"Train the Trainer" Event at ShmooCon

January 24, 2013
Cyber Training: Post by Xeno Kovah

ShmooCon has agreed to do something a little different this year. Unlike many conferences, ShmooCon has avoided offering paid training. This year we proposed to host a "Train the Trainer" event, and they accepted. So what we'll be doing is talking to people who already know the content from the classes hosted at OpenSecurityTraining.info, and describe to potential new instructors how they can use this material to teach their own classes.

As I described at ShmooCon 2012, there are fundamentally two ways to get a significantly larger number of computer security professionals. One way is to target self-directed students. We do this by making material openly accessible so that students can watch classes at their own pace. This is the same strategy that sites like KhanAcademy, Coursera, and Udacity use. The second path to more professionals is finding more instructors. Our open source material can thus also be used by new instructors to get started teaching quicker. Or existing instructors can borrow just the bits they find useful. This is the strategy historically taken by OpenCourseware.

While we're still working out the exact schedule, we will be running two parallel tracks in Congressional rooms C & D, which will have limited seating. You can expect to see the following instructors talking about the following classes throughout the conference. If you or any of your technical colleagues are going to be attending ShmooCon, you should stop by and learn more about what sort of class materials we have and what sort of lessons instructors have learned through teaching these classes.

My classes, prerequisites for other classes, but also building up to the Rootkits class:
http://opensecuritytraining.info/IntroX86.html
http://opensecuritytraining.info/IntermediateX86.html
http://opensecuritytraining.info/LifeOfBinaries.html
http://opensecuritytraining.info/Rootkits.html

Corey Kallenberg's classes teach how memory corrupting exploits work on Linux and Windows:
http://opensecuritytraining.info/IntroductionToSoftwareExploits.html
http://opensecuritytraining.info/Exploits2.html

Frank Poz's classes, which teach about generic reverse engineering, and then specifically reverse engineering malware:
http://opensecuritytraining.info/IntroductionToReverseEngineering.html
http://opensecuritytraining.info/ReverseEngineeringMalware.html

Ariel Segall's class on trusted computing technologies:
http://opensecuritytraining.info/IntroToTrustedComputing.html

Jose Cintron et al's class, starting people off with the basics of vulnerability assessment, before digging into more detail in other areas in future to-be-released classes:
http://opensecuritytraining.info/IntroductionToVulnerabilityAssessment.html

Shawn Valle's class on Android forensics & security testing:
http://opensecuritytraining.info/AndroidForensics.html

If you happen to stop by on account of this post, tell me the blog sent you ;)