About the course
SEC460: Enterprise Threat and Vulnerability Assessment New
Mon, April 8 - Sat, April 13, 2019
Contents | Additional Info
Instructor: Tim Medin
I have what I consider to be a mature vulnerability management, but by taking SEC460,I still found several ways to improve it.
Jason Lazerus, Eastern Bank
The hardest part of vulnerability management is process, and SEC460 shows process creation and improvement options.
Patrick OConnell, Anixter, Inc.
Computer exploitation is on the rise. As advanced adversaries become more numerous, more capable, and much more destructive, organizations must become more effective at mitigating their information security risks at the enterprise scale. SEC460 is the premier course focused on building technical vulnerability assessment skills and techniques, while highlighting time-tested practical approaches to ensure true value across the enterprise. The course covers threat management, introduces the core components of comprehensive vulnerability assessment, and provides the hands-on instruction necessary to produce a vigorous defensive strategy from day one. The course is focused on equipping information security personnel from mid-sized to large organizations charged with effectively and efficiently securing 10,000 or more systems.
SEC460 begins with an introduction to information security vulnerability assessment fundamentals, followed by in-depth coverage of the Vulnerability Assessment Framework. It then moves into the structural components of a dynamic and iterative information security program. Through a detailed, practical analysis of threat intelligence, modeling, and automation, students will learn the skills necessary to not only use the tools of the trade, but also to implement a transformational security vulnerability assessment program.
SEC460 will teach you how to use real industry-standard security tools for vulnerability assessment, management, and mitigation. It is the only course that teaches a holistic vulnerability assessment methodology while focusing on challenges faced in a large enterprise. You will learn on a full-scale enterprise range chock full of target machines representative of an enterprise environment, leveraging production-ready tools and a proven testing methodology.
SEC460 takes you beyond the checklist, giving you a tour of the attackers' perspective that is crucial to discovering where they will strike. Operators are more than the scanner they employ. SEC460 emphasizes this personnel-centric approach by examining the shortfalls of many vulnerability assessment programs in order to provide you with the tactics and techniques required to secure networks against even the most advanced intrusions.
We wrap up the first five days of instruction with a discussion of triage, remediation, and reporting before putting your skills to the test on the final day against an enterprise-grade cyber range with numerous target systems for you to analyze and explore. The cyber range is a large environment of servers, end-users, and networking gear that represents many of the systems and topologies used by enterprises. By adopting an end-to-end approach to vulnerability assessment, you can be confident that your skills will provide much-needed value in securing your organization.
This Course Will Prepare You To:
- Perform end-to-end vulnerability assessments
- Develop customized vulnerability discovery, management, and remediation plans
- Conduct threat intelligence gathering and analysis to create a tailored cybersecurity plan that integrates various attack and vulnerability modeling frameworks
- Implement a proven testing methodology using industry-leading tactics and techniques
- Adapt information security approaches to target real-world enterprise challenges
- Configure and manage vulnerability assessment tools to limit risk added to the environment by the tester
- Operate enumeration tools like Nmap, Masscan, Recon-ng, and WMI to identify network nodes, services, configurations, and vulnerabilities that an attacker could use as an opportunity for exploitation
- Conduct infrastructure vulnerability enumeration at scale across numerous network segments, in spite of divergent network infrastructure and nonstandard configurations
- Conduct web application vulnerability enumeration in enterprise environments while solving complex challenges resulting from scale
- Perform manual discovery and validation of cybersecurity vulnerabilities that can be extended to custom and unique applications and systems
- Manage large vulnerability datasets and perform risk calculation and scoring against organization-specific risks
- Implement vulnerability triage and prioritize mitigation
- Use high-end commercial software including Acunetix WVS and Rapid7 Nexpose (InsightVM) in the classroom range
SEC460.1: Methodology, Planning, and Threat Modeling
SEC460.3: Enhanced Vulnerability Scanning and Automation
SEC460.4: Vulnerability Validation, Triage, and Data Management
SEC460.5: Remediation and Reporting
SEC460.6: Vulnerability Assessment Foundry Hands-on Challenge
"Having worked with many different environments in my career, one thing that has always struck me is how to manage threats and vulnerabilities at enterprise scale. This course is the results of decades of experience performing vulnerability assessments. We walk the walk going through theory and exercises that are practical techniques for managing modern threats and vulnerabilities. We use tools, methodologies, and automation that will give you a manageable strategy applicable to any environment."
- Adrien de Beaupre
"Assuming the role of standard-bearer for a community comprised of many of today's foremost thought leaders may seem like a daunting proposition at first. However, the opportunity to introduce aspiring new hackers to a tribe of like minds is a singular and enduring pleasure. Because SEC460 is a foundational course in the SANS Penetration Testing Curriculum, it is itself a herald and a promise. For some newcomers, the first adventure with SANS is the spark of awakening for their inner hacker. It acts as a catalyst, facilitating personal evolution and even genesis of a lifelong passion. The course authors, Adrien de Beaupre, Tim Medin, and myself, have meticulously crafted the SEC460 challenge to be a formative experience, attainable by all yet elementary to none. Few things are more gratifying than watching an assiduous mind, armed for the fight, rising to meet the challenge with a flourish and a coup de grace, and ending in triumph!"
- Matthew Toussain