many certifications and is one of the first GIAC Platinum certified Malware (GSM) experts. He authored and maintains a portion of the material in the SANS Security 660: Advanced Penetration Testing and Exploit and Development course. His contributions include "Preboot Attacks" as well as "Escape and Escalating Attacks". He also contributed material to the SANS Institute Security 401: Security Essentials and Security 610: Reverse Engineering Malware courses.

He led the development and operation for the NetWars US CyberChallenge game beginning in June 2009. He is currently developing an independent cyber challenge, Bunker011 and is involved in the US CyberChallenge as an instructor at CyberCamps. Shewmaker regularly teaches a Tactical Offense and Defense day at these events and often speaks at DEF CON and other hacker conferences.

While he is consumed with his gadgets and all things computer security, he also finds time to enjoy snow skiing, water sports, and aviation with his wife, son, and dog.

LinkedIn: jimshew

Shell Scripting: Under the Hood

Trainer: Mike Weilgart

Sponsored by: Vertical Sysadmin, Inc.
Abstract:

We've all heard of the shell, and we've all used it at least a little bit. But what IS a shell, really? What makes shell scripting fundamentally different from any other programming language? What really happens when you type a command into your shell--and how does this relate to the mistake found in over 50% of production shell scripts? Attend this talk, demystify the shell and learn to use it right!

This presentation will give particular attention to security, such as dangers of globbing and dangers of unquoted variables. The instructor will also take questions- adjusting to the skill level of attendees, each class can go deep and will be unique.

Target Audience:

Everyone

Required Equipment:

An inquiring mind and a willingness to learn.

Bio:

Mike Weilgart has loved maths and computers all his life. He worked in a variety of positions including software QA, calculus teacher, and graphic design, before resolving to put his love of computers to professional use as a Linux sysadmin and trainer. Mike currently consults at a Fortune 50 company as an automation specialist, and enjoys nothing more than training people to full mastery of their tools.