Custom Training
Training is at InGuardians’ core. Our founders have developed industry-leading courses in the areas of penetration testing, ICS and Hardware hacking, RF and Wireless hacking and incident response.
While we offer some of the classes through SANS, Black Hat and various infosec conferences, all of our classes are available for private training.
ICS410: ICS/SCADA Security Essentials
This course provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.
Instructor: Justin Searle , Director of ICS Security, InGuardians
SEC617: Wireless Penetration Testing and Ethical Hacking
This course is designed for professionals seeking a comprehensive technical ability to understand, analyze, and defend the various wireless technologies that have become ubiquitous in our environments and, increasingly, key entrance points for attackers. This class also covers other wireless technologies, and is regularly updated and tested.
Instructor: Larry Pesce , Technical Operations Manager & Director of Research
Assessing And Exploiting Control System And IIoT
Aug 1 – Aug 4
This course teaches hands-on penetration testing techniques used to test individual components of a control system, including embedded electronic field devices, network protocols, RF communications, Human Machine Interfaces (HMIs), and various forms of master servers and their ICS applications. Skills you will learn in this course will apply directly to systems such as the Smart Grid, PLCs, RTUs, smart meters, building management, manufacturing, Home Area Networks (HAN), smart appliances, SCADA, substation automation, synchrophasors, and even IoT. This course is structured around the formal penetration testing methodology created by UtiliSec for the United States Department of Energy.
Instructor: Justin Searle, Director of ICS Security, InGuardians
A Purple Team View – Attacking And Defending Linux, Docker, And Kubernetes
Aug 1 – Aug 4
Learn how to attack and thoroughly lock down Linux and container-based systems including Kubernetes from Jay Beale, the creator of Bastille Linux, the Center for Internet Security’s first Linux security benchmark, and two Kubernetes tools: the Peirates attack tool and the CTF cluster Bust-a-Kube. In this fully hands-on course, you’ll get a laptop to keep, filled with capture-the-flag (CTF) virtual machines, which you will attack and defend. Every single topic in the class has an attack exercise, where you use Kali Linux to compromise a system, and a matching defense exercise, where you will use new skills to break that attack, confident that it will break other attacks. In this expanded and updated 4-day version of the well-reviewed Aikido on the Command Line class, we focus strongly on attacking Linux containers, Docker and the container orchestration system, Kubernetes!
Instructor: Jay Beale, CTO, InGuardians
Assessing And Exploiting Control System And IIoT
TBA / Live Online Training
This is not your traditional SCADA/ICS/IIoT security course! How many courses send you home with a $500 kit including your own PLC and a set of hardware/RF hacking tools?!?
This course teaches hands-on penetration testing techniques used to test individual components of a control system, including embedded electronic field devices, network protocols, RF communications, Human Machine Interfaces (HMIs), and various forms of master servers and their ICS applications. Skills you will learn in this course will apply directly to systems such as the Smart Grid, PLCs, RTUs, smart meters, building management, manufacturing, Home Area Networks (HAN), smart appliances, SCADA, substation automation, synchrophasors, and even IoT. This course is structured around the formal penetration testing methodology created by UtiliSec for the United States Department of Energy.
Learn More
Using this methodology and ControlThings Pentest Platform (previously SamuraiSTFU), an open-source Linux distribution for pentesting energy sector systems and other critical infrastructure, we will perform hands-on penetration testing tasks on user interfaces (on master servers and field device maintenance interfaces), control system protocols (modbus, DNP3, IEC 60870-5-104), proprietary RF communications (433MHz, 869MHz, 915MHz), and embedded circuit attacks (memory dumping, bus snooping, JTAG, and firmware analysis). We will tie these techniques and exercises back to control system devices that can be tested using these techniques. The course exercises will be performed on a mixture of real-world and simulated devices to give students the most realistic experience as possible in a portable classroom setting.
Advances in modern control systems such as the energy sector’s Smart Grid have brought great benefits for asset owners/operators and customers alike, however, these benefits have often come at a cost from a security perspective. With increased functionality and additional inter-system communication, modern control systems bring a greater risk of compromise that vendors, asset owners/operators, and society, in general, must accept to realize the desired benefits. To minimize this risk, penetration testing in conjunction with other security assessment types must be performed to minimize vulnerabilities before attackers can exploit critical infrastructures that exist in all countries around the world. Ultimately, this is the goal of this course, to help you know how, when, and where this can be done safely in your control systems.
Refund Policy
This price includes a non-refundable $600 fee.
For partial reimbursement, you may cancel up to 7 days before the start of the course.
Instructor: Justin Searle, Director of ICS Security, InGuardians
Want custom InGuardians training for your team?
Training is at InGuardians’ core. Our founders have developed industry-leading courses in the areas of penetration testing, ICS and Hardware hacking, RF and Wireless hacking and incident response.
While we offer some of the classes through SANS and various infosec conferences, all of our classes are available for private training.
