FIND ALL THE BAD THINGS

PV Setup Documentation

1) Hotel Internet comes into the WAN port of the Router. It should receive a dynamic address.2) Eth3 on the Router runs to Eth0 (Management Port) on the Packet Viper.3) Eth4 on the Router runs to Eth2 (Bridge Port) on the Packet Viper.4) Eth3 (Bridge Port) on the Packet Viper runs to the Access Point.5) Users can connect to the WAP and the PV should report their traffic.SSID: VIPER_DEMOPassword: There is none

PV Management Address: 10.0.0.5http://10.0.0.5:47880ORhttps://10.0.0.5:47881Username: OctopiPassword: Vampire9731!Router Management Address: 10.0.0.1Username: OctopiPassword: Vampire9731!AP Management Address: 10.0.0.20Username: OctopiPassword: Vampire9731!

Countries that are blocked by the PV:Russia, China, Mongolia, Ukraine, Antarctica, and Kazakhstan.Examples of websites that are blocked:news.cn mail.ru

GFI MAX TAKES ON SECURITY & WINS!

Presented By: Ian Trump9 September 2014Orlando, FloridaSSID: VIPER_DEMO

INTRODUCTIONA Little Bit About Us

Introduction:

Consultant with 17 years of experience in IT security and information technology

Project work for global companies has helped them secure their enterprise networks from current and future cyber attacks. Security blogger, cyber security educator for the Canadian Armed Forces

Board member of (IC)2 and editorial review board member for The EDP Audit, Control, and Security Newsletter

1989 to 1992, Canadian Forces (CF), Military Intelligence Branch2002 to 2007, CF Military Police Reserves 2007 to 2013, Retired from CF Public Affairs

Lead Architect for Canadian Cyber Defence ChallengePen Test Team Leader, COBIT Auditor, Drinking Buddy

SELF IMPORTANT BLOW HARD, WHERE IS YOUR BOOK?

“I have a dysfunctional relationship with many things, including the Internet. The Internet appears to be both the source of criminal and foreign intelligence service attacks and the repository of information on how to detect and mitigate those attacks.” – Ian Trump, 2014

AGENDA

1. Intro Stuff2. CMHR Stuff3. DEFCON 2014 Stuff4. FUN FACT Stuff5. SECURITY MARKET Stuff6. THROAT PUNCH Stuff7. EPIC PAWNAGE Stuff8. HACKED PC Stuff9. CANADIAN THREAT LANDSCAPE Stuff10. CASE STUDY 1 Stuff11. GFI MAX PEN TEST W/NMAP Stuff 12. WHO DAT? WHO DAT? G-F-F-I13. CASE STUDY 2 Stuff14. GFI MAX IDS Stuff15. PACKET VIPER & TOOL Stuff16. TAYLOR SWIFT & FUTURE Stuff17. FIX THE Stuff18. TIP YOUR WAITRES & TRY THE VEAL Stuff

THE ONLY COOL THING SO FAR WAS THE LAST SLIDE

SOME PEOPLE DON’T LIKE US CANADIANS VERY MUCH

"In Pennsylvania if the Chinese or Russians hack you, you try to put them in Jail.

In Canada, if the Chinese hack you, you apologize for having poor security.” – Ian Trump, 2014

DRINK ALL THE THINGS HACK ALL THE THINGS #Liverdamage

DEFCON 2014.

- America Reboots!- Digital Pearl Harbour Cyber Apocalypse Mythology- Do Research that Matters- Were Going to Hack both the System and the Technology- Learn to speak “Cyber”- Economic Loss in IT = Jobs- Customers are demanding privacy!- American Companies have noticed- Words are Important.

Fun Facts

- Cost of Cyber Crime and Cyber Espionage in US $100 Billion per year.- Cost of Cyber Crime and Cyber Espionage world wide is $425 Billion per

year.

Advanced Persistent Threat (APT):

- Coordinated cyber activities of criminals and state level entities- Objective of stealing information, compromising information systems- Criminal organizations monetise all aspects of illicit access- Foreign Intelligence Services gather Intellectual Property- APT tries to stay embedded for as long as possible- APT generally only resorts to destruction upon detection

SOMETIMES YOUR USERS ARE THE APT

Your Customer Pain is My Security Business Gain

Managed Security Services Market (CPE, Cloud/Hosted and Hybrid) – Global Industry Analysis, Size, Share, Growth, Trends, and Forecast, 2013–2019

Managed security services market could be worth more than $24 billion by 2019, up from roughly $9 billion in 2012.

Researchers also predicted the managed security services market will expand at a compound annual growth rate (CAGR) of 15.4 percent between 2013 and 2019.

DO NOT ASK ABOUT SQL INJECTION ATTACKS

Gartner Report 2014:

- Security spending gets boost from mobile, social and cloud- Worldwide spending will increase by almost 8 percent this year- Worldwide spending on information security will top US$71 billion this year, an increase of 7. % over 2013- Data loss prevention segment recording the fastest growth at 18.9 percent- In 2015, roughly 10 percent of overall IT security enterprise capabilities will be delivered as a cloud service- Small and medium sized companies will rely on hosted security services to an even greater extent- Unfortunately, many organizations continue to lack staff with the appropriate security skills. To keep up with hackers, more than half of organizations will by 2018 rely on security services firms that specialize in data protection, risk and infrastructure management

GET DRUNK @ BLACKHAT WITH CUTE GARTNER ANALYST

Disposing of Counterarguments

It’s all hype and scaremongering!• 15 Aug 2012, “Cutting Sword of Justice” launches cyber attack on Saudi Aramco estimated 30,000

workstations are infected• The virus erased data on three-quarters of Aramco’s corporate PCs — documents, spreadsheets, e-

mails, files — replacing all of it with an image of a burning American flag• $630 Million estimated loss

Hacking has been around for years, IT did not collapse!• Acts of vandalism have evolved• The intent now is to steal, demolish or in some other way monetize a specific organizations’ data

We are not important enough to attract an attack!• True - for an organization that has no employees, no customers, no trade secrets and no money• Everyone else is a target

Nothing can be done!• Make the attack difficult• Use risk analysis to protect the most important assets• Accept the fact IT security is a enterprise wide responsibilitySAND + HEAD = HEAD IN SAND

2014 Year of Epic Carnage due to Pwnage

I WANT ALL THE DATA

EBay this year’s biggest hack so far. In May, eBay revealed that hackers had managed to steal personal records of 233 million users.

Montana State Health Department revealed that a data breach may have affected more than 1 million people. The hack actually happened in July last year, but it wasn’t discovered until May this year, with the identity of the intruders, and the extent of the damage done, still unclear.

P. F Chang, The chain restaurant suffered a huge data breach last month that compromised customer payment information. Thousands of newly stolen credit and debit cards went up for sale online on June 9th.

Evernote was taken downwith a Distributed Denial of Service (DDoS)

Domino’s PizzaHacking group Rex Mundi held Domino’s Pizza to ransom over 600,000 Belgian and French customer records.

Being firmly in the cross-hairs of a computer hacker helped put a bullet into Target's fourth quarter net earnings which fell almost 46 percent due to an estimated $450 million lost when hackers stole data from millions of Target customers.

CodeSpaces.com closed its doors 19 Jun 2014, following a security breach that began with a distributed denial-of-service (DDoS) attack, and ended 12 hours later after an attempt to extort money from the company.

MY OTHER COMPUTER IS YOUR WORK COMPUTER

Canadian Cyber Crime Threat Landscape

The number of C&C servers on Canadian soil increased 83% and moved Canada to the number eight spot on the current 2013 global cybercrime list.

Canada is currently fourth on the global cybercrime list for hosted phishing sites.

Foreign cybercriminals are setting up virtual bases in Canada to command espionage attacks.

Canada hosted the third largest volume of servers communicating with the type of highly sophisticated malware responsible for stealing valuable corporate data.

OVH Canada – DEFCON IP, DNS, ASN (BGP) & Sub Domains 512K Old Router Limit

A NEW LOW BAR IN BUSINESS ETHICS = HOSTING COMPANIES

Dedicated Infrastructure for yourCyber Crime Business

Case Study: Rolling Into Broken

470 End Points, 40 Servers, 80 POS in US and Canada, 300+ Employees, 1000’s of Customers

Targeted Phishing Email from similar domain “arctiicglacier.ca” <- Threat Track FTW

Managed Anti-Virus(MAV)

- Remotely uninstall the current Anti-Virus, old Team Viewer and install our GFI agent. MAV started finding multiple infections across their network. - Symantec Enterprise End Point Sucks. <- US CERT Says so too!

Monitoring Installation Templates

- Using the install template settings , we created a custom template to install specific checks and services.- Performance issues identified, expired user id’s for services “Blame GFI”

THEY MAKE ICE FROM A SECRET RECIPE

Case Study: Rolling Into Broken

One-Click installer

- Manual – sucks for large #, Good for punishing staff/interns/new guy - Group policy MSI – AD seems broken most of the time- One-click installer – Scheduled task Using a batch script and admin cred’s

Team Viewer Licensing- Old Team Viewer Installs - DIAF

MAV Dies- Occasionally malware nuked MAV. - Developed a script to manually update the MAV definitions.- Downloaded Malware Bytes - just like everyone else does.

SO, INTELLECTUAL PROPERTY THEFT IS UNLIKELY

Case Study: Rolling Into Broken@echo ONIF exist c:\windows\MAX.txt exit ELSE (rem cd ~rem cd C:\Program Files (x86)\Advanced Monitoring Agent\rem call unins000.exe /SILENTrem cd ..rem RD /S /Q "C:\Program Files (x86)\Advanced Monitoring Agent”rem pauserem wmic product where name="Advanced Monitoring Agent GP" call uninstall /NOINTERACTIVErem pausewmic product where name="Symantec Endpoint Protection" call uninstall /NOINTERACTIVErem pausewmic product where name="TeamViewer 7 Host (MSI Wrapper)" call uninstall /NOINTERACTIVErem pauserem call \\agi-corp-dc-s-1\NETLOGON\auto.exewmic product call install true, "" , "\\agi-corp-dc-s-1\NETLOGON\AGENT_AG_WPG_SCRIPT_INST_V9_4_0_GP\agent.msi" /NOINTERACTIVEcd ~cd C:echo SEP uninstall, TV7 uninstall, Max install > c:\\windows\MAX.txtrem pauserem shutdown /r /f)

Security At Law Firms

Q: HOW DO YOU SAVE A DROWING INFO SEC PROFESSIONAL? A: TAKE YOUR FOOT OFF HIS HEAD

Two Octo - Customers

- Obsessed with confidentiality- Law firms have security requirements (Law Society, State Bar, etc.) - GFI Managed Online backup (MOB)- Try to remove Internet facing unencrypted services!

Proprietary Software (Java applet) #justsaynotojava

One piece of software that the business regularly uses ex. “Land Titles”GFI Patch Management has to ignore java updates through patch manager

Desktop & Server Security

MAVWeb Content Filtering not just for workstationsRegular Pen Test and IDS Customization with Dash Board Alerts

Use Case: Web Content Filtering

FILTER ALL THE THINGS

Lawyers do a lot of research

- Research on the web is dangerous- Downloading Torrents is dangerous- PDF’s and pictures of Cats are the heralds of the apocalypse & they ride upon the world wide web.

DATE TOTAL REQUESTS MALICIOUS SITE REQUESTS BLOCKED REQUESTS

12-Aug-2014 44 0 011-Aug-2014 320 0 007-Aug-2014 27 0 006-Aug-2014 1557 35 3805-Aug-2014 38 0 004-Aug-2014 32 0 003-Aug-2014 33 0 002-Aug-2014 32 0 001-Aug-2014 31 0 031-Jul-2014 232 0 030-Jul-2014 3257 1518 151829-Jul-2014 1144 1 728-Jul-2014 98 0 027-Jul-2014 101 0 026-Jul-2014 92 0 0

TOTAL 7038 1554 1563

Auto Nmap Pen Test

VNC & RDP OPEN TO THE INTERNET = PWNAGE

Used to flag changes in ports on your customers IPs

- The Windows Task Scheduler set to run- An NMAP script to check for differences in the ports and to create- Windows Event Log entries. By throwing up flags in your application- GFI to do a DSC of your Event Logs and notify you when the suspect IDs  

How is the NMAP Script setup?

- When the scan runs it has two different outputs old scan and the new scan.

- After the scan is completed, the script will compare the two files and look for new ports.

- If any changes have been found, an Event will be created (Different Event ID for each client), and GFI MAX will notify you of this change.

Code Stuff

NMAP MAY TELL YOU YOUR STUPID

Automating a Pen Test with Nmap (Nmap_scan.bat)cd c:\program files (x86)\nmap\octopitech_scans call "c:\program files (x86)\nmap\octopitech_scans\portscan.bat” call "c:\program files (x86)\nmap\octopitech_scans\comparescan.bat” set /p var=< scan_log.txt if defined var (eventcreate /l application /t warning /id 501 /d "nmap port scanning found new open ports") else (echo no new open ports found)

Port_scan.bat

d c:\program files (x86)\nmap\octopitech_scans del old_nmap_scan.xml rename new_nmap_scan.xml old_nmap_scan.xml nmap -p- -oX new_nmap_scan.xml -iL Target_IP.txt

Comparescan.bat

BREAK ALL THE THINGS

cd c:\program files (x86)\nmap\octopitech_scans ndiff old_nmap_scan.xml new_nmap_scan.xml > compare_scan.txt find /v "+" compare_scan.txt | find "open" > scan_log.txt

Notes:

Target_IP.txt <-Put in all your external Customer IP Addresses

Ron’s Violent Nmap for Pen Testers

Nmap TCP & UDP (this is slow - up to 24 hours)

./nmap -PN -oA output/companyname --open --log-errors -p- -d2--min-parallelism=16 --min-hostgroup=16 -T4 -sT -iL hosts.txt--script=reverse-index

./nmap -PN -oA output/companyname --log-errors --open -p- -d2--min-parallelism=16 --min-hostgroup=16 -T4 -sU -iL hosts.txt

Nmap Detailed scan, fairly safe:

./nmap -sTU -PN -oA output/companyname --open --log-errors -p[listopen ports here] -d2 --min-parallelism=16 --min-hostgroup=16 -T4 -sT-iL ipaddresses.txt --script="safe or default"

Nmap Detailed scan, this can break stuff

./nmap -sTU -PN -oA output/companyname --open --log-errors -p[listopen ports here] -d2 --min-parallelism=16 --min-hostgroup=16 -T4 -sT-iL hosts.txt --script="all and not broadcast and not *fuzz* and not*slow* and not *brute* and not *qscan* and nothttp-unsafe-output-escaping and not http-stored-xss"

Note: Be sure to use the Daily Safety Check as opposed the 24x7 check. This way you will have more time to see the errors on the dashboard.

Scan All The Things = Security Win!

- Scan AG 80+ addresses and find out what ports and associated services were open

- Relayed that information back to the client and made them aware of the situation

- Remediated and provided guidance on ACL’s for Firewall configuration

- Automated monitoring of clients Internet facing IPs for newly closed or opened ports

FIREWALLS ARE LIKE 6 YEAR OLDS THEY NEED RULES

Epic War Ferrets in Battle Wagon!

BREAK TIME

"Who Dat? Who Dat? G-F-F-I”https://www.youtube.com/watch?v=bHr7itwVsMc

Case Study 2: Center for Christian Studies

THERE IS BROKEN & THEN THERE IS SUPER BROKEN

- IT Jenga, pulling one block can cause the whole thing to collapse.- Reconnaissance is key- Deploy GFI agent, you can see exactly what is going on (shit show)- Nmap the Internal and external network- Use your Brain! (Layer 0 and Layer 1 Problems)- Use Wifi Explorer to manage channels! Deploy GFI MAX- Server was completely bogged down- 2008 SBS is the Devil!- XP Workstations were missing hundreds of patches- Open ports on the Internet!

Architect Solutions- Office 365 (Remove SharePoint & Exchange from Server)- Server AD, DNS, DHCP (Remove WSUS & SQL from Server)- QNAP NAS (Integrate AD File Shares)- UPS All the things!- Get authorised! (ISP, Printer Lease Company, Etc.)- MOB (Off Site Backup), Web Content Filter (Especially on the Server)

Case Study 2: Securing The Network

EXTRA DLL’s & EXE’s ARE NOT COOL

- No open unencrypted ports- Keep Patched and Updated- No Local Admin Permissions- Monitor all the things! (SNMP, Ping, Services (Internal and External))- Event Log Checks & Count all the things!@echo ondel old_dll_count.txtdel old_exe_count.txtrem pauserename dll_count.txt old_dll_count.txtrename exe_count.txt old_exe_count.txtrem pausedir c:\ /s /b | find /c /i ".dll" > dll_count.txtdir c:\ /s /b | find /c /i ".exe" > exe_count.txtrem pauseset /p OldDllCount= < old_dll_count.txtset /p NewDllCount= < dll_count.txtset /p OldExeCount= < old_exe_count.txtset /p NewExeCount= < exe_count.txtrem pauseif %NewDllCount% NEQ %OldDllCount% (eventcreate /l APPLICATION /t WARNING /id 510 /d "New Dynamic Link Library found!”)if %NewExeCount% NEQ %OldExeCount% (eventcreate /l APPLICATION /t WARNING /id 511 /d "New Executible found!”)rem pause

Count All The Things!

[Redacted] as the example.- Summary file shows where the change happened in the old file; in this case there where new executable was added between “Rental Unit Condition Report.exe.doc” and “Autorun.exe”. "28/08/2014 0:00:57.16"Comparing files old_exe_total.txt and EXE_TOTAL.TXT***** old_exe_total.txt 52: c:\Data\Shared\Nancy\- Blank Documents\RE Dept\Rental Units\Rental Unit Conditon Report.exe.doc 53: c:\maximizer\SvrShare\Utilities\Max12_Entre\Autorun.exe***** EXE_TOTAL.TXT 52: c:\Data\Shared\Nancy\- Blank Documents\RE Dept\Rental Units\Rental Unit Conditon Report.exe.doc 53: c:\Data\Users\jennifer\jre-7u40-windows-i586.exe 54: c:\maximizer\SvrShare\Utilities\Max12_Entre\Autorun.exe*****

EASY THING TO CHECK BRAH

AUDIT ALL THE THINGS!

Building an IDS out of GFI MAX

- It takes some effort to build all the event log checks- 2003 OS, 2008 OS and 2008 R2 OS generate different event code codes

<- Setup Account Lockout

<- Setup Audit Policy

Pro Tip: Make sure your LogsAre set to Overwrite asRequired.

EVENT LOG 666 BEAST ATTACK DETECTED #airguitar!

Building an IDS out of GFI MAX for Windows Server 20032003 Server Security Event Reference Guide: http://technet.microsoft.com/library/cc163121.aspx#EKH

517 The audit log was cleared.520 The system time was changed.

529 Logon failure. A logon attempt was made with an unknown user name or a known user name with a bad password.

530 Logon failure. A logon attempt was made outside the allowed time.531 Logon failure. A logon attempt was made using a disabled account.532 Logon failure. A logon attempt was made using an expired account.

533 Logon failure. A logon attempt was made by a user who is not allowed to log on at the specified computer.

534 Logon failure. The user attempted to log on with a password type that is not allowed.

535 Logon failure. The password for the specified account has expired.536 Logon failure. The Net Logon service is not active.537 Logon failure. The logon attempt failed for other reasons.

539 Logon failure. The account was locked out at the time the logon attempt was made.

550 Notification message that could indicate a possible denial-of-service (DoS) attack.

552 A user successfully logged on to a computer with explicit credentials while already logged on as a different user.

630 A user account was deleted.634 A global group was deleted.638 A local group was deleted.643 A domain policy was modified.644 A user account was automatically locked.647 A computer account was deleted.653 A security-disabled global group was created.655 A member was added to a security-disabled global group.663 A security-disabled universal group was created.665 A member was added to a security-disabled universal group.685 Name of an account was changed.

EVENT 1337 CULT OF THE DEAD COW PWNS YOU

Building an IDS out of GFI MAX for Windows Server 2008 R2 & Windows 7

2008 R2 & Windows 7 Server Security Event Reference Guide: https://support.microsoft.com/kb/977519/en-us

5144 A network share object was deleted. 4954 Group Policy settings for Windows Firewall were changed, and the new settings were applied.

5143 A network share object was modified. 4950 A Windows Firewall setting was changed.

5142 A network share object was added. 4948 A change was made to the Windows Firewall exception list. A rule was deleted.

5141 A directory service object was deleted. 4947 A change was made to the Windows Firewall exception list. A rule was modified.

5035 The Windows Firewall Driver failed to start. 4946 A change was made to the Windows Firewall exception list. A rule was added.

5034 The Windows Firewall Driver was stopped. 4780 The ACL was set on accounts which are members of administrators groups.

5025 The Windows Firewall service was stopped. 4761 A member was added to a security-disabled universal group.

4801 The workstation was unlocked. 4751 A member was added to a security-disabled global group.

4800 The workstation was locked. 4746 A member was added to a security-disabled local group.

4781 The name of an account was changed: 4724 An attempt was made to reset an account's password.

4767 A user account was unlocked. 4723 An attempt was made to change an account's password.

4759 A security-disabled universal group was created. 4648 A logon was attempted using explicit credentials.

4749 A security-disabled global group was created. 4719 System audit policy was changed.

4744 A security-disabled local group was created. 4707 A trust to a domain was removed.

4743 A computer account was deleted. 4706 A new trust was created to a domain.

4741 A computer account was created. 4702 A scheduled task was updated.

4740 A user account was locked out. 4698 A scheduled task was created.

4738 A user account was changed. 4649 A replay attack was detected.

4726 A user account was deleted. 4625 An account failed to log on.

4725 A user account was disabled. 4616 The system time was changed.

4722 A user account was enabled. 4720 A user account was created.

PACKET VIPER DEMO

- PacketViper is a bi-directional, Point and Click, Intelligent Geo IP Threat Prevention & Detection Filter. - Geo-IP filtering allows your network to choose places in the world from which it will accept or deny network traffic. - Kelsey Lucas email: kelsey.lucas@packetviper.com

“There is no right and wrong. There's only fun and boring.” – The Plague

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

“Simply the best open-source application vulnerability scanner”

Security Tools for the #hardcore

FOCA (Fingerprinting Organizations with Collected Archives)Downloads all documents that have been posted on a Web siteExtracts the metadata, or the information generated about the document itself. Can reveal who created the document, e-mail address, internal IP, Latitude andLongitude of images, (Internet Protocol) addresses and much more.

“Kid, don't threaten me. There are worse things than death, and uh, I can do all of them.” – The Plague

Vulnerability scanning for auditors and security analysts. Nessus features high-speed asset discovery, patch and configuration auditing, asset profiling, sensitive data discovery, patch management integration, multi-scanner control and vulnerability analysis.

http://www.informatica64.com/forensicfoca/

@Pontobunce

You know when your boyfriendfigures out he screwed up andthen he does something reallynice to make up for it?

Windows 9.

@SwiftOnSecurity

Cloud-based systems utilized by all types of hostile forces

Large scale DDOS Attacks upwards of 100GB/Sec +

Critical infrastructure attacks/ POS infrastructure Attacks

Exploitation of world events to amplify kinetic effects

IPV6, Cellular, Wireless and 64 Bit malware Advanced Persistent Threats

Cross-platform attacks combining mobile devices with traditional infrastructure targets

New nation states and organizations developing offensive cyber warfare capability

Reduction in kill chain exposure

Advanced malware frameworks which perform reconnaissance, exploitation, exfiltration and data destruction attacks using plug-in modules – Flame, DuqueTAYLOR SWIFT INFO SEC THOUGHT LEADER

THE LONG LONG LONG ARM OF ‘MERICA

…and the winner for biggest APT to US Interests is: US Justice Department

Microsoft was ordered on July 31 to comply with a U.S. Department of Justice warrant to produce emails stored at the company's data center in Ireland.

Potentially sets a precedent: Any company with operations in the United States must comply with valid warrants for data, even if the content is stored overseas.

FedEx has possession, custody or control of millions of packages every day, but the US government cannot force FedEx to turn over any of those packages with a subpoena. In order to seize a package in the US, the government needs a warrant. And even with a warrant, the government has no power to force FedEx to turn over packages that are outside the US.

The U.S. Department of Homeland Security on July 5 arrested Roman Valerevich Seleznev, the son of a Russian lawmaker, for what it said were crimes carried out from 2009 to 2011. Roman Seleznev was apprehended in an airport in the Maldives 8 July 2014, the Russian Foreign Ministry said.

CDC & HACKERSPACES ARE LIKE BATMAN

Create, educate and mentor emerging cyber defense talent.

Provide resources and ethical guidance.

Teach responsible disclosure of vulnerabilities.

Provide expert level resources and collective learning opportunities.

Facilitate hands on learning with virtual environments.

Break things and learn to fix them.

Network in both senses of the word.

LIKE A FAT VERSION OF BATMAN

THANK YOUContact Information:SALES / sales@octopitech.com

Special Thanks:@MisterPhisch, @NullStream, @SpasticRobot, @Phoul @5683Monkey, @Straithe, @Nateloaf, & Oli

“IPV 6 will revolutionize how we communicate with the “Internet of Things” like your fridge, car and maybe a toaster oven because some jackass, somewhere decided that putting a web server into a toaster oven was a good idea.” - Ian Trump, 2014

YOU DON’T HAVE TO GO HOME, BUT YOU CANT STAY HERE