Security Leadership and Management
OnlineInstructor: Chris BrentonCourse Length: 16 Hours Includes: 12 months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings. Course Description “Security” is arguably one of the most challenging disciplines to move from being an individual contributor (IC) to being a manager. While security ICs can perform most tasks in...
Professionally Evil Network Testing (PENT)
OnlineInstructor: Eric Kuehn, Nathan SweaneyCourse Length: 5 days, 20 hours Course Description This hands-on course will teach students a basic methodology for network penetration testing and an introduction to the processes used. Students will walk through the phases of Reconnaissance, Mapping, Discovery, Exploitation, and Post-Exploitation with demonstrations of various tools and tactics used in each...
Enterprise Forensics and Response
OnlineInstructor: Gerard JohansenCourse Length: 16 Hours Course Description The Enterprise Forensics and Response course is designed to provide students with both an investigative construct and techniques that allow them to scale incident response activities in an enterprise environment. The focus of the lecture portion of the course work is understanding the incident investigation process, objective...
Security Leadership and Management
OnlineInstructor: Chris BrentonCourse Length: 16 Hours Includes: 12 months of complimentary access to the Antisyphon Cyber Range, certificate of participation, six months access to class recordings. Course Description “Security” is arguably one of the most challenging disciplines to move from being an individual contributor (IC) to being a manager. While security ICs can perform most tasks in...
Introduction to Industrial Control Systems
OnlineInstructor: Ashley Van HoesenCourse Length: 4 Days, 16 Hours Course Description The Introduction to Industrial Control Systems course provides intensive training on defending and attacking industrial control systems. The course will discuss common vulnerabilities, attack paths, defending industrial control systems, and architecture of industrial control environments. The course will provide hands-on training in a lab...
Introduction to Industrial Control Systems
OnlineInstructor: Ashley Van HoesenCourse Length: 4 Days, 16 Hours Course Description The Introduction to Industrial Control Systems course provides intensive training on defending and attacking industrial control systems. The course will discuss common vulnerabilities, attack paths, defending industrial control systems, and architecture of industrial control environments. The course will provide hands-on training in a lab...
Introduction to Industrial Control Systems
OnlineInstructor: Ashley Van HoesenCourse Length: 4 Days, 16 Hours Course Description The Introduction to Industrial Control Systems course provides intensive training on defending and attacking industrial control systems. The course will discuss common vulnerabilities, attack paths, defending industrial control systems, and architecture of industrial control environments. The course will provide hands-on training in a lab...
Introduction to Industrial Control Systems
OnlineInstructor: Ashley Van HoesenCourse Length: 4 Days, 16 Hours Course Description The Introduction to Industrial Control Systems course provides intensive training on defending and attacking industrial control systems. The course will discuss common vulnerabilities, attack paths, defending industrial control systems, and architecture of industrial control environments. The course will provide hands-on training in a lab...
Getting Started in Packet Decoding
One of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Introduction to PCI (PCI 101)
OnlineInstructor: Nathan SweaneyCourse Length: 1 Day, 4 HoursPrice: $25-$150 Course Description This course is designed to introduce IT professionals to the Payment Card Industry collection of standards as defined and enforced by the Payment Card Industry Security Standards Council. The first half of the course summarizes the structure and history of PCI, the primary standards...
Getting Started in Packet Decoding
One of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Reporting for Pentesters
If you want to set yourself apart, work on your reporting skills. The hacks are ephemeral. The report lives forever. The hacks are fun – and they require your constant effort to keep current. The reporting is what makes this all a viable career – and once you know how to produce a good one, you can apply that skill endlessly as the computing world changes around you.
Getting Started in Packet Decoding
One of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Getting Started in Packet Decoding
One of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
SOC Core Skills
This 16-hour information security training course will cover the core security skills all Security Operation Center (SOC) analysts need to have. These are the skills that all Black Hills Information Security (BHIS) SOC team members need to have.
Foundational Data Protection Training (FDPT)
This foundational course is designed to provide the basic tools needed to protect the data that is most valuable to your business. Since data is an integral part of an organization's core operations, it's important to build a solid foundation for understanding the considerations and mechanisms related to data protection.
Introduction to Python
Automating tasks in using scripts in various programming languages is critical to scale up the efforts of a limited security professional talent pool. Penetration testers, incident responders, forensics, and defense professionals need to be able to take existing code and produce stable functional Python tools or be able to debug an issue with an existing tool. This course teaches Python fundamentals with both lecture and labs.
SOC Core Skills
This 16-hour information security training course will cover the core security skills all Security Operation Center (SOC) analysts need to have. These are the skills that all Black Hills Information Security (BHIS) SOC team members need to have.
Introduction to Python
Automating tasks in using scripts in various programming languages is critical to scale up the efforts of a limited security professional talent pool. Penetration testers, incident responders, forensics, and defense professionals need to be able to take existing code and produce stable functional Python tools or be able to debug an issue with an existing tool. This course teaches Python fundamentals with both lecture and labs.
SOC Core Skills
This 16-hour information security training course will cover the core security skills all Security Operation Center (SOC) analysts need to have. These are the skills that all Black Hills Information Security (BHIS) SOC team members need to have.
Foundational Data Protection Training (FDPT)
This foundational course is designed to provide the basic tools needed to protect the data that is most valuable to your business. Since data is an integral part of an organization's core operations, it's important to build a solid foundation for understanding the considerations and mechanisms related to data protection.
Introduction to Python
Automating tasks in using scripts in various programming languages is critical to scale up the efforts of a limited security professional talent pool. Penetration testers, incident responders, forensics, and defense professionals need to be able to take existing code and produce stable functional Python tools or be able to debug an issue with an existing tool. This course teaches Python fundamentals with both lecture and labs.
SOC Core Skills
This 16-hour information security training course will cover the core security skills all Security Operation Center (SOC) analysts need to have. These are the skills that all Black Hills Information Security (BHIS) SOC team members need to have.
Introduction to Python
Automating tasks in using scripts in various programming languages is critical to scale up the efforts of a limited security professional talent pool. Penetration testers, incident responders, forensics, and defense professionals need to be able to take existing code and produce stable functional Python tools or be able to debug an issue with an existing tool. This course teaches Python fundamentals with both lecture and labs.
Anti-Cast | Linux Command Line Dojo
If you’ve been using the Linux command line for a long time, you may have missed out on some sweet new features of common commands that can make your life much better. Join Sensei Hal as we break down some practical examples and demonstrate some useful new functionality.
Talking about the Cybers with Europe
OnlineJoin Antisyphon, BSides Ume, and other security friends for some cyber talks and a game of Backdoors and Breaches!
Red Team Fundamentals for Active Directory
OnlineRed Team Fundamentals for Active Directory course is an 8-hour class focused on explaining the fundamentals of Active Directory and how different aspects can be exploited when performing penetration tests.
Breaching the Cloud w/ Beau Bullock
OnlineThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Anti-Cast | Strengthening Your Blue Teaming Skills: Thinking Like an Attacker
OnlineThis webcast will explore the vast amount of challenges faced by blue teamers and how they can stay ahead of the curve. Through a ransomware attack example, we’ll discuss the broad range of skills and knowledge needed to respond effectively to advanced threats. We’ll elaborate on how thinking like an attacker and employing a purple teaming approach for skills development has proven to be the best defense for many blue teamers. The session will conclude with a Q&A portion to provide answers on what and how blue teamers need to upskill.
Red Team Fundamentals for Active Directory
OnlineRed Team Fundamentals for Active Directory course is an 8-hour class focused on explaining the fundamentals of Active Directory and how different aspects can be exploited when performing penetration tests.
Breaching the Cloud w/ Beau Bullock
OnlineThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Breaching the Cloud w/ Beau Bullock
OnlineThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Breaching the Cloud w/ Beau Bullock
OnlineThis training walks through a complete penetration testing methodology of cloud-based infrastructure. Starting with no information other than the company name you will learn to discover what cloud-specific assets your target is using. Following the enumeration of cloud services, you will learn how to discover misconfigurations that commonly expose sensitive data as well as a thorough understanding of how to get an initial foothold into a cloud-based organization.
Professionally Evil Container Security (PECSEC)
OnlineThis course is designed to cover the core fundamentals of container and container orchestration security. We’ll explore container security concerns, configuration issues, and how to abuse them as an attacker. Then we’ll switch gears and explore the ways that we can prevent the attacks we just carried out. This will all be done in a hands-on lab driven manner. This class is focused primarily on Docker and Kubernetes but many of the core concepts can be applied to other container technologies.
Security Compliance and Leadership
OnlineIn this course, we will cover all of the steps needed to stand up and lead a security team within an organization. We start with a clean slate so that every aspect gets covered. If you are in an environment that already has a security team, this can help fill in the gaps. This course will have a heavy focus on how to integrate the security team with the rest of the business units. We’ll look at strategies for increasing funding, as well as converting “security risks” into “business risks” so they are better understood by the organization’s leadership. The course includes a lot of collateral like a full set of pre-written security policies. The goal is to help you build an effective security team in as little time as possible.
Anti-Cast | Forensicating Linux LD_PRELOAD Rootkits
OnlineWidespread availability of PoC Linux LD_PRELOAD rootkits means that even trivial cryptomining attacks are starting to deploy them. This talk demonstrates a simple LD_PRELOAD rootkit and techniques for detecting them in a live response scenario and by memory analysis. Get the jump on your adversaries with this fast-paced, practical introduction.
Professionally Evil Container Security (PECSEC)
OnlineThis course is designed to cover the core fundamentals of container and container orchestration security. We’ll explore container security concerns, configuration issues, and how to abuse them as an attacker. Then we’ll switch gears and explore the ways that we can prevent the attacks we just carried out. This will all be done in a hands-on lab driven manner. This class is focused primarily on Docker and Kubernetes but many of the core concepts can be applied to other container technologies.
Security Compliance and Leadership
OnlineIn this course, we will cover all of the steps needed to stand up and lead a security team within an organization. We start with a clean slate so that every aspect gets covered. If you are in an environment that already has a security team, this can help fill in the gaps. This course will have a heavy focus on how to integrate the security team with the rest of the business units. We’ll look at strategies for increasing funding, as well as converting “security risks” into “business risks” so they are better understood by the organization’s leadership. The course includes a lot of collateral like a full set of pre-written security policies. The goal is to help you build an effective security team in as little time as possible.
Security Compliance and Leadership
OnlineIn this course, we will cover all of the steps needed to stand up and lead a security team within an organization. We start with a clean slate so that every aspect gets covered. If you are in an environment that already has a security team, this can help fill in the gaps. This course will have a heavy focus on how to integrate the security team with the rest of the business units. We’ll look at strategies for increasing funding, as well as converting “security risks” into “business risks” so they are better understood by the organization’s leadership. The course includes a lot of collateral like a full set of pre-written security policies. The goal is to help you build an effective security team in as little time as possible.
Security Compliance and Leadership
OnlineIn this course, we will cover all of the steps needed to stand up and lead a security team within an organization. We start with a clean slate so that every aspect gets covered. If you are in an environment that already has a security team, this can help fill in the gaps. This course will have a heavy focus on how to integrate the security team with the rest of the business units. We’ll look at strategies for increasing funding, as well as converting “security risks” into “business risks” so they are better understood by the organization’s leadership. The course includes a lot of collateral like a full set of pre-written security policies. The goal is to help you build an effective security team in as little time as possible.
Anti-Cast | The Sysmon Update is Here
OnlineThe long-awaited update to Sysmon is here!
Microsoft has recently released version 15. This updated version of the popular logging tool includes new features and provides responders insight into endpoint behavior.
In this Anti-Cast, Gerard Johansen, digital forensics practitioner and course author of Enterprise Forensics and Response will walk through how Sysmon can aid in incident investigations.
Anti-Cast | OSINT Uncovered: Unlocking the Hidden Gems of Online Information
OnlineThis Anti-Cast session explores advanced techniques and tools for extracting valuable information from diverse online platforms, social media, public databases, and breaches. By emphasizing responsible approaches to OSINT, attendees will learn how to navigate vast data sources, analyze digital footprints, and uncover the hidden gems of online information. Learn to harness the power of OSINT, as Mishaal walks you through some quick OSINT demos. Stalkers not allowed!
Anti-Cast | Obtaining NetNTLM Hashes by Asking Nicely
OnlineActive Directory loves spewing hashes, all kinds of them. This talk will focus on NetNTLM (or NTLM, call it what you will) hashes. We'll chat about how they can be obtained and used for privilege escalation and lateral movement.
Anti-Cast | Down with the CISO
OnlineThis webcast overviews why enterprises split into operations, development, and security. Why it made sense to split technology up this way, how we were wrong to do it, and what we should do now.
Anti-Cast | XFS Forensics with xfs_db
OnlineDespite being a common Linux file system, forensic support for XFS is still largely lacking. In this session, Hal will describe how to turn the humble xfs_db tool into a useful forensic application for examining XFS file system internals and finding critical evidence. Attackers aren’t the only ones who can “live off the land”!
Talking About the Cybers Invades Europe Again!
OnlineJoin Antisyphon, BSides Kraków, and other security friends for some cyber talks, Cubicles & Compromises, and so much more!
Blue Team Summit & Training
OnlineBlue Teamers have it rough, so we’re putting together an online summit event just for them featuring talks, trainings, and lots of fun and frivolity! The Antisyphon Blue Team Summit 2023 is scheduled for August 23, 2023, with training August 24-25, 2023.
Blue Team Talk: Baby Steps to the Future – Evolving into the Next-Gen SOC
OnlineMost SOCs are unable to keep up with the attacks of today because they are constrained by a structure built to address the opt tempo of yesterday. That structure does not scale to protect the rapidly changing, distributed environments that SOCs are required to defend from attackers that have risen in both number and sophistication. To counter, SOCs must evolve to become 'Next-Gen'. This talk will define that term and present concrete steps organizations can take to evolve from today's rigid structures into a dynamic, agile entity that can quickly react to threats of today and tomorrow.
Blue Team Talk: Social Engineering the Ultimate Adversary: Yourself!
OnlineI've always been fascinated by social engineering. How it's a factor in over 90% of all breaches. And how it can also work against self described social engineering subject matter experts. How can this be? This is just the tip of the psychological iceberg… Consider that the placebo effect can still work, even when you know it's a placebo.
Blue Team Talk: Who’s Been Stealing All the Cookies from the Cookie Jar?
OnlineAttackers target cookies because they’re valuable and hijacking them can give them great results, like bypassing multi factor authentication. This is great for an attacker but makes a cybersecurity professional cry. Learn how cookie hijacking attack works, and ways we can detect and defend against this kind of attack.
Blue Team Talk: Documentation: The First Line of Defense
OnlineDocumentation is arguably one of the most important first lines of defense when it comes to securing assets in any organization. Very few people enjoy writing documentation, or updating it, but it is one of the biggest skills every security team must have to be successful. Without helpful documentation, proper standardization and communication is at risk. This presentation will go through why documentation is so important and how to write good documentation.
Blue Team Talk: 7 Ways to Frustrate Attackers
OnlineAs the daily barrage of headlines continues to roll in, it is easy to feel deflated as a cybersecurity defender. Most first-time penetration tests follow a standard attack path based on these common weaknesses and misconfigurations. Not surprisingly, these are the same techniques used in real-world attacks. What if you could flip the script on those attackers (authorized or not)?
Blue Team Talk: Cloud Security: Why the Endpoint Still Matters
OnlineToday, detection engineers and blue teamers are focused on cloud threat detection. However, are we thinking about these threats holistically?
Blue Team Talk: Defending Beyond Defense
OnlineAssumptions burn defenders every day. Perhaps the most pernicious one is that systems and their controls will always work as designed. Best practices in security may be good guidelines, but unfortunately also suffer from these same blind spots. For example, best practice recommends the use of LAPS for local administrator account passwords of domain-joined computers, yet misconfiguration of active directory can turn it from a protective control into a vulnerability. But what if there was a way to challenge these assumptions up front?
Blue Team Talk: Who Goes There? Actively Detecting Intruders With Honeytokens
OnlineIntrusion detection works best when you can discover the attacker while they are still in the system. Finding out after the fact does little to protect your systems and your data. Ideally, you would want to set an alarm that an attacker would trigger while limiting the damage to your environment. We know from many recent breaches that attackers commonly try to expand their foothold in a system by finding and exploiting hardcoded credentials in environments they have accessed. We can use these behavioral patterns to our advantage by engaging in defensive cyber deception.
Blue Team Talk: Why Your Company Needs an AI Policy Right Now
OnlineA Machine Learning (ML) / Artificial Intelligence (AI) Cybersecurity Policy is essential to protect your organization from evolving threats. It establishes guidelines to safeguard data privacy, address risk management, and implement employee guidance and training. Join us for a 30 minute presentation covering the crucial reasons why your organization needs to implement a ML/AI Policy.
Blue Team Talk: I Want The Log I Can’t Have
OnlineIf you're like me, you have spent some portion of your career working with events generated from on-premise systems. With the move toward cloud, I noticed that logs that I took for granted and expected to have were no longer available. The intent of this talk is to drive greater awareness of what the defender will see (and more importantly what they will not see) when a signing key certificate is extracted, a SAML token forged and access token is utilized in an Azure AD / M365 environment.
Blue Team Talk: Big Mad Blue Team
OnlineDoes your environment pose unique security challenges that require special deviations from industry standard? Do you justify the diminutive size of your SOC/hunt/intel teams by pointing to how smart they are? Has the motto of your team’s onboarding become “they may be best practices but they aren’t our practices”? Welcome to the blue team logical fallacy follies talk.
Blue Team Talk: Level Up: Mastering the Game of Threats through Table Tops and Bots!
OnlineIn our talk, we will explore the use of table top exercises in cybersecurity, focusing on their role in enhancing incident response capabilities. We'll dive into the concept of gamifying these exercises for improved engagement and efficiency.
Table Top gamified experiences can be used to build and continually update incident response playbooks, ensuring relevance in a rapidly evolving threat landscape. Any on at this talk will leave with practical strategies for integrating table tops into their cybersecurity toolkit!
We will also present an interactive demo… Can you survive the Cyber Game Master bot!?
Blue Team Talk: Managing the Unmanageable: Defending the SMB
OnlineOver 13 million Small businesses have 9 or fewer employees. This is over 90% of businesses in the United States alone. In this talk we will look at the challenges and how to overcome them from Ownership buy-in, lack of resources and vendor apathy.
Blue Team Talk: Social Engineering Your Metrics: Using Data Science to Provide Value in Reporting
OnlineReporting is generally boring. As social engineers, we often get wrapped up in the hustle and bustle of performing the engagement and report writing falls to the side. While the reports do go out and we meet client obligations, a serious question arises: Are we providing meaningful measurements, metrics, and advice to the client?
Intro to Offensive Tooling
OnlineThis hands-on course covers a variety of offensive tools, such as Nmap, Recon-ng, Metasploit, Proxychains, Responder, and many more. Through a series of practical labs, you will gain experience in using these tools to assess the security of systems and networks. In addition to learning how to use these tools effectively, you will also explore the ethical considerations surrounding offensive tooling, how to responsibly use these tools to protect sensitive information, and prevent cyber attacks.
Introduction to Python
OnlineBlue teams need all the help they can get, and automating tasks in using scripts in various programming languages is critical to scale up the efforts of a limited security professional talent pool. Incident responders, forensicators, and other defense professionals need to be able to take existing code and produce stable functional Python tools or be able to debug an issue with an existing tool. This course teaches Python fundamentals with both lecture and labs.
Enterprise Forensics and Response
OnlineThe Enterprise Forensics and Response course is designed to provide students with both an investigative construct and techniques that allow them to scale incident response activities in an enterprise environment. The focus of the lecture portion of the course work is understanding the incident investigation process, objective oriented analysis and response, intrusion analysis and an exploration of attacker Tactics and Techniques.
Advanced Network Threat Hunting
OnlineSo far we’ve had over 21,000 students attend our one-day network threat hunting course. Many have asked that we provide an extended class with more hands-on lab time. That is exactly what we have rolled into this 16-hour course!
Incident Response Foundations
OnlineThis class involves analyzing PCAP files for Command and Control (C2) communications in order to identify malware back channels. It is assumed that the student will already understand the basics of network threat hunting, so we can immediately jump into applying that knowledge. The goal will be to create a threat hunting runbook that you can use within your own organization in order to identify systems that have been compromised.
OSINT Mastery Class
OnlineThe "OSINT Mastery Class" is a comprehensive, 16-hour training program designed to offer participants an in-depth exploration of open-source intelligence (OSINT) methodologies. This training delves into investigating businesses, image analysis, and search engine intelligence. Participants will learn about key strategies and practical techniques to harness publicly available information for a variety of purposes such as corporate due diligence, background checks, security analysis, competitive intelligence, and more. The course is hands-on, allowing participants to directly apply their learning through real-world scenarios, case studies, and practical exercises. By the end of the course, participants will have mastered advanced OSINT techniques and tools, positioning themselves to effectively gather, analyze, and interpret open-source data.
MITRE ATT&CK Framework and Tools
OnlineThe MITRE Organization has provided several useful and free tools for working in the cybersecurity space. One of these tools, the MITRE ATT&CK Framework, has become the industry standard for talking about and organizing attacker tactics and techniques. In this introductory class we will look at the information provided in the framework and use various tools, including the ATT&CK Navigator, for visualizing and sharing information. A brief overview of other MITRE tools including CVE/CWE, ATT&CK Flow, ATT&CK Powered Suit, ATT&CK Evaluations, and the Adversary Emulation Library will be given. You will be provided with hands-on lab instructions for creating visualizations using the MITRE ATT&CK Navigator and for searching through ATT&CK data with the convention web browser extension. At the end of this class, you will have the knowledge and tools to talk about and work with the MITRE ATT&CK Framework and Tools.
Intro to Offensive Tooling
OnlineThis hands-on course covers a variety of offensive tools, such as Nmap, Recon-ng, Metasploit, Proxychains, Responder, and many more. Through a series of practical labs, you will gain experience in using these tools to assess the security of systems and networks. In addition to learning how to use these tools effectively, you will also explore the ethical considerations surrounding offensive tooling, how to responsibly use these tools to protect sensitive information, and prevent cyber attacks.
Introduction to Python
OnlineBlue teams need all the help they can get, and automating tasks in using scripts in various programming languages is critical to scale up the efforts of a limited security professional talent pool. Incident responders, forensicators, and other defense professionals need to be able to take existing code and produce stable functional Python tools or be able to debug an issue with an existing tool. This course teaches Python fundamentals with both lecture and labs.
Enterprise Forensics and Response
OnlineThe Enterprise Forensics and Response course is designed to provide students with both an investigative construct and techniques that allow them to scale incident response activities in an enterprise environment. The focus of the lecture portion of the course work is understanding the incident investigation process, objective oriented analysis and response, intrusion analysis and an exploration of attacker Tactics and Techniques.
Advanced Network Threat Hunting
OnlineSo far we’ve had over 21,000 students attend our one-day network threat hunting course. Many have asked that we provide an extended class with more hands-on lab time. That is exactly what we have rolled into this 16-hour course!
Incident Response Foundations
OnlineThis class involves analyzing PCAP files for Command and Control (C2) communications in order to identify malware back channels. It is assumed that the student will already understand the basics of network threat hunting, so we can immediately jump into applying that knowledge. The goal will be to create a threat hunting runbook that you can use within your own organization in order to identify systems that have been compromised.
OSINT Mastery Class
OnlineThe "OSINT Mastery Class" is a comprehensive, 16-hour training program designed to offer participants an in-depth exploration of open-source intelligence (OSINT) methodologies. This training delves into investigating businesses, image analysis, and search engine intelligence. Participants will learn about key strategies and practical techniques to harness publicly available information for a variety of purposes such as corporate due diligence, background checks, security analysis, competitive intelligence, and more. The course is hands-on, allowing participants to directly apply their learning through real-world scenarios, case studies, and practical exercises. By the end of the course, participants will have mastered advanced OSINT techniques and tools, positioning themselves to effectively gather, analyze, and interpret open-source data.
Introduction to Industrial Control Systems
OnlineIntroduction to Industrial Control Systems provides intensive training on defending and attacking industrial control systems. The course will discuss common vulnerabilities, attack paths, defending industrial control systems, and architecture of industrial control environments. This course will provide hands-on training in a lab setting while attacking and securing a virtual factory.
Anti-Cast | Exploring PowerShell Logging with TellTail
OnlineTellTail is a free and open-source application that makes it easy to view and learn about PowerShell logging. In this webcast, we will enable/disable the various PowerShell logging options and watch the effect it has on what gets logged. Come to this webcast to learn more about PowerShell Script Block and Module logging and how you can easily explore and learn on your own.
Introduction to Industrial Control Systems
OnlineIntroduction to Industrial Control Systems provides intensive training on defending and attacking industrial control systems. The course will discuss common vulnerabilities, attack paths, defending industrial control systems, and architecture of industrial control environments. This course will provide hands-on training in a lab setting while attacking and securing a virtual factory.
Introduction to Industrial Control Systems
OnlineIntroduction to Industrial Control Systems provides intensive training on defending and attacking industrial control systems. The course will discuss common vulnerabilities, attack paths, defending industrial control systems, and architecture of industrial control environments. This course will provide hands-on training in a lab setting while attacking and securing a virtual factory.
Introduction to Industrial Control Systems
OnlineIntroduction to Industrial Control Systems provides intensive training on defending and attacking industrial control systems. The course will discuss common vulnerabilities, attack paths, defending industrial control systems, and architecture of industrial control environments. This course will provide hands-on training in a lab setting while attacking and securing a virtual factory.
Anti-Cast | The Wrong Beer to the Barbecue: BYOVD Attacks (BYOVD: Bring Your Own Vulnerable Driver)
OnlineBased on recent threat reports, a growing number of bad actors are bringing vulnerable drivers to victim environments to exploit and guarantee a more successful attack path. These kernel drivers are legitimate, trusted and... vulnerable! Amazingly, some have CVEs dating back to 2015 or earlier. During this Anti-Cast, we will map out detection methods to identify and remove vulnerable drivers already present in your network AND devise prevent/block strategies to future-proof against BYOVD attacks.
Professionally Evil Application Security (PEAS): Mastering Application Reconnaissance and Mapping
OnlineEmbark on a journey into the world of web security with Mastering Application Reconnaissance and Mapping. As part of the Professionally Evil Application Security series, this course focuses on the crucial aspects of reconnaissance and mapping within the application penetration testing methodology. Whether you're a seasoned professional or a curious newcomer, this course will equip you with the foundational knowledge and practical skills to assess web applications against potential vulnerabilities.
Linux Forensics
OnlineOne of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Professionally Evil API Testing: A Practical Course for Beginners
OnlineIf you want to learn how to perform security testing on web applications that use application programming interfaces (APIs), this course is for you. APIs are the connective tissue responsible for transferring information between systems, both internally and externally. They are also a common target for cyberattacks, as they can expose sensitive data, application logic, and internal infrastructure.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Linux Forensics
OnlineOne of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Anti-Cast | Credential Compartmentalization in Active Directory
OnlineWhen it comes to security, the goal is to make an attacker’s job as difficult as possible. The more hurdles they must jump through, the easier it should be to detect and stop them. Unfortunately, common practices around how and where privileged accounts are used in Windows environments reduces the race down to only a couple of jumps (or maybe just a sprint). We will talk about why device and account tiering is critically important for making a network a virtual obstacle course.
Professionally Evil Container Security (PECSEC) – Out of the Box: Strategies for Escaping from Containers
OnlineThis immersive training course invites participants to delve into the world of container technologies and learn about container escape techniques. Often, container environments are seen as safe spaces; this course, however, challenges that perspective by demonstrating ways in which these seemingly secure environments can be compromised. Through a series of interactive exercises and real-world examples, participants will learn how to identify weaknesses in container configurations and how to escape from containerized environments. This course is ideal for anyone involved with container technologies, keen to enhance their security skills.
Linux Forensics
OnlineOne of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Linux Forensics
OnlineOne of the core disciplines of security is understanding how systems communicate over the Internet. This skill set is crucial to spotting abnormal behavior and attack patterns. In this class, we will go beyond the fundamentals of how IP communicates and dive into the subtle nuances. This will help the student identify anomalous patterns when they occur.
Getting Started in Security with BHIS and MITRE ATT&CK
OnlineThis 16-hour (4-days, 4-hour sessions) information security training class is designed for people who are new to computer security. We will cover the core fundamentals with lots of hands-on labs demonstrating the attacks and defenses every security professional must know to be successful.
Getting Started in Security with BHIS and MITRE ATT&CK
OnlineThis 16-hour (4-days, 4-hour sessions) information security training class is designed for people who are new to computer security. We will cover the core fundamentals with lots of hands-on labs demonstrating the attacks and defenses every security professional must know to be successful.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | API-ocalypse Now
OnlineGet ready for a wild ride as Jennifer Shannon, a Senior Security Consultant at Secure Ideas, presents "API-ocalypse Now." In this thrilling and entertaining webcast, Jennifer will showcase the vulnerabilities lurking within APIs and the havoc they can wreak if left unaddressed. Through live pentesting demos, she will demonstrate jaw-dropping exploits, mind-bending injection attacks, and authentication bypass techniques that will leave you on the edge of your seat. Join Jennifer as she navigates the dark side of APIs to help you understand and fortify your attack surface in order to prevent the impending API-ocalypse.
Getting Started in Security with BHIS and MITRE ATT&CK
OnlineThis 16-hour (4-days, 4-hour sessions) information security training class is designed for people who are new to computer security. We will cover the core fundamentals with lots of hands-on labs demonstrating the attacks and defenses every security professional must know to be successful.
Getting Started in Security with BHIS and MITRE ATT&CK
OnlineThis 16-hour (4-days, 4-hour sessions) information security training class is designed for people who are new to computer security. We will cover the core fundamentals with lots of hands-on labs demonstrating the attacks and defenses every security professional must know to be successful.
Red Team Fundamentals for Active Directory
OnlineRed Team Fundamentals for Active Directory course is an 8-hour class focused on explaining the fundamentals of Active Directory and how different aspects can be exploited when performing penetration tests.
Professionally Evil CISSP Mentorship Program
OnlineISC2 describes the CISSP as a way to prove “you have what it takes to effectively design, implement and manage a best-in-class cybersecurity program”. It is one of the primary certifications used as a stepping point in your cybersecurity career. To accomplish this, Secure Ideas has developed a mentorship program designed to provide the knowledge necessary to pass the certification, while working through the common body of knowledge (CBK) in a manner that encourages retention of the knowledge. The mentorship program is designed as a 10-week series of sessions along with various student support and communication methods. These work together to provide the student a solid foundation to not only help in passing the certification but to continue as a collection of information for everyday work. This class is set up to cover the 8 domains of the ISC2 CBK.
Anti-Cast | Infiltrating Kubernetes: Attacker Motives and Methods
OnlineIn this one-hour webinar, we will explore an overview of the threats targeting Kubernetes, a crucial technology for managing containerized applications. “Infiltrating Kubernetes: An Overview of Attacker Motives and Methods,” aims to equip IT professionals, DevOps engineers, and cybersecurity enthusiasts with insights into why and how attackers infiltrate Kubernetes environments.
Red Team Fundamentals for Active Directory
OnlineRed Team Fundamentals for Active Directory course is an 8-hour class focused on explaining the fundamentals of Active Directory and how different aspects can be exploited when performing penetration tests.