For 2023, we have decided to change our training strategy. We will focus on conferences, events and private trainings.

Over the last couple of years, we have taught each class twice a year in events organised by us. One thing we have learned is that we are not really good at promoting events.
So we are going to focus on what we are good at: teaching IOT and ICS security.
We will continue to do offer all our service related to security, but reduce our efforts in event promotion.

We are already lined up for the following events:

  • NULLCON Berlin – 6-8 March 2023 – link
  • Romhack 2023- 13-15 September 2023  – link

And will still organise the winter trainings ourselves:

  • IoT Security Bootcamp Cologne –  21-23 November 2023 – link
  • A&E Control Systems and IIoT Cologne -17-20 October 2023 – link

If you think our trainings would be a good addition to your event or would like to organise a private or semi-private training please let us know.
We are more than happy to be a part of the call-for-training (cft) process.

We are really excited to announce that we have been selected to be part of the BruCON 0x0E Spring Training and BruCON 0x0E Conference Training🥳 🎉

This is one of the best security conferences in Europe and by far our favorite !

We will be teaching the IoT Security Bootcamp live and in-person for the first time in more than two years.

  • Spring training will start on April 20th, 2022
  • Conference training will start on September 26th

Both will take place at the Novotel Mechelen in Belgium. For more details see the BruCON 0x0E Conference Training or book your spot here

Both editions have the same curriculum of hands-on IoT hacking and include an IoT Security Hacking Kit. The training covers all aspects of IoT Security, from the technologies and testing methodology to the vulnerabilities.
The main topics are: hardware and firmware hacking, BLE, software defined radio (SDR). More details can be found here.

If you want to come and do the training in Cologne, Germany, we will be running this class starting on September 7th. Book your spot here

See you there!

What a year!
2020 was an interesting and challenging year. It was full of changes and surprises. The world changed and we had to constantly adapt to the development of the Covid-19 situation.

We, at SevenShift, want to give a special thanks to our customers for trusting us and letting us do what we love most: making IoT a more secure place! Thank you for flexibility and trusting us.

In a world with so much uncertainty we had lots of fun things to do: from assessments based on the new ETSI EN 303 645 Cyber Security for Consumer Internet of Things norm, delivering our Trainings online and testing lots of fascinating IoT products and ecosystems.

Trainings

This is one of the few things we can talk about openly, being 100% sure that we will not get into trouble with our NDAs.

 

Online IoT Security Bootcamp 2020

We love creating and delivering trainings, and we are very happy and thankful for all the private and public trainings we hosted this year. All of them were supposed to be on site, but due to the pandemic situation, we had to switch to online training. These are a different beast, which require adapting material, logistics, setting up a professional streaming station, and having students eager to learn and up to the challenge.

The feedback we received from our students was just overwhelming, here is just a sampling of it:

-“This training is one of the best training courses I have been able to attend. A lot of knowledge is imparted here, but in a very understandable way. Furthermore, each section of the training includes practical exercises in order to better understand the knowledge imparted. This training can only be recommended.”

Eric Schmieder – Embedded IoT Hardware Professional at DEUTSCHE TELEKOM IOT GMBH

 

-“IoT Security Bootcamp by SevenShift” is probably the best training I have attended so far. The bootcamp covers a broad aspect of IoT, it is well-structured and engaging, it surely deepens my interest in IoT vulnerabilities. Due to the coronavirus crisis, the bootcamp was held online, and Pablo is well-prepared for this! He communicates with the participants clearly before the bootcamp, the hacking kit arrived safe and sound, and the bootcamp was conducted in a timely manner. Pablo was able to assist in troubleshooting issues despite we are not in the same physical site. One can really notice his experiences and passion on the topic!

WenSin Lee – Cybersecurity expert at TÜV SÜD

Public speaking

Along with our IoT and IIoT Security Trainings, we also got to speak and hold workshops at several public conferences like the Building IOT in Essen (our last event in person), Bsides Munich, HEK.SI and the BarSecCamp Cologne. Thank you so much for the opportunity to share my knowledge and enthusiasm!

Videos are available online from most of these events. Please let us know if you need a link.

Clients and Projects

From a security perspective, this year was very active. We had a big surge in work for clients, including certification and testing of multiple IoT devices and ecosystems.
One of the big challenges we took up is performing assessments based on the ETSI EN 303 645 Cyber Security for Consumer Internet of Things norm. This is a very positive development for the IoT world and hope to see regulatory requirements associated with the standard in the next couple of years.

All of this has only been possible with the support of our team, colleagues, clients and partners. Thank you so much to everyone involved in our journey. We are grateful for your engagement, expertise, patience and desire to reach our mutual goal!

To sum up, 2020 has been very challenging, but fun and fulfilling. We look forward to seeing you in 2021 because we have a lot in store for you!

 

Impulses and interaction for everyone in the European Cyber Security Month (ECSM) 2020

 

– Virtual, free & informative

– Every Wednesday in October from 19:00 – 20:30

 

In October, the official European Cyber Security Month, we serve up every Wednesday evening tips for safe, digital behavior: for employees and employers in home office, for frustrated administrators and for entrepreneurs, who want to prepare for the worst case scenario of a security incident.  Topic-specific impulse lectures and panel discussions stimulate the appetite, in order to be able to exchange themselves afterwards with experts and the other participant inside. The digital security party focuses on interaction with each other.

 

Drinks & Dialogues

Like at a real party, the physical well-being should not be missing. All participants are invited to provide themselves with snacks and drinks. As a basis for constructive dialogues and good cooperation at eye level, we are happy if all guests use the camera function.

 

The action

The European Cyber Security Month was initiated by the European Union Agency for Network and Information Security (ENISA) and takes place every October. In Germany, the Federal Office for Information Security (BSI) coordinates the event. The actions are aimed at a broad target group from private users to a professional audience. This year, the main focus is on two topics: digital skills and online fraud.

We at Security Canapés have chosen four different focuses, which firstly cover a broad target group and secondly address the biggest challenges from this pandemic year. The individual events will be introduced by impulse lectures from our experts, but should then also be open to technical questions from the participants. In this way we hope to achieve the best possible benefit for all participants.

 

Host

We are an association of security companies and private individuals with IT security backgrounds. We would like to sensitize for security in the digital space and make information about this available to every person in an understandable way. We act jointly in the sense of the topic and without profit.

 

RSVP

The Security Canapés is open to all interested parties. Participation is by registration via https://pretix.eu/povigo/canapes/ until 12 noon of the respective day of the event. As soon as the registration is completed, a place on the guest list is secured. Shortly before the event starts, each participant will receive a link to the event. We use BigBlueButton for the event.

 

Dates: 07.10. / 14.10. / 21.10. / 28.10. each 19:00 – 20:30 o’clock

Contact / Registration: www.securitycanapes.de, mail@securitycanapes.de

 

We just finished our first online bootcamp a couple of weeks ago and we have received multiple requests to open a new training before the summer break. We have heard you and here are the basic details:

Start: Tue,  2020-07-07 08:30​
Finish: Thu, 2020-07-09 18:00​
Last day registration: 2020-06-21
Location: Virtual Classroom

Given the current logistical challenges, we can only ship the IoT Security Kit inside Europe. We need to send them two weeks in advance, to make sure that they are delivered on time.

The class will be taught live and personal by Pablo, with the same passion and quality that characterizes us.

 

We got great feedback from our last class:

“I definitely learned a lot and I am sure that I will continue to benefit from the comprehensive course material. Pablo provided me with a very good introduction on the topics we discussed during these three days. I especially liked the second day where we looked into firmware analysis and the following part on debug interfaces. The hands-on exercises were a lot of fun and helped letting the new concepts sink in. It is so motivating so see something that was discussed theoretically work out on a real device and it is just as important to see what may go wrong (because we all know that live is never just as easy). I could tell that Pablo brought a lot of expertise into the lessons and has spent quite some effort in preparing the course material, environment, tools and devices for us. Thank you so much for having me.

Thank you so much for having me”.

Christoph Groß – Junior SW Developer, Automotive OEM Engineering
Garmin Würzburg GmbH 

Join us and learn how to hack IoT devices: firmware, wireless, hardware, Bluetooth and much more!

If you are still not sure if this is the best fit for you, book a call with Pablo.

For more information:

Due to the current situation of the COVID-19 pandemic, we will be delivering our upcoming trainings online. Read more

We are very glad to sponsor the second edition of SecCamp Cologne 2020.  We attended the first edition last year and had a great experience!

The event will take place on the weekend of April 4th and 5th 2020. However, due to the Coronavirus pandemic, the organizer will instead launch an experimental, fully virtual SecCamp, from 13:00 CEST (UTC+2) to 18:00 CEST (UTC+2). The vSecCamp will be held via video conferencing service.

SecCamp is a security event designed for people interested in network, application, and information security. The program will cover current research topics from different areas such as hardware, software, industrial controls and networks, cloud services, security in the daily practice and human factors.

As usual, proposals will be heard at first, the agenda will be planned, and then multiple 45-minute sessions will be held in parallel.

We were really impressed by the quality of the talks last year.  Hope to see you there!

 

 

Follow us on Twitter, LinkedIn or Xing to get updates.

We have been selected by the CIO Applications Europe magazine to be part of their top 10 IoT companies in Europe. We share the spotlight with companies like: DeltaM2M, Green Tropism, Overkiz and Net4Things.

Additionally we have been awarded the cover story!

Read more

We finally have the confirmed dates for our 2020 IoT and IIoT Security Trainings! 

Read more

We are very glad to announce that we will be part of one of the biggest IT Security events of the world: Black Hat!

This prestigious event (European edition) will take place at the Excel London from December 2nd till December 5th,, 2019; and it is a great opportunity for all security professionals, both offensive and defensive hackers to keep their skills sharp in order to defend tomorrow’s InfoSec landscape, and to grow their network with colleagues from all over the world.

This year, our very own Pablo Endres will be co-teaching the Assessing and exploiting control systems & IIoT Training along with the world-renowned trainer Justin Searle. It is a four day training, that will cover the basic control system concepts, systems, and devices; hands-on exercises performed on a mixture of real world and simulated devices to provide participants the most realistic experience as possible; architecture reviews of major ICS and smart grid systems; introduction to Control Things Platform and NESCOR methodology for penetration testing; assessing and exploiting ICS Communication Protocols, ICS RF Communications, ICS Embedded Electronics and more.

We will be adding this training to our portfolio coming 2020. Please contact us if you are interested in a private class or follow us on social media to find out when and where the public classes will take place.

If you have any questions or just want to reach to us, please do not hesitate to contact us and we will provide any additional information you need.
We are looking forward to seeing you there!