SEC568: SANS SEC568: Combating Supply Chain Attacks with Product Security Testing Beta - Live Online
Provided by SANS
What You Will Learn
Supply chain attacks go unnoticed on average for 235 days and do more damage as a result of us not having a deep understanding of the products being used on a network. Product security tests help obtain a comprehensive understanding of how choosing to use a particular product in your organization can increase your attack surface and affect your threat model and risk posture. This makes product security testing vital in preparing your organization to defend and recover from software supply chain attacks.
SEC568 is a practical on-ramp into the world of product security testing and risk analysis through more than 20 hands-on exercises designed to be challenging to both beginners and more advanced students. By utilizing offensive tactics with a defensive mindset, students will learn how to analyze the risk of introducing desktop, mobile, proprietary protocols, and hardware devices into your environment. You will use a wide variety of technical skills to gain a deep understanding of how a target operates.
Each section of the class will be accompanied by flow diagrams that provide each student a roadmap on how to navigate these complex topics with documented processes and clearly defined goals. As the class progresses, sections will increase in technical depth and difficulty. The number of hands-on exercises and the duration of them also increases proportionally as you gain new knowledge and develop new skills.
You will notice the class also gains a larger focus on networking as we dive deeper into product security testing. This networking focus is critical for a complete risk assessment in almost all organizations, as this threat vector has the highest likelihood to cause the most damage.
In the last section, the class culminates with a capstone event, a fully guided 5-hour exercise in which students will apply the entire product security testing process, starting with a closed-box analysis on a popular commercial application.
You Will Learn
Supply chain attacks go unnoticed on average for 235 days and do more damage as a result of us not having a deep understanding of the products being used on a network. Product security tests help obtain a comprehensive understanding of how choosing to use a particular product in your organization can increase your attack surface and affect your threat model and risk posture. This makes product security testing vital in preparing your organization to defend and recover from software supply chain attacks.
SEC568 is a practical on-ramp into the world of product security testing and risk analysis through more than 20 hands-on exercises designed to be challenging to both beginners and more advanced students. By utilizing offensive tactics with a defensive mindset, students will learn how to analyze the risk of introducing desktop, mobile, proprietary protocols, and hardware devices into your environment. You will use a wide variety of technical skills to gain a deep understanding of how a target operates.
Each section of the class will be accompanied by flow diagrams that provide each student a roadmap on how to navigate these complex topics with documented processes and clearly defined goals. As the class progresses, sections will increase in technical depth and difficulty. The number of hands-on exercises and the duration of them also increases proportionally as you gain new knowledge and develop new skills.
You will notice the class also gains a larger focus on networking as we dive deeper into product security testing. This networking focus is critical for a complete risk assessment in almost all organizations, as this threat vector has the highest likelihood to cause the most damage.
In the last section, the class culminates with a capstone event, a fully guided 5-hour exercise in which students will apply the entire product security testing process, starting with a closed-box analysis on a popular commercial application.
You Will Learn
- Windows OS basics
- Linux OS basics
- Android OS basics
- How to conduct efficient internet searching
- Networking fundamental concepts
- How to decrypt networking traffic
- How to build custom Scapy networking layers
- How to collect, prepare, and analyze data with Python, Pandas DataFrame, and Jupyter Notebooks
- When to continue or stop a product security assessment
- A variety of threat modeling concepts
- Different methods for determining risk
- Basics of network fuzzing
- How to analyze decompiled code
- Conduct a product security test
- Reduce the impact of supply chain attacks on your organization
- Evaluate a Windows, Linux, or Android product for threats
- Perform basic static firmware analysis to understand what is running on a device
- Determine how a system changes because of installing new software
- Use Exploratory Data Analysis (EDA) techniques to analyze and present a large amount of data
- Dissect propriety protocols
- Build a threat model to articulate the biggest risks and mitigations
- Construct attack trees and use a risk scoring methodology to determine the risk of each threat discovered in previous phases
- A Corellium license
- 3 virtual machines
- Process flow charts
- An electronic workbook with step-by-step instructions for 20+ fully functional labs that do not expire and can be repeated any time after the course
Enquire
| Start date | Location / delivery | |
|---|---|---|
| 26 Jun 2023 | Virtual | Book now |
Related article
Challenge Yourself with CyberLive
At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...