Full Report
We just finished presenting an HBN Bootcamp and an HBN Combat Edition in Lausanne, Switzerland. A lot of people don’t know that we do this format – small courses on location worldwide. Its a different vibe to the big courses we do at Black Hat and the like, but it has some real advantages. Here’s the feedback we received – I especially like the nice things they say about me…
Analysis Summary
# Main Topic
This context does not describe a traditional cybersecurity threat intelligence report, threat actor, TTP, IoC, or incident mitigation. Instead, the content focuses on post-event feedback and promotion for specialized, location-based security training courses (HBN Bootcamp and HBN Combat Edition) conducted by SensePost in Lausanne, Switzerland.
## Key Points
- The primary focus is on summarizing participant feedback for small, on-location training courses held in Switzerland, contrasting them with larger events like Black Hat.
- The feedback heavily praises the instructor (Charl van der Walt) for knowledge, delivery, technical depth, and the effectiveness of hands-on labs/demos.
- The HBN Bootcamp was described as providing a "complete overview of the basis of hacking and security."
- The Combat Edition was noted for testing skills, encouraging out-of-the-box thinking, and providing realistic exposure to attack techniques ("spirit of some attack technics").
## Threat Actors
- No specific malicious threat actors or groups were mentioned in the context of an attack or compromise.
- The material discusses training personnel on *how* hackers operate, but does not attribute any specific malicious activity to external groups.
## TTPs
- Mentioned tools/concepts covered in the training include:
- Wikto
- Burn
- General hacking and security foundations.
- Hands-on practical exercises designed to mimic real-world scenarios.
## Affected Systems
- Not applicable. The context refers to systems used for educational training purposes, not compromised systems.
## Mitigations
- Mitigations discussed are implicitly related to improving defensive skills through training:
- Emphasizing practical, hands-on learning ("de la pratique").
- Developing out-of-the-box thinking to counter novel attacks.
- Learning the techniques used by instructors/attackers to better detect them.
## Conclusion
This document serves as positive external validation for SensePost's specialized, intensive, and practical training courses. While it details the structure and quality of security instruction, it contains no actionable threat intelligence regarding active campaigns, vulnerabilities, or required incident response measures. Attendees praised the instructor Jack's ability to convey complex material effectively through demos and interactive labs.