Want custom InGuardians training for your team?

Training is at InGuardians’ core. Our founders have developed industry-leading courses in the areas of penetration testing, ICS and Hardware hacking, RF and Wireless hacking  and incident response.

While we offer some of the classes through SANS and various infosec conferences, all of our classes are available for private training.

Current Scheduled Classes

Larry Pesce

Larry Pesce

Director of Research

Meet Your Instructor

Larry is a Director of Researcht with InGuardians after a long stint in security and disaster recovery in healthcare, performing penetration testing, wireless assessments, and hardware hacking. He also diverts a significant portion of his attention co-hosting the PaulDotCom Security Weekly podcast and likes to tinker with all things electronic and wireless, much to the disappointment of his family, friends, warranties, and his second Leatherman Multi-tool. Larry also co-authored Linksys WRT54G Ultimate Hacking and Using Wireshark and Ethereal from Syngress. Larry is an Extra Class Amateur Radio operator (KB1TNF) and enjoys developing hardware and real-world challenges for the Mid-Atlantic Collegiate Cyber Defense Challenge. He is also a SANS certified instructor.

SEC617: Wireless Penetration Testing and Ethical Hacking

This course is designed for professionals seeking a comprehensive technical ability to understand, analyze, and defend the various wireless technologies that have become ubiquitous in our environments and, increasingly, key entrance points for attackers.

Instructor: Larry Pesce 

Justin Searle

Justin Searle

Director of ICS Security

Meet Your Instructor

Justin Searle is a Director of ICS Security at InGuardians, specializing in Smart Grid security architecture design and penetration testing. Justin led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and played key roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG). He currently leads the testing group at the National Electric Sector Cybersecurity Organization Resources (NESCOR). Justin has taught courses in hacking techniques, forensics, networking, and intrusion detection for multiple universities, corporations, and security conferences. Mr. Searle is currently a Senior instructor for the SANS Institute. In addition to electric power industry conferences, Justin frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, Nullcon, and AusCERT. Justin co-leads prominent open source projects including the Samurai Web Testing Framework (SamuraiWTF), the Samurai Security Testing Framework for Utilities (SamuraiSTFU), Middler, Yokoso!, and Laudanum. Justin has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), and Web Application Penetration Tester (GWAPT).

ASSESSING AND EXPLOITING CONTROL SYSTEMS AND IOT

This course teaches hands-on penetration testing techniques used to test individual components of a control system, including embedded electronic field devices, network protocols, RF communications, Human Machine Interfaces (HMIs), and various forms of master servers and their ICS applications. Skills you will learn in this course will apply directly to systems such as the Smart Grid, PLCs, RTUs, smart meters, building management, manufacturing, Home Area Networks (HAN), smart appliances, SCADA, substation automation, synchrophasors, and even IoT. This course is structured around the formal penetration testing methodology created by UtiliSec for the United States Department of Energy.

ICS410: ICS/SCADA Security Essentials

This course provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.

SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques

This course is designed to expand past the methodology and the ‘how’ when we are presented with the challenges of web penetration testing, and dig into the more esoteric ‘why’ these techniques and tools work, so that you can adapt as needed in your assessments.

Jay Beale

Jay Beale

Chief Operating Officer, CTO and Principal Security Consultant

Meet Your Instructor

Jay Beale created two tools used by hundreds of thousands of individuals, companies and governments, Bastille Linux and the Center for Internet Security’s first Linux/UNIX scoring tool. He has led training classes on Linux security at the Black Hat, CanSecWest, RSA, and IDG conferences, as well as in private corporate training, since 2000. As an author, series editor and speaker, Jay has contributed to nine books and two columns and given roughly one hundred public talks. He is a co-founder, COO and CTO of the information security consulting company InGuardians.

AIKIDO ON THE COMMAND LINE - LINUX LOCKDOWN AND PROACTIVE SECURITY

This course begins with core system lockdown, then moves on to application defense, where we create least-privilege and well-confined configurations that break exploits. Using defense-in-depth, students will not only create jails but also tune the server programs within them to keep exploits from reaching their vulnerable code. For example, students will jail the a web server with SELinux, AppArmor and a Linux container, configure the server for increased resilience, and deactivate modules to remove vulnerable code. Then we’ll use remote code execution exploits and compare before/after, seeing how our defense broke the attack. Once we’ve accomplished all of this best practice work, we’ll get deeper protection from applying the latest security technology to better deflect attacks.

Instructor: Jay Beale 

David Mayer

David Mayer

Senior Security Consultant

Meet Your Instructor

Dave is a Senior Security Consultant who started with InGuardians in 2018. Previously he served as VP Red Team for a global financial organization (one of the five largest banks in the United States) where he performed Red Team engagements, internal and external penetration tests, and product testing.  Prior to that he worked within healthcare as an Information Security Professional where he performed penetration testing, vulnerability management, security architecture review, incident response, forensics and managed content filtering, SSL/TLS interception, data loss prevention, and firewall logging.  Dave Mayer graduated from State University of New York at Plattsburgh with a Bachelors in Computer Science. In his spare time, he can be found tinkering with many house projects or reliving his fire department days when he was part of the Fairchild Fire Company in the Morris Township Fire Department. He held numerous positions ranging from Engine, Ladder and Rescue Operator to Battalion Chief. Aside from running into burning buildings, Dave currently holds the following certifications: GIAC GSE, GSEC, GSNA, GCIA, GCFE, GPEN, GXPN, GCIH, GWAPT, GAWN and OSCP

SEC560: Network Penetration Testing and Ethical Hacking (Mentor Session)

SEC560 is designed to get you ready to conduct a full-scale, high-value penetration test and at the end of the course you’ll do just that. After building your skills in comprehensive and challenging labs, the course culminates with a final real-world penetration test scenario. You’ll conduct an end-to-end pen test, applying knowledge, tools, and principles from throughout the course as you discover and exploit vulnerabilities in a realistic sample target organization, demonstrating the skills you’ve gained in this course.