All training for #OBTS v5.0 are now sold out.


Also, due to high demand there now, are no more rooms available at the conference hotel on Monday, Oct 3rd (the first day of trainings). Other dates (Tuesday, Oct 4th+ are still available).

Other nearby options include:
👾 🔬  "The Art of Mac Malware: Detection & Analysis" (Oct. 3rd - 5th)
Learn the tools & techniques to comprehensively detect and analyze threats targeting macOS.

As macOS grows in popularity, so does the prevalence of malware targeting this platform ...including those designed to run natively on Apple Silicon.

Ever wanted to learn exactly how to tear apart these malicious creations in order to reveal their inner workings? Or how to craft tools capable of programmatically detecting even new threats? Here's your chance!

In this content-packed three-day course, Mac security expert and author Patrick Wardle will teach the tools and techniques needed to comprehensively analyze and understand malware targeting Apple's desktop OS. Moreover, we'll discuss heuristic-based approaches to programmatically detect such threats.


Patrick Wardle is the creator of the non-profit Objective-See Foundation, author of the "The Art of Mac Malware" book series, and founder of the "Objective by the Sea" macOS Security conference.

Having worked at NASA and the NSA, as well as presenting at countless security conferences, he is intimately familiar with aliens, spies, and talking nerdy.

Patrick is passionate about all things related to macOS security and thus spends his days finding Apple 0days, analyzing macOS malware, and writing both books, and free open-source security tools to protect Mac users.

"Arm Reverse Engineering & Exploitation" (Oct. 3rd - 5th)
Go from zero to shell, by learning Arm 32-bit & 64-bit assembly, reversing binaries, debugging vulnerabilities, and writing exploits.

For researchers aiming to keep up with the latest technology trends, the Arm architecture has become more relevant than ever. Until recently, Arm assembly was mostly found in mobile and IoT devices. Nowadays, more and more laptops and servers are based on the Arm architecture. Now is the perfect time to level up your skills with the most beautiful assembly language: Arm!

The first day of this course is designed to give you a deep understanding of the Arm architecture and the A32 and A64 instruction sets. Not only will you learn how to read Arm assembly, but you will also develop your own assembly code (shellcode) to deepen your understanding.

During the second day, you will use your newly acquired assembly knowledge to perform static and dynamic analysis of compiled programs, as well as debug memory corruption vulnerabilities.

Based around two real-world router firmware targets, the third day will teach you the process of building and debugging memory-corruption exploits from scratch, and develop advanced mprotect ROP chains to exploit a vulnerability in real router firmware.


Maria is the founder and CEO of Azeria Labs, offering services and trainings at top-tier security conferences including Black Hat and Infiltrate, as well as on-site private training and consulting for large tech companies and law enforcement agencies. She holds a Bachelor’s degree in Corporate and IT Security and a Master’s degree in Enterprise and IT Security and served as the Chief Product Officer for the Arm virtualization startup Corellium.

In 2018, Maria became a Forbes “30 under 30” list member for technology, has been featured in magazines such as Vogue Business Magazine, and was named the Forbes Person of the Year in Cybersecurity 2020. She is a member of both the Black Hat® EU and US Trainings and Briefings Review Board. Her research focus is on Arm reverse engineering and binary exploitation. Maria worked on exploit mitigation research alongside Arm in Cambridge and continues to educate security researchers and developers around the world on attacking and defending Arm binary applications. In 2022, she published her first book on Arm Assembly Internals and Reverse Engineering through Wiley.

"Threat Hunting macOS" (Oct. 4th - 5th)
An in-depth and hands experience, for those looking for a deep dive into using macOS internals to their advantage for threat hunting.

Whether you're new to threat hunting or an experienced threat hunter this two day course will bring an in-depth and hands on experience to those looking to deep dive into using macOS internals to their advantage for threat hunting. Learn how to use the less commonly used artifacts to hunt down malicious activity in your environment.

This course uses simulated attack data collected with the Apple Endpoint Security Framework and teaches attendees how to connect the dots to determine what took place on the system.

Topics are discussed in presentation form and then applied via hands on labs. Among the different topics explored are
  • Exploring the process tree and understanding process creation
  • Understanding the complications of XPC
  • Tracing the steps of real malware samples and determining the scope of the attack
  • Hunting using the lesser explored pid values
  • Hunting using macOS and Unix specific technologies
  • ...and much more!
Attendees will walk away with a solid understanding of the system internals knowledge required for threat hunting on macOS as well as a new set of investigation skills.


Jaron has a background in incident response and threat hunting across Unix based platforms. He currently works as the macOS detections lead for Jamf Protect.