ＨｉｄｅＺｅｒｏＯｎｅ

SEC550 will provide you with an understanding of the core principles of cyber deception, enabling you to plan and implement cyber deception campaigns to fit virtually any environment. You will be able to turn the tables on attackers so that while they need to be perfect to avoid detection, you need to be right only once to catch them.

Syllabus

SEC661 is designed to break down the complexity of exploit development and the difficulties with analyzing software that runs on IoT devices. Students will learn how to interact with software running in ARM environments and write custom exploits against known IoT vulnerabilities.

SEC661.2: Exploiting IoT Devices

SEC661: ARM Exploit Development

High-profile cybersecurity attacks indicate that offensive attacks are outperforming defensive measures. Cybersecurity engineers, auditors, privacy, and compliance team members are asking how they can practically protect and defend their systems and data, and how they should implement a prioritized list of cybersecurity hygiene controls. In SANS SEC566, students will learn how an organization can defend its information by using a vetted cybersecurity control standard. Students will specifically learn how to implement, manage, and assess security control requirements defined by the Center for Internet Security’s (CIS) Controls. Students will gain direct knowledge of the CIS Controls and ecosystem of tools to implement CIS controls across organizations complex networks, including cloud assets. 17 Lab Exercises and a program management simulation.

SEC566.1: Introduction and Overview of the CIS Critical Controls
SEC566.2: Data Protection, Identity and Authentication, Access Control Management, Audit Log Management
SEC566.3: Server, Workstation, Network Device Protections (Part 1)
SEC566.4: Server, Workstation, Network Device Protections (Part 2)
SEC566.5: Governance and Operational Security

SEC566: Implementing and Auditing CIS Controls

This course teaches practical open-source intelligence (OSINT) analysis and automation techniques. You will learn tradecraft tips, tactics, techniques, and procedures based on real-world examples that will enable you to carry out in-depth OSINT analysis of groups, image and video verification, and OSINT operations security, as well as understand the foundations of automating OSINT with Python.

Syllabus

SEC537.1: Practical OSINT Analysis

SEC537.2: Practical OSINT Analysis with Python

SEC537: Practical Open-Source Intelligence (OSINT) Analysis and Automation

SEC487 will teach students legitimate and effective ways to find, gather, and analyze this data from the Internet. You’ll learn about reliable places to harvest data using manual and automated methods and tools. Once you have the data, we’ll show you how to ensure that it is analyzed, sound, and useful to your investigations.

This is a foundational course in open-source intelligence (OSINT) gathering and, as such, will move quickly through many areas of the field. The course will teach you current, real-world skills, techniques, and tools that law enforcement, private investigators, cyber attackers, and defenders use to scour the massive amount of information across the Internet, analyze the results, and pivot on interesting pieces of data to find other areas for investigation. Our goal is to provide the OSINT knowledge base for students to be successful in their fields whether they are cyber defenders, threat intelligence analysts, private investigators, insurance claims investigators, intelligence analysts, law enforcement personnel, or just someone curious about OSINT.

SEC556 facilitates examining the entire IoT ecosystem, helping you build the vital skills needed to identify, assess, and exploit basic and complex security mechanisms in IoT devices. This course gives you tools and hands-on techniques necessary to evaluate the ever-expanding IoT attack surface.

SEC556.1: Introduction to IoT Network Traffic and Web Services
SEC556.2: Exploiting IoT Hardware Interfaces and Analyzing Firmware
SEC556.3: Exploiting Wireless IoT: WiFi, BLE, Zigbee, LoRA, and SDR

SEC556: IoT Penetration Testing