We'd like to thank the conference organizers of ShmooCon for letting us host the "Train the Trainer" sessions this year. We think things went pretty well for our first one. This was evidenced by plenty of people showing up to our talks. We estimate we had around 100 people sit in on the sessions, with about 60 unique attendees, once we accounted for people attending multiple sessions. And this was despite the fact that we were away from the main training area and without prominent signage. But first-year efforts are always quite ad-hoc.

All of our instructors said it was great to meet other people interested in the classes, and to hear perspectives from students and other instructors. We met a number of people from government, industry, and academia who were grateful to the course developers for making their materials available under open source licenses. A majority of the "new" instructors who attended said they are already making use of some of the materials in their own classes, or would soon be.

One professor said he was interested in the Open Security Training classes to help bootstrap a new security curriculum at a college in Ohio. Another attendee told me he was using the Intro x86 class as background knowledge students needed before attending an internal exploits class. Two attendees said they were going to use Corey Kallenberg's exploits classes for starting new internal training. Shawn Valle also heard from people interested in having him teach his class and others who wanted to download the current open material, edit it, and contribute it back. Jose Cintron had someone asking how to give appropriate credit before his material was used for an internal class. Jose also got to have a little fun with one attendee in the vulnerability assessment class who didn't really understand the slide that said "THIS IS NOT A HACKER CLASS!!!" ;)

We will be hosting a similar session at next year's ShmooCon, "Trainer Exchange," which will reflect some tweaks based on what we learned from this one.

Next year we'll put more emphasis on two-way communication between instructors and attendees. It's hard to really "train" instructors in anything in less than 2 hours, but we realize how important it is to have more collaboration with the audience in each given topic area. We'll still be talking about the availability of our material, but want to hear more from you: what open resources do you use, how do you use them, how have you improved training outcomes, etc.

And we'll limit the time of each training session to one hour. This means you won't miss out on two con talks in order to attend one of our training sessions.

These basic changes will allow us to host more talks on more topics next year. Thus we have given the event a new name- Trainer Exchange.

Lastly, we don't want next year's event to consist only of MITRE instructors. So, if you've got open source material and you want to raise awareness, let us know. We'll put you on the schedule for next year.

From myself and all the other instructors from ShmooCon IX, thanks for coming this time around, and spread the word -- we look forward to talking with even more trainers at ShmooCon X and growing this exchange!