About the course
Cyber Security Training in London 2019
SANS is recognised around the world as the best place to develop the deep, hands-on cyber security skills most needed right now. Join us for SANS London February (February 11-16 at the Grand Connaught Rooms) for immersion training that will provide you with the skills to defend your organisation against security breaches and prevent future attacks.
“I get to connect with industry peers and gain a deeper understanding about what I do any why it is important. More tools for the tool belt.” - Thomas Dowling, Rackspace
All SANS courses are world-class cyber security courses, but every event we like to choose a course and ask the instructors to give a bit more insight into the course.
Take advantage of these opportunities to get the most of your training:
- Distinguish yourself as an information security leader by preparing for your GIAC Certification.
- Network with like-minded security professionals facing similar challenges.
- Attend evening bonus sessions led by SANS instructors and gain insight into the latest cyber security topics.
- Extend your SANS course by four months with an OnDemand Bundle.
Our mission at SANS is to deliver cutting-edge information security knowledge and skills to all students in order to protect people and assets. At the heart of everything we do is the SANS Promise: Students will be able to use the new skills they have learned as soon as they return to work. See that promise in action at SANS London February 2019.
“SANS provides you with trainers who have real-world experience. They are actively participating in investigations and providing up-to-date research on current trends.” - Leo Sanchez, Tetra Pak
To follow or tweet about this event, use the hashtag #SANSLondon. Follow SANS at: https://twitter.com/SANSEMEA
SEC560: Network Penetration Testing and Ethical Hacking
Mon, February 11 - Sat, February 16, 2019
Contents | Additional Info
Instructor: Jeff McJunkin
As an incident responder, SEC560 provides me with more insight into how an attacker would approach penetrating an organization's network.
Ellis Drew, Target
I recommend SEC560 to all incident responders as it offers a clear view of red team TTPs and concepts.
Lesley Carhart, Motorola Solutions
As a cybersecurity professional, you have a unique responsibility to find and understand your organization's vulnerabilities and to work diligently to mitigate them before the bad guys pounce. Are you ready? SEC560, the flagship SANS course for penetration testing, fully arms you to address this duty head-on.
SEC560 IS THE MUST-HAVE COURSE FOR EVERY WELL-ROUNDED SECURITY PROFESSIONAL
With comprehensive coverage of tools, techniques, and methodologies for network penetration testing, SEC560 truly prepares you to conduct high-value penetration testing projects step by step and end to end. Every organization needs skilled information security personnel who can find vulnerabilities and mitigate their effects, and this entire course is specially designed to get you ready for that role. The course starts with proper planning, scoping and recon, then dives deep into scanning, target exploitation, password attacks, and web app manipulation, with over 30 detailed hands-on labs throughout. The course is chock full of practical, real-world tips from some of the world's best penetration testers to help you do your job safely, efficiently...and with great skill.
LEARN THE BEST WAYS TO TEST YOUR OWN SYSTEMS BEFORE THE BAD GUYS ATTACK
You'll learn how to perform detailed reconnaissance, studying a target's infrastructure by mining blogs, search engines, social networking sites, and other Internet and intranet infrastructures. Our hands-on labs will equip you to scan target networks using best-of-breed tools. We won't just cover run-of-the-mill options and configurations, we'll also go over the lesser-known but super-useful capabilities of the best pen test toolsets available today. After scanning, you'll learn dozens of methods for exploiting target systems to gain access and measure real business risk. You'll dive deep into post-exploitation, password attacks, and web apps, pivoting through the target environment to model the attacks of real-world bad guys to emphasize the importance of defense in depth.
EQUIPPING SECURITY ORGANIZATIONS WITH COMPREHENSIVE PENETRATION TESTING AND ETHICAL HACKING KNOW-HOW
SEC560 is designed to get you ready to conduct a full-scale, high-value penetration test and at the end of the course you'll do just that. After building your skills in comprehensive and challenging labs, the course culminates with a final real-world penetration test scenario. You'll conduct an end-to-end pen test, applying knowledge, tools, and principles from throughout the course as you discover and exploit vulnerabilities in a realistic sample target organization, demonstrating the skills you've gained in this course.
SEC560.1: Comprehensive Pen Test Planning, Scoping, and Recon
SEC560.2: In-Depth Scanning
SEC560.4: Post-Exploitation and Merciless Pivoting
SEC560.5: In-Depth Password Attacks and Web App Pen Testing
SEC560.6: Penetration Test & Capture-the-Flag Challenge
"I love teaching this course because it provides a comprehensive dive into the methodologies used to attack target environments. Our focus is always on understanding the attacks in depth while maximizing the business value of a penetration test through technical excellence with a business understanding. Successful penetration testers don't just throw a bunch of hacks against an organization and regurgitate the output of their tools. Instead, they need to understand how these tools work in depth, and conduct their test in a careful, professional manner. This course explains the inner workings of numerous tools and their use in effective network penetration testing projects. When teaching the class, I particularly enjoy the numerous hands-on exercises culminating with a final pen-testing extravaganza lab."