About the course
Cert: GPYC GIAC Python Coder
SEC575 will prepare you to effectively evaluate the security of mobile devices, assess and identify flaws in mobile applications, and conduct a mobile device penetration test - all critical skills required to protect and defend mobile device deployments. You will learn how to pen test the biggest attack surface in your organization; dive deep into evaluating mobile apps and operating systems, and their associated infrastructure; and better defend your organization against the onslaught of mobile device attacks.
What You Will Learn
Imagine an attack surface that is spread across your organization and in the hands of every user. It moves regularly from place to place, stores highly sensitive and critical data, and sports numerous and different wireless technologies all ripe for attack. Unfortunately, such a surface already exists today: mobile devices. These devices constitute the biggest attack surface in most organizations, yet these same organizations often don't have the skills needed to assess them.
SEC575 Now Covers Android 11 and iOS 14
SEC575: Mobile Device Security and Ethical Hacking is designed to give you the skills to understand the security strengths and weaknesses of Apple iOS and Android devices. Mobile devices are no longer a convenience technology - they are an essential tool carried or worn by users worldwide, often displacing conventional computers for everyday enterprise data needs. You can see this trend in corporations, hospitals, banks, schools, and retail stores across the world. Users rely on mobile devices today more than ever before -- we know it, and the bad guys do too. The SEC575 course examines the full gamut of these devices.
Learn How to Pen Test the Biggest Attack Surface in Your Entire Organization
With the skills you learn in SEC575, you will be able to evaluate the security weaknesses of built-in and third-party applications. You'll learn how to bypass platform encryption and manipulate apps to circumvent client-side security techniques. You'll leverage automated and manual mobile application analysis tools to identify deficiencies in mobile app network traffic, file system storage, and inter-app communication channels. You'll safely work with mobile malware samples to understand the data exposure and access threats affecting Android and iOS, and you'll learn how to bypass lock screens to exploit lost or stolen devices.
Take a Deep Dive into Evaluating Mobile Apps and Operating Systems and Their Associated Infrastructures
Understanding and identifying vulnerabilities and threats to mobile devices is a valuable skill, but it must be paired with the ability to communicate the associated risks. Throughout the course, you'll review ways to effectively communicate threats to key stakeholders. You'll learn how to use industry standards such as the OWASP Mobile Application Security Verification Standard (MASVS) to assess an application and understand all the risks so that you can characterize threats for managers and decision-makers. You'll also identify sample code and libraries that developers can use to address risks for in-house applications.
Your Mobile Devices are Going to Come Under Attack - Help Your Organization Prepare for the Onslaught
In employing your newly learned skills, you'll apply a step-by-step mobile device deployment penetration test. Starting with gaining access to wireless networks to implement man-in-the-middle attacks and finishing with mobile device exploits and data harvesting, you'll examine each step of the test with hands-on exercises, detailed instructions, and tips and tricks learned from hundreds of successful penetration tests. By building these skills, you'll return to work prepared to conduct your own test, and you'll be better informed about what to look for and how to review an outsourced penetration test.
Mobile device deployments introduce new threats to organizations, including advanced malware, data leakage, and the disclosure to attackers of enterprise secrets, intellectual property, and personally identifiable information assets. Further complicating matters, there simply are not enough people with the security skills needed to identify and manage secure mobile phone and tablet deployments. By completing this course, you'll be able to differentiate yourself as someone prepared to evaluate the security of mobile devices, effectively assess and identify flaws in mobile applications, and conduct a mobile device penetration test - all critical skills to protect and defend mobile device deployments.
Syllabus (36 CPEs)
SEC575.1: Device Architecture and Application Interaction
SEC575.2: The Stolen Device Threat and Mobile Malware
SEC575.3: Static Application Analysis
SEC575.4: Dynamic Mobile Application Analysis and Manipulation
SEC575.5: Penetration Testing Mobile Devices
SEC575.6: Hands-on Capture-the-Flag Event
GIAC Mobile Device Security Analyst
The GIAC Mobile Device Security Analyst (GMOB) certification ensures that people charged with protecting systems and networks know how to properly secure mobile devices that are accessing vital information. GMOB certification holders have demonstrated knowledge about assessing and managing mobile device and application security, as well as mitigating against malware and stolen devices.
- Analyzing application network activity and static applications, assessing mobile application security
- Attacking mobile & wireless infrastructure & web applications, unlocking & rooting mobile devices
- Managing android and iOS devices, manipulating mobile application behavior and network traffic
- Mitigating against mobile malware & stolen mobile devices, penetration testing against mobile devices
Students should have familiarity with network penetration testing concepts, such as those taught in the SANS SEC504 or SEC560 courses.
Important! Bring your own system configured according to these instructions!
A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.
In this course, students will use an advanced lab system to maximize the time spent on learning objectives and minimize setup and troubleshooting.
Students may use the latest version of Windows 10 or macOS 10.15.x or later for exercises. You will need a wired network adapter to connect to the classroom network. Larger laptop displays will make for an improved lab experience (less scrolling).
Your course media will now be delivered via download. The media files for class can be large, some in the 40 - 50 GB range. You need to allow plenty of time for the download to complete. Internet connections and speed vary greatly and are dependent on many different factors. Therefore, it is not possible to give an estimate of the length of time it will take to download your materials. Please start your course media downloads as you get the link. You will need your course media immediately on the first day of class. Waiting until the night before the class starts to begin your download has a high probability of failure.
SANS has begun providing printed materials in PDF form. Additionally, certain classes are using an electronic workbook in addition to the PDFs. The number of classes using eWorkbooks will grow quickly. In this new environment, we have found that a second monitor and/or a tablet device can be useful by keeping the class materials visible while the instructor is presenting or while you are working on lab exercises.
"The first iPhone was released in 2007, and it is considered by many to be the starting point of the smartphone era. Over the past decade, we have seen smartphones grow from rather simplistic into incredibly powerful devices with advanced features such as biometrics, facial recognition, GPS, hardware-backed encryption and beautiful high-definition screens. While many different smartphone platforms have been developed over the years, it's quite obvious that Android and iOS have come out victorious.
"While smartphones provide a solid experience right out of the box, the app ecosystem is probably the most powerful aspect of any mobile OS. Both the Google Play and Apple App stores have many millions of applications that increase the usefulness of their platforms and include everything from games to financial applications, navigation, movies, music, and countless other offerings.
"However, many people's smartphones also contain an incredible amount of data about both their personal and professional lives. Keeping those data secure should be a primary concern for both the OS and the mobile application developer. Yet, many companies today have implemented a bring-your-own-device policy that allows smartphones onto their network. These devices are often not managed and thus bring a new set of security threats to the company.
"I wrote this course to teach you about all the different aspects of mobile security, both at a high level and down into the nitty-gritty details. You will learn how to analyze mobile applications, attack smartphone devices on the network, man-in-the-middle either yourself or others, and root/jailbreak your device. You'll also learn what kind of malware may pose a threat to your company and your employees.
"Mobile security is a lot of fun, and I hope you will join this course so that we can share our enthusiasm with you!"
- Jeroen Beckers
Who Should Attend SEC575?
- Penetration testers
- Ethical hackers
- Auditors who need to build deeper technical skills
- Security personnel whose job involves assessing, deploying, or securing mobile phones and tablets
- Network and system administrators supporting mobile phones and tablets