SEC673: Cyber Security Training at SANS Miami 2024

Provided by

Enquire about this course

What You Will Learn

When the security team has a problem it can't solve, it turns to you. You know how to code and you can develop tools to fill the gaps left by the existing technology. But although you can write a decent script to get the job done, maintaining that code is sometimes a burden. Every new feature seems like a complete rewrite. You need your code to run faster and spread the workload over multiple threads or even multiple processors. When a user experiences an error, you are left guessing what might have gone wrong because your application doesn't provide sufficient logging. You wish your applications had the features, maintainability, and ease of use of the most popular open-source cybersecurity projects. You are worried that you are developing a program with security vulnerabilities. Or, if you are not worried about that, maybe you should be. One thing is clear: you are ready to take your coding skills to the next level. SEC673 is the course for you!

SEC673 is designed as the logical progression point for students who have completed SEC573 Automating Information Security with Python, or for those who are already familiar with basic Python programming concepts. The course jumps immediately into advanced concepts. It looks at coding techniques used by popular open-source information security packages and how to apply them to our own Python cybersecurity projects. We'll learn from the best of them, spending the week making information security for our project, named SPF100, as easy to develop and maintain as that of the most popular cybersecurity projects. You'll discover how to organize your code and use advanced programming concepts to make your code faster, more efficient, and easier to maintain.

The course will show you the proper way to develop custom classes for use in information security applications. You'll learn about such topics as:
  • Making your packages installable for Package Installer for Python (PIP) for easy distribution and updates
  • Building a custom data structure that fits your application for faster development
  • Using advanced features like decorators, generators, and context managers to simplify code
  • Making programs run faster with multi-threading and multi-processing
  • Eliminating cascading errors by implementing unit tests so small changes don't become big errors
  • Undertaking proper log generation and handling in Python applications in order to identify those "works for me" errors
  • Implementing application automation and interaction so that you can move on to more important tasks
Following the precedent set by SEC573, this course makes heavy use of hands-on labs. The pyWars server is back with brand new functionality that can evaluate code and tell you where you've made mistakes. This unique and practical environment can guide you through developing complex programs. In addition to evaluating the answers you come up with, the pyWars server will assess how you solved the problems and demand that you solve them the right way. In other words, by forcing you to use the advanced features taught in this course, the server will help you learn the habits you need to produce more maintainable code. At the same time, the new environment will feed you complex problems in small consumable chunks so that you are not overwhelmed by the difficulty of the challenges presented and can focus on the important skills being taught.

If you understand the essential skills of Python and how to develop a simple information security tool, but are ready to be more productive and write better tools, SEC673 is the course for you.

What You Will Learn About
  • New pyWars features, virtual environments, and VSCode
  • How to use unit testing to evaluate code in development
  • Python object-oriented coding
  • Decorators
  • Iterators
  • Context managers
  • Data descriptors
  • Object attribute security and attacks
  • Multi-threading
  • Multi-processing
  • How to understand and mitigate object serialization attacks
  • The right way to do application logging
  • Command line tool automation with PEXPECT
  • Interpreter and object model attacks
What You Will Receive
  • A USB containing a virtual machine filled with sample code and working examples
  • MP3 audio files of the complete course lecture

Enquire

Start date Location / delivery
10 Jun 2024 Coral Gables Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...