2-Day Training Opportunities
SEC440: Critical Security Controls: Planning, Implementing, and AuditingTraining by SANS
Presenter: Jonathan Risto
This course helps you master specific, proven techniques and tools needed to implement and audit the Critical Security Controls as documented by the Center for Internet Security (CIS). These Critical Security Controls, listed below, are rapidly becoming accepted as the highest priority list of what must be done and proven before anything else at nearly all serious and sensitive organizations. These controls were selected and defined by the US military and other government and private organizations (including NSA, DHS, GAO, and many others) who are the most respected experts on how attacks actually work and what can be done to stop them. They defined these controls as their consensus for the best way to block the known attacks and the best way to help find and mitigate damage from the attacks that get through. For security professionals, the course enables you to see how to put the controls in place in your existing network though effective and widespread use of cost-effective automation. For auditors, CIOs, and risk officers, the course is the best way to understand how you will measure whether the controls are effectively implemented. SEC440 does not contain any labs. If the student is looking for hands on labs involving the Critical Controls, they should take SEC566. The Critical Security Controls are listed below. You will find the full document describing the Critical Security Controls posted at the Center for Internet Security. One of the best features of the course is that it uses offense to inform defense. In other words, you will learn about the actual attacks that you'll be stopping or mitigating. That makes the defenses very real, and it makes you a better security professional.
Fundamentals of Routing and Switching for Blue and Red TeamTraining by Paul Coggin
Presenter: Paul Coggin, Cyber Security Research Scientist, Financial Institution
Early Bird Price (ends April 15th, 2019): $375
Regular Price: $400
In this intense 2-day class, students will learn the fundamentals of routing and switching from a blue and red team perspective. Using hands-on labs, students will receive practical experience with routing and switching technologies with a detailed discussion on how to attack and defend the network infrastructure. Students will leave the class with a good understanding of how to configure and operate routing and switching protocols as well as how to attack and defend the control, management and data planes in their organization networks.
Introduction to Red Team OperationsTraining by Millennium
Presenter: Nicholas Downer, Systems Security Engineer/Instructor
Early Bird Price (ends April 15th, 2019): $399
Regular Price: $424
Understanding how our adversaries accomplish high-profile attacks is the cornerstone of this course. This course is based on Millennium Corporation’s 5 day “Red Team Apprentice Course” and covers realistic attack tactics and techniques that can be found in open source, industry threat reports. Topics include: NMAP enumeration techniques, phishing campaigns, Microsoft windows enumeration, Microsoft active directory enumeration, basic privilege escalation techniques, and compromising a Microsoft domain controller.
1-day Training Opportunities
RMF Automation using PowerShell and Bash Scripts - ISSM and ISSO Training - NIST 800-53a v4Training by CyberProtex
Presenter: Ben McGee, CyberProtex, Founder, President and Chief Executive Officer
Early Bird Price (ends April 15th, 2019): $149
Regular Price: $174
The one day workshop will provide insight and understanding to the major roles associated with the Risk Management Framework (RMF) process, focusing on the Information System Security Manager (ISSM) and the Information System Security Officer (ISSO) positions. Participants will experience hands-on labs learning PowerShell and Bash Scripts to automate and mitigate controls. Skills learned will be focused to provide support to DOD computing environments, to adhere to NISPOM Chapter 8 and DAAPM policies, to comply with Security Content Automation Protocol (SCAP) and STIGs, and to properly decipher communications with eMASS. Training will be hands-on so bring your laptop.
Threat Hunting using Open Source ToolsTraining by CyberProtex
Presenter: Rita Edwards, CyberProtex, Featured Cyber Security Instructor
Early Bird Price (ends April 15th, 2019): $199
Regular Price: $224
This hands-on course addresses all the stages involved in the Threat Hunting and Intelligence Gathering landscape. Our course focuses on teaching professionals how to identify and counteract risks to the business by finding threats and mitigating them. It is a comprehensive, hands-on course that teaches a detailed approach for building an effective threat hunting program within an organization which is professional, systematic and repeatable. This course is for anyone currently in a role as a cybersecurity engineer, test engineer, systems engineer or software engineer who is looking to sharpen their skill-set arsenal.
This workshop is also great for someone starting out in cyber security as it will increase employability by learning industry tools and techniques used in the Cyber Threat Hunting and Intelligence Gathering industry.
Ethical Hacking (STORM) WorkshopTraining by EC Council
Presenter: Wayne Burke, Vice President & Co-Founder, Cyber2 Labs, LLC
In this course you will learn the procedures to use a virtual bridge and connect to a physical network. How to run virtual software and bridge it to your Storm device as well as how to isolate the Storm with the bridge. Configure secure remote access, and connect from the Internet Do your assessments from your back yard with no airport security checks! Following this you will learn network monitoring, and protocol analysis. Performing the hacking and penetration testing methodology and using the device as your attack platform.
Security+ Exam Preparation Review for InstructorsTraining by CompTIA
Presenter: Mark Whigham, Instructor, Calhoun Community College
Early Bird Price (ends April 15th, 2019): $50
Regular Price: $75
This course will provide instructors with an overview of key concepts and virtual labs needed in preparation for the Security+ exam.
Threat Hunting with SuricataTraining by OISF
Presenters: Peter Manev, Director of Training, Open Information Security Foundation & Dr. Joshua Stroschein, Training and Academic Outreach, Open Information Security Foundation
Early Bird Price (ends April 15th, 2019): $474
Regular Price: $599
Defending your network starts with understanding your traffic. More than just an IDS/IPS, Suricata can provide the visibility to solve incidents quickly and more accurately by providing context before, during, and after an alert. In this brand new 2-day class, we teach the skills required by network defenders to gain a deeper understanding of their networks to identify, respond and protect against threats.