This course is designed for professionals seeking a comprehensive technical ability to understand, analyze, and defend the various wireless technologies that have become ubiquitous in our environments and, increasingly, key entrance points for attackers.

Upcoming Training Sessions: 

Amsterdam, Netherlands | May 20 – May 25, 2019

SansFire | Washington, DC | June 17 – June 22, 2019  

This course provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.

Online Classes 

SANS Secure Singapore | March 11 – March 2019

ICS Security Summit & Training | Orlando, FL | March 20 – March 24 2019

SANS Orlando | Apr 1 – Apr 5 2019

SANS Security West | San Diego | May 9 – May 13 2019

SansFire | Washington, DC | Jun 17 – Jun 21 2019

ICS Europe | Munich, Germany | Jun 25 – Jun 29 2019

This course is designed to expand past the methodology and the ‘how’ when we are presented with the challenges of web penetration testing, and dig into the more esoteric ‘why’ these techniques and tools work, so that you can adapt as needed in your assessments.

Online Classes 

Secure Japan | Tokyo, Japan | Feb 18 – Mar 2019

This course teaches hands-on penetration testing techniques used to test individual components of a control system, including embedded electronic field devices, network protocols, RF communications, Human Machine Interfaces (HMIs), and various forms of master servers and their ICS applications. Skills you will learn in this course will apply directly to systems such as the Smart Grid, PLCs, RTUs, smart meters, building management, manufacturing, Home Area Networks (HAN), smart appliances, SCADA, substation automation, synchrophasors, and even IoT. This course is structured around the formal penetration testing methodology created by UtiliSec for the United States Department of Energy.

BlackHAT Europe | London, UK | Dec 3 – Dec 6

BlackHat USA 2019 – TBA

This course begins with core system lockdown, then moves on to application defense, where we create least-privilege and well-confined configurations that break exploits. Using defense-in-depth, students will not only create jails but also tune the server programs within them to keep exploits from reaching their vulnerable code. For example, students will jail the a web server with SELinux, AppArmor and a Linux container, configure the server for increased resilience, and deactivate modules to remove vulnerable code. Then we’ll use remote code execution exploits and compare before/after, seeing how our defense broke the attack. Once we’ve accomplished all of this best practice work, we’ll get deeper protection from applying the latest security technology to better deflect attacks.

BlackHat USA 2019 TBA 

SEC560 is designed to get you ready to conduct a full-scale, high-value penetration test and at the end of the course you’ll do just that. After building your skills in comprehensive and challenging labs, the course culminates with a final real-world penetration test scenario. You’ll conduct an end-to-end pen test, applying knowledge, tools, and principles from throughout the course as you discover and exploit vulnerabilities in a realistic sample target organization, demonstrating the skills you’ve gained in this course.

Mentor Session SEC560 | Boca Raton, FL | Feb 7 – Feb 22, 2019