OpenSecurityTraining2: Free Deep-Technical Training

Presented at ShmooCon 2023, Jan. 21, 2023, 4 p.m. (30 minutes).

At ShmooCon 2012, Xeno talked about OpenSecurityTraining.info (OST1), an at-the-time newly-launched hobby project to make his own and others’ deep-technical computer security trainings freely available online. In the summer of 2021, Xeno re-launched OpenSecurityTraining2 (OST2, ost2.fyi) as a 501(c)(3) non-profit. The new site has much higher quality classes, recorded specifically for online delivery. In this talk we’ll briefly show the depth of the trainings OST2 already has freely available on topics like assembly, reverse engineering, firmware, and vulnerability hunting. And, we’ll discuss both near-future new content and decade-long plans for OST2.


Presenters:

  • Xeno Kovah
    Prior to working full time on OpenSecurityTraining2 (ost2.fyi), Xeno Kovah (@XenoKovah) worked at Apple designing architectural support for firmware security and code auditing firmware security implementations. A lot of what he did revolved around adding secure boot support to the main and peripheral processors. He led the efforts to bring secure boot to Macs, first with T2-based Macs, and then with the massive architectural change of Apple Silicon Macs. Once the M1 Macs shipped, he left Apple to pursue the project he felt would be more impactful: creating free deep-technical online training material and growing the newly created OpenSecurityTraining 501(c)(3) nonprofit.