SEC568: Cyber Security Training at SANS Cyber Defense Initiative® 2024

Provided by

Enquire about this course

What You Will Learn
Think Red, Act Blue

Gain foundational knowledge and practical methodologies for product security testing and risk analysis with SEC568: Product Security Penetration Testing. By utilizing offensive tactics with a defensive mindset, students will learn how to analyze the risk of introducing desktop, mobile, proprietary protocols, and hardware devices into your environment. You will use a wide variety of technical skills to gain a deep understanding of how a target operates.

Each section of the class will be accompanied by flow diagrams that provide each student a roadmap they can use to navigate complex topics with documented processes and clearly defined goals. Through more than 20 hands-on lab exercises and a fully guided capstone exercise, you'll get practical experience that increases in technical depth as you progress through the course.
You Will Be Able To
  • Apply the entire product security testing process to commercial applications
  • Mitigate the impact of third-party applications and risk of supply chain attacks
  • Perform static firmware analysis to see what is running on a device
  • Dissect proprietary protocols
  • Collect, prepare, and analyze data with Python, Pandas DataFrame, and Jupyter Notebooks
  • Construct attack trees and use risk scoring methodology to determine risk of each discovered threat
Skills Learned
  • Windows OS basics
  • Linux OS basics
  • Android OS basics
  • How to conduct efficient internet searching
  • Networking fundamental concepts
  • How to decrypt networking traffic
  • How to build custom Scapy networking layers
  • How to collect, prepare, and analyze data with Python, Pandas DataFrame, and Jupyter Notebooks
  • When to continue or stop a product security assessment
  • A variety of threat modeling concepts
  • Different methods for determining risk
  • Basics of network fuzzing
  • How to analyze decompiled code
What You Will Receive
  • A Corellium license
  • 3 virtual machines
  • Process flow charts
  • An electronic workbook with step-by-step instructions for 20+ fully functional labs that do not expire and can be repeated any time after the course

Enquire

Start date Location / delivery
13 Dec 2024 Washington Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...