// Workshops

Learn what hackers actually do when they attack websites, you’ll be hands-on in this workshop learning the tricks of the trade and hacking some simulated web apps. Your instructor Adam Langley has over 20 years experience in web app security and web development. He runs Hacking Hub, a website teaching web app security and has built training materials for top cyber security companies and spoken at several conferences including DefCon.

09:30 – 12:00 & 14:00 – 16:30

Infoblox Pre-emptive Security Workshop

Have you ever seen on stickers & memes or heard people say “It’s always DNS”?? This workshop will be an interactive walkthrough of the truth behind the memes, we’ll teach you the importance of the protocol, its history and how it’s shaped the internet as we know it today. We’ll take you through examples of how bad actors (the criminal ones, not the Hollywood ones) use and abuse the protocol to hide in plain sight, masking their infrastructure, pretending to be something they aren’t and how they walk straight through most typical defences. And of course we’ll show you how you can defend yourselves and your companies…. At the end of the workshop you’ll understand how you can adopt a pre-emptive defensive mindset and why that is so important in today’s cyber landscape.

09:30 – 12:00 & 14:00 – 16:00

This series of three workshops is for business leaders and senior cyber leaders. By working together you will bridge the divide of understanding between the financial and the technical. While attending one will help, the three workshops are delivered by three organisations with alternative, but complimentary, perspectives on how to approach cyber risk quantification, so we recommend attending all three.

10:00 – 11:30 | Making Cyber Risk Make Sense: Quantification, Threats, and Exposure

This workshop is designed to bridge the gap between cyber risk discussions and buisness-level understanding. Over 1 – 1.5 hours, we will explore the foundations of cyber risk quantification. Through a facilitated case study, participants will apply these concepts to assess cyber threats and exposure, gaining practical insight into how quantification can support clearer communication, improved prioritisation, and more informed risk decisions.

12:30 – 14:00 | Find the Cyber Risks in your Business (Before Someone Else Does)

You don’t need a technical background to understand where cyber threats could hurt your business. In this hands-on 90-minute workshop, we’ll walk you through the RROC framework to identify risks across four critical areas: Revenue, Reputation, Operations and Compliance. All you need is a working knowledge of your business and how it uses technology or relies on suppliers.
You’ll finish with a clear view of your risk areas, practical questions to put to your IT team or provider, and steps to address anything that needs attention.

14:30 – 16:00 | Business cannot take the cyber heat(map) – time to get a new kitchen

In this workshop, we will explore some of the issues when trying to use a traditional 5×5 heatmap when analysing and presenting cyber risks within your business. We will then move onto some of the fundamental principles of quantitive risk analysis, covering some of the advantages as well as the limitations. We will delve into a significantly simplified monte carlo method that can be used to model quantitively and use the Cydea risk platform to bring this model to life with practical application using simulated (or real!) data from yourselves.

Attendees should finish this workshop with a better understanding of applying quantitive methods to better model and communicate their cyber risk to executives and board members.

Adopt the adversary’s perspective and protect the island from extinction.

Welcome to Isla InGen where prehistoric wonders meet modern-day threats. Join Pentera for an immersive, red teaming workshop that drops you into the heart of a cyber crisis. A rogue hacktivist group known as Epoch is targeting the island’s digital defenses. Your mission? Step into the adversary’s mindset, uncover security gaps, and stop the threat before it triggers chaos.

You’ll get hands-on with the Pentera Platform to: Emulate real-world cyberattacks across multiple threat vectors using the first adversarial co-pilot Test your defenses against ransomware, leaked credentials, and insider threats Deliver remediation plans that protect the island’s most critical assets It’s hands-on and high stakes. It’s your chance to protect the species and preserve history.

Important: This workshop is intended for senior cybersecurity professionals with at least 2 years of experience. Please bring a laptop and charger. If your work device restricts tools like SSH or Putty or limits software downloads, we recommend bringing a personal laptop to ensure full access to the Pentera lab environment.

09:30 – 12:30 & 14:00 – 17:00