Current Scheduled Classes
Larry Pesce
Director of Research
Meet Your Instructor
Larry is a Director of Researcht with InGuardians after a long stint in security and disaster recovery in healthcare, performing penetration testing, wireless assessments, and hardware hacking. He also diverts a significant portion of his attention co-hosting the PaulDotCom Security Weekly podcast and likes to tinker with all things electronic and wireless, much to the disappointment of his family, friends, warranties, and his second Leatherman Multi-tool. Larry also co-authored Linksys WRT54G Ultimate Hacking and Using Wireshark and Ethereal from Syngress. Larry is an Extra Class Amateur Radio operator (KB1TNF) and enjoys developing hardware and real-world challenges for the Mid-Atlantic Collegiate Cyber Defense Challenge. He is also a SANS certified instructor.
Wireless Penetration Testing and Ethical Hacking
This course is designed for professionals seeking a comprehensive technical ability to understand, analyze, and defend the various wireless technologies that have become ubiquitous in our environments and, increasingly, key entrance points for attackers.
Instructor: Larry Pesce
Justin Searle
Director of ICS Security
Meet Your Instructor
Justin Searle is a Director of ICS Security at InGuardians, specializing in Smart Grid security architecture design and penetration testing. Justin led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and played key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG). He currently leads the testing group at the National Electric Sector Cybersecurity Organization Resources (NESCOR). Justin has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences. Mr. Searle is currently a Senior instructor for the SANS Institute. In addition to electric power industry conferences, Justin frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, Nullcon, and AusCERT. Justin co-leads prominent open source projects including the Samurai Web Testing Framework (SamuraiWTF), the Samurai Security Testing Framework for Utilities (SamuraiSTFU), Middler, Yokoso!, and Laudanum. Justin has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), and Web Application Penetration Tester (GWAPT).
ASSESSING AND EXPLOITING CONTROL SYSTEMS AND IOT
This course teaches hands-on penetration testing techniques used to test individual components of a control system, including embedded electronic field devices, network protocols, RF communications, Human Machine Interfaces (HMIs), and various forms of master servers and their ICS applications. Skills you will learn in this course will apply directly to systems such as the Smart Grid, PLCs, RTUs, smart meters, building management, manufacturing, Home Area Networks (HAN), smart appliances, SCADA, substation automation, synchrophasors, and even IoT. This course is structured around the formal penetration testing methodology created by UtiliSec for the United States Department of Energy.
ICS/SCADA Security Essentials
This course provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.
Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques
This course is designed to expand past the methodology and the ‘how’ when we are presented with the challenges of web penetration testing, and dig into the more esoteric ‘why’ these techniques and tools work, so that you can adapt as needed in your assessments.
Jay Beale
Chief Operating Officer, CTO and Principal Security Consultant
Meet Your Instructor
Jay Beale created two tools used by hundreds of thousands of individuals, companies and governments, Bastille Linux and the Center for Internet Security’s first Linux/UNIX scoring tool. He has led training classes on Linux security at the Black Hat, CanSecWest, RSA, and IDG conferences, as well as in private corporate training, since 2000. As an author, series editor and speaker, Jay has contributed to nine books and two columns and given roughly one hundred public talks. He is a co-founder, COO and CTO of the information security consulting company InGuardians.
AIKIDO ON THE COMMAND LINE - LINUX LOCKDOWN AND PROACTIVE SECURITY
This course begins with core system lockdown, then moves on to application defense, where we create least-privilege and well-confined configurations that break exploits. Using defense-in-depth, students will not only create jails but also tune the server programs within them to keep exploits from reaching their vulnerable code. For example, students will jail the a web server with SELinux, AppArmor and a Linux container, configure the server for increased resilience, and deactivate modules to remove vulnerable code. Then we’ll use remote code execution exploits and compare before/after, seeing how our defense broke the attack. Once we’ve accomplished all of this best practice work, we’ll get deeper protection from applying the latest security technology to better deflect attacks.
Instructor: Jay Beale