Modern technology rides fast on the back of the Moore's law, and security aspects of it are not an exception. Technological books and documentations become irrelevant with respect to specific technical details – and more recently, also with respect to major design points – faster than the publishers are able to turnover the previous edition's stock. Keeping up with it as an e-source is easier and while we update the materials of the Core trainings before each class to incorporate most recent vulnerabilities, technological updates and security publications, it's not enough to stay on top of the field.
Nightly training is a new and experimental conceptual product that aims to fill the gap between the comprehensive and systematical 4-day Core trainings and superficial tweets or blog posts that we can share fast enough on an emerging hot topic of the moment. In the software development ecosystem the term 'Nightly' refers to a literally nightly build of a product, intended for testers and advanced users; pretty much the same concept here, except that we won't do it literally nightly.
A Nightly training would be a compact 1-2 days over-the-weekend hands-on deep-dive into a narrow deep technical topic. A typical Nightly training would cover an important new and emergent topic, though it may be as well a deep dive into an established technology that we can only briefly mention in a Core training on the same general subject due to the time and format constraints. An example of a good Nightly topic would be analysis of a freshly released security patch and creating a proof-of-concept for an unpublished security vulnerability, while learning general techniques and know-how for all stages of the workflow in practice. Another example: reverse-engineering, attacking and system internals of a specific recently introduced interface or functionality in one of the systems that we look after.
Short and fast doesn't meen superficial or unprofessional! Nightly training topics would be offered mainly in our immediate specialization areas that we already cover comprehensively with the Core trainings, and follow closely. Even a narrow topic exposed through the perspective of many-years experience is always a wealth of knowledge, regardless of the complexity level and immediate practical usefulness.
A Nightly training would be structured in the same systematical way as a Core training, starting with abstract models and relevant theoretical concepts, through a comprehensive review of similar implementations and case studies across the industry, and down to a deep dive into the announced specialized topic with hands-on experiments. As such, a Nightly training would be suitable for both experts and beginners.
One of the specific low-end use cases that we target with this product is to help IT staff solve emerging cyber threats effectively by offering them a system of contextually rich theoretical knowledge of immediate relevance to a specific exploit or vulnerability, followed by a guided practical experience with a professional vulnerability researcher. Such a specialized training would enable natural resistance to overhyped security stories, as well as a deeply informed perspective on how to defend their premises from modern cyber threats. In the long term perspective we would like to empower professional in-house Red Teams with such tools and practices that are normally only available to advanced security researchers via private and highly specialized workflows.
On the high end of our target audience spectrum are professional security researchers, who (we know it first hand) are always busy with a few dozens of research projects, and have little time to spare on following all the new bugs and research. As a professional security researcher, as soon as you stop following new technical research, you start falling behind the industry, losing your professional value and the ability to make deep connections in your specialization area – which is a problem that we want to help solve. To be honest, a Nightly training is something that I would like to have for my own workflow, so I opt to make this change publicly for everyone.
Being focused on narrow ultra-specialized topics, Nightly trainings are not supposed to replace Core trainings. They will not give you a comprehensive in-depth perspective an a whole class of systems, and thus will not enable you to make effective decisions at choosing an attack vector, for instance. Nightly trainings would be designed as a somewhat self-contained supplementary material for the Core trainings, letting you dive in deep new topics faster.
A Nightly training will not include a Zero Day Engineering certificate, as it doesn't guarantee the kind of comprehensive subject acquisition that you can show off to your boss to back a promotion request. Instead, we will be offering some cute collectibles upon each Nightly training completion, such as laptop stickers that can later be exchanged for a special certificate or some other proof of achievement.
Nightly trainings will be announced on a relatively short notice – one month or less – and livestreamed only once. After the livestream completion the material will be partially merged in the respective Core training, while the complete recording of it will be transformed into a self-paced e-learning product.
Nightly trainings will be held only online this year. We've honed our online content delivery strategies for many months now, and our attendees seem to be quite happy with it.
The audience for Nightly trainings would consist of professionally employed security researchers and software engineers. We will not be able to accomodate anonymous entries, unless the specific topic permits that.
Written by Alisa on 17 February 2021.