"The growth of the events (conferences, trainings, webinars) dedicated to hardware security demonstrates a positive impact on the communities which are brought together (academics, hacking scene, infosec professionals…) and I have always been very thankful to the Hardwear.io team for making all this possible.
All these years, I have been participating as a speaker or an attendee and Hardwear.io (especially the NL conference) is an event I wait for and I cannot miss. The lineups are always amazing, and as a hardware and radio security enthusiast, I am interested in 100% of the talks, which is kind of unusual in other events. More importantly, I met people which are both among the best in their technical fields and very kind and open minded persons. The spirit and the scale of the event gives the opportunity to reach people and the time to exchange views."
by José Lopes Esteves, ANSSI
"This was a very information-dense training, quite challenging. Multiple new concepts in play simultaneously. Despite that, everything was introduced well, the materials were easy to work with, and there was no hard requirement to successfully follow everything on the spot. This allowed the room to get hands-on without undue pressure. Learned a ton, thank you so much!"
by Aaron Kondziela, NCC group
"Great course. I’m recommending my coworkers attend this class"
by Jonathan Densford
"In my opinion, Hardwear.IO is truly a unique event for the hardware security community. It combines hands-on experience with cutting-edge research in an informal and open-minded atmosphere like no other event with a strong focus on hardware security. The mix of excellent research talks on applied research, hands-on trainings and various hacking contests with a clear focus on hardware and embedded firmware security characterizes this event. Hardwear.IO thus addresses a wide range of interested parties, curious students and researchers to professionals."
by Marc Stöttinger, Professor at RheinMain Uni of Applied Science
"Over all the years the hardwaer.io stayed true to their name and not only delivered a top quality conference, but also had the best quality T-shirts with various creative designs featuring the iconic Hardwear Bug we all are hunting for. Stay up with the good work and we are looking forward to next year."
by Heiko Ehret, Schutzwerk
"Easily the best and most useful security training I have ever taken. Was fun, interactive and I learnt a huge amount. Very very practical too. Cannot say enough good things about Hardwear.io"
by Raghupathy Krishnamurthy, NVIDIA
"One of the best trainings in the last years HWIO"
by Peter B
"Great course, hope to see more from Olivier training wise in the coming years!"
by James McKee, Interrupt Labs
"I have got the opportunity to follow Thomas Roth’s training on Applied Fault Injection and I was really satisfied with its content. The training was mostly hands-on, starting from the basics to more advanced techniques. We could play with several targets, including a damn vulnerable wallet designed by Thomas. A must-have training to whom interested in discovering FI. "
by Samuel
"Eric's Ghirdra training was great. The content was very well structured and the hands-on exercises really pushed you to learn quickly. The event organization was flawless, one can see that the Hardware.io team has gathered lots of experience. I'm definitely looking forward for my next training session."
by Pablo Endres, SevenShift GmbH
"It was my first hardwear.io hence the training of firmware reverse engineering with Ghidra was great. The training was in dept technical with specific methods & approach to reverse engineer embedded devices. Since the topic is huge, more time is required to complete the lab exercise. I also met absolutely nicest people and got more than I was expecting. Really appreciate you guys for doing all the heavy-lifting and arranging events like this."
by Tomi Koski
"The online training given by Olivier Thomas at Hardwear.io about IC Reverse Engineering & Code Dump reaches two main goals : pedagogy & in-depth knowledge about how to efficiently identify integrated circuit parts and how to reverse engineer them. I highly advise this training for any risk analyst that should take in account in-depth attacks."
by Mohammed Ismail, CSEM
"I have 20+ years of experience in ASIC development and testing, and took the course IC Reverse Engineering & Code Dump by Olivier Thomas to get an insight in doing my previous work, but in reverse. It was clear from the first day of the course that Olivier is very experienced and knows what he is doing, and he proved to be an excellent tutor. The course was well planned out to work as a remote session and covered everything from sample preparation, transistor reverse engineering basics, reverse engineering of more complex cells as well as giving a great overview in the required next steps to analyze an ASIC design. In the four days of the course, Olivier also provided lots of useful tips and hints of many common pitfalls that I can’t see that I would have learned from someone that didn’t have the experience that Olivier has. I would have happily spent another four days to soak in even more of all the details."
by Björn Ärleskog
"I’m a device penetration testing team manager. The information provided by Olivier Thomas at Hardwear.io were of really high quality and really acted as an eye opener. Even though I won’t be using the techniques directly, I highly enjoyed the training and have found useful information for risk evaluation while studying new devices."
by Simon Gillet
"The training with Olivier on IC reversing and silicon attacks was very insightful, as he did an awesome job in conveying his vast experience on the subject. I have recommended this training both internally and externally to anyone who wants to know more about the subject with a very hands on approach."
by Carlo Maragno, Riscure
"The instructor was great and the training exceeded my expectations, I feel a lot more confident with interacting with the CAN bus and I will definitely be keeping the slides/labs for future reference."
by Joshua Anderson, Leviathan Security
"Was a great class that made a complex topic much more accessible. Provided good practical exercises starting out from the basics and diving deep into the guts of a modern baseband firmware. Students leave the class able to find and triage vulnerabilities in current-generation phones with a roadmap for where to go to explore deeper on their own."
by Jesse Michael, Eclypsium
"Oliver's skill level is extremely rare, and I appreciate hardwear.io providing this level of training. I'm impressed with the depth of material, labs, and hands on experience reversing silicon. The training covers die component identification, analytical extraction techniques, transistor level reversing, netlist extraction, and much more. Oliver is willing to dive deep into questions that left everyone feeling like they extract ROM immediately afterwards. It's more than I could have imagined."
by Ken Nierenhausen, Somerset Recon
"Marius and Fabian did an excellent job teaching the course. The practice labs were helpful in reinforcing the concepts taught prior. I'm a relative beginner in the RE space so it took me a bit longer to complete some of the labs, but the walk throughs provided after each example were thorough and included their thought processes of each step."
by Aaron Tobias, KBR
"Really outstanding. Both Dominik and Marius did an AWESOME job at presenting all the materials and concepts. It was three days full of fun and motivating activities through which, I have to say, I learnt A LOT. There was not a single thing that I would change… We started with real phones, worked on information extracted from them and then we went back to the real world to see how the vulnerabilities that we found could be exploited. Really good training from the start to the end. I really recommend this one."
by Jesus Berian, Medtronic
"Outstanding training. The labs are very well organized, very easy to use, in a cloud environment. The trainers are always willing to give help, and also they provide us with videos explaining how to solve some particular exercise.Each lab is a docker container, and the different boot images are emulated using Qemu. In order to solve the labs you need to analyze the serial output obtained in the boot process, maybe do some modification in the image using an hex editor, to do the reversing we used Ghidra, and we also did some debugging and memory patching using gdb.
The slides explain the structure and different configurations of the boot process in embedded devices, how Secure Boot works, some cryptographics principles related to Secure Boot, and also more advanced techniques like fault injection and glitching attacks are covered.
Also in the exercises Secure Boot attacks are covered and fault injection and glitching attacks are emulated using
Python scripts. It was a great experience for me. I’ve learned a lot of new things."
by Damian A. Ulanowicz
"The course was super useful with great content and magnificent lab exercises. Niek and Cristofaro have done a wonderful job on the course, they were helpful and full of knowledge and experience. I'm really glad I attended this course and looking forward to my next course in Hardwear.io."
by Waleed Alzamil, Center of Excellence in Information Assurance – King Saud University
"This course will change the way you look at Secure Boot. As someone who has previously done research on Secure Boot, this training was amazing. The trainers walk you through the concepts of secure boot while showing you what can go wrong in every stage. This is further emphasized with hands on assignments in each topic using an emulated device setup and real-world examples. Beyond the planned curriculum, the discussions with Niek, Cristofaro, and the other students gave insights into different perspectives and industry specific use cases. I would highly recommend this training for both new and experienced researchers which are interested to deepen their understanding of secure boot."
by Benjamin Meisels, Cymotive
"The online course on side-channel attacks by Stjepan and Lejla, which was held in the Spring of 2021, and organized by Hardwear.io, was a great learning experience. Not only were the theoretical topics covered in a pedagogical manner, but the provided Python code for performing classical side channel analysis as well as more advanced techniques in the realm of machine and deep learning, has shown to be invaluable in the aftermath for self study and further exploration and experimentation. They have also been very helpful if I had any questions after the course was finished, issues that arise once you delve deep into the material on your own. Another positive note is that the virtual classroom worked surprisingly well. I would highly recommend this course if you are looking for a lab-oriented covering of classical and modern (read: machine learning and deep learning) side channel analysis Approaches."
by Tomas S
"The instructor was one of the best I've had in a training. He was very knowledgeable, very nice, and despite me asking a bunch of basic questions he was always willing to help."
by Gulshan Singh, Google
"Everything was genuinely great! I am really satisfied, learned a lot, had fun and will definitely recommend it to anyone who is interested. Thank you! "
by Ben Burkatovsky
"Really great training, thank you very much! I particularly enjoyed the hands-on parts (attacking the PLC and the RF capture/replay)."
by Tim auf der Landwehr, Fox-IT
"This past week I attended the hardwear.io - Hardware Security Conference and Training on Advanced Microcontrollers Firmware Exploitation. The instructors, Alexander Bolshev & Tao Sauvage were beyond excellent. This conference helped further my knowledge and understanding of how to conduct non-invasive exploitation methods (buffer overflows, fuzzing, bootloader vulnerabilities, & much more). The material taught was very understanding with plenty of time to complete the labs. The instructors were extremely helpful when a topic was unclear and answered every question with ample knowledge. I have left this conference with much more knowledge than I had before. I highly recommend a hardwear.io - Hardware Security Conference and Training to anyone who wants to further their knowledge on the latest exploitation methods."
by Layne Magee
"The Hardwear.io conference is a great way to learn new tricks, meet like minded people, find (new) colleagues and meet new clients.The trainings are hosted by the industry leaders. The SDR Hacking Essential: Break into most RF communications training by Sébastien Dudek of Penhertz exceeded my expectations. It was great technical training with awesome hands on exercises."
by Jilles Groenendijk, Deloitte
"Everything was nicely organized. The training itself was good as usual and I learned a lot. Sebastian knows his stuff!"
by Radjnies Bhansingh, Securify
"It was my first time at both the conference and the training, Sebastien rocks in the explanations, the training was rich in exercises and really instigates our thinking. The conference was an amazing experience, especially for bringing hardware aspects that are still largely neglected in the cybersecurity and also because it is rich in technical content. As my career focus is Hardware Security, I was delighted with the experience and eager to participate in the next ones."
by Ana Carolina Lopes de Almeida Santos, Embraer