homepage
Open menu
new

SEC554: Blockchain and Smart Contract Security

Register Now Course Demo
  • Online
18 CPEs

SEC554 will teach you the essential topics of blockchain and smart contract technology. The course takes a detailed look at the cryptography and transactions behind blockchain and provides the hands-on training and tools to deploy, audit, scan, and exploit blockchain and smart contract assets.

Course Authors:
Steven Walbroehl
Steven Walbroehl
What You Will LearnSyllabusLaptop RequirementsAuthor StatementTraining & Pricing

What You Will Learn

In 2008, an anonymous author, under the pseudonym Satoshi Nakamoto, published a white paper outlining a public transaction ledger for a decentralized peer-to-peer payment system entitled Bitcoin: A Peer-to-Peer Electronic Cash System, which is regarded as the "birth" of blockchain. Since then, the use of blockchain has evolved beyond its original implementation as a cryptocurrency. It has gained momentum in recent years, being adopted by some of the largest organizations in the world, including IBM, Amazon, PayPal, Mastercard, and Walmart. However, due to the relative newness of blockchain compared to more understood and traditional technologies, its use is still hindered by speculation, confusion, uncertainty, and risk.

In SEC554: Blockchain and Smart Contract Security, you will become familiar with essential topics of blockchain and smart contract technology, including its history, design principles, architecture, business use cases, regulatory environment, and technical specifications. The course takes a detailed look at the mechanics behind the cryptography and the transactions that make blockchain work. It provides exercises that will teach you how to use tools to deploy, audit, scan, and exploit blockchain and smart contract assets. Hands-on labs and exercises will enable you to interact with various blockchain implementations, such as ethereum and bitcoin, and you'll be provided with resources to take with you to further explore.

There have already been widespread security breaches, fraud, and hacks on blockchain platforms, resulting in billions of dollars in losses. These issues, along with growing scrutiny by government agencies to find malicious users abusing the technology, is tarnishing blockchain's reputation. SEC554 approaches blockchain and smart contracts from an offensive perspective to inform students what vulnerabilities exist, how they are exploited, and how to defend against attacks that are currently leveraged today. Some of the skills and techniques you will learn are:

  • How to interact with and get data from public blockchains
  • How to exploit several types of smart contract vulnerabilities
  • How to test and exploit weak cryptography/entropy
  • How to discover and re-create private keys
  • What cryptojackers do and how to trace and track movements on blockchain
  • How to combat non-technical or social engineering types of attacks that adversaries use to access and steal from victims

We can see the many solutions blockchain technology can provide as a payment system, but as the technology is increasingly adopted, its attack surface will continue to grow. While there are some educational resources available for blockchain, there is relatively little educational content around blockchain security. No other training provides the comprehensive level of blockchain testing, exercises and knowledge that is delivered in SEC554.

You Will Be Able To

  • Compile and deploy smart contracts
  • Exploit vulnerable smart contracts, nodes, and private keys
  • Run automated security scans on smart contracts
  • Use the latest blockchain tools for development, security, auditing, and exploiting
  • Trace and discover blockchain transaction information
  • Set up and protect a cryptocurrency wallet
  • Crack partially exposed mnemonics keys
  • Send transactions to blockchain
  • Set up a local ethereum blockchain for testing
  • Join a cryptocurrency mining pool, or create your own mining node
  • Run static analysis on EVM bytecode
  • Interact with cryptocurrency on main and test networks
  • Investigate, install, and prevent crypto-jacking malware
  • Protect and defend against privacy attacks on blockchain

You Will Receive With This Course

  • ZIION blockchain and smart contract testing and development platform
  • Access to a full bitcoin testnet node
  • Reference documents outlining all the common smart contract vulnerability classes
  • Cheat sheet for the most common blockchain CLI tool commands
  • 14 labs with custom tools
  • Course workbook

Syllabus (18 CPEs)

  • Overview

    The first course section begins by establishing the fundamentals of blockchain technology and how it is applied to real-world problems. The most important technical aspects that make up blockchain architecture are discussed, along with examples and case studies. Students will generate public and private key pairs used by blockchain, create different type of cryptocurrency wallets, deep-dive into the different consensus mechanisms that make blockchain a decentralized system, learn how crypto currency mining works, and investigate what happens during transactions. The section will feature scenarios and exercises to send and receive blockchain transactions, and students will see live transactions on the public chain through various block explorers. We'll also look at smart contract technology and walk through examples of how it is applied today in various industries and market use cases.

    Exercises

    Lab 1.1: Create a HD Software Wallet

    Lab 1.2: Join a Blockchain Mining Pool

    Lab 1.3: Blockchain Transaction Analysis

    Lab 1.4: Use the Bitcoin-cli to Interact with an API

    Topics
    • What Is Blockchain?
      • Definitions and Origins
      • Types of Distributed Consensus
      • Purposes and Uses Cases
    • What Is a Smart Contract?
      • Introduction to Smart Contracts
      • Smart Contract Use Cases and Platforms
    • Keys, Wallets, and Cryptography
      • Hashing Functions
      • Types of Cryptography
      • Wallets
      • Mnemonic Keys
    • Consensus Mechanisms
      • Proof of Work
      • Mining - The History and the Process
      • Proof of Stake
      • Lightning Network
    • Blockchain Transactions
      • Components of a Transaction
      • Block Explorers
    • Blockchain Components
      • Bitcoin - API, Nodes, and Clients
      • Ethereum Architecture
  • Overview

    After the technical blockchain fundamentals are established and have become familiar to students, section two of the course builds on that knowledge with a focus on security topics scoped to blockchain systems such as the bitcoin network. Students will learn the security principles that make blockchain different from traditional technology systems, and then begin to discover some of the weaknesses in a blockchain system and how they are attacked. We'll spend time learning and using blockchain security tools that exploit private keys and users, and the common mistakes people make when using them. We'll also take a deep dive on how privacy can be compromised and used by adversaries or government agencies to monitor and identify user activity. Dark net markets have been one of the most notorious uses of cryptocurrencies, and this course section will also provide information on how these markets differ from the normal Internet, why they are used for illegal purposes. We'll also examine privacy crypto like monero, as well as the regulations enforced by agencies to prevent criminal activity. Finally, students will discover and attempt other malicious uses of blockchain, such as crypto-jacking.

    Exercises

    Lab 2.1: Exploiting a Private Key Exposure

    Lab 2.2: Brute Force a Mnemonic Phrase

    Lab 2.3: Cryptominer Malware Agent

    Lab 2.4: OSINT to Discover Hidden Bitcoin Funds

    Topics
    • The Bitcoin Network and Security Overview
      • Assumptions about Bitcoin Security
      • Security Architecture Principles
    • Weaknesses and Vulnerabilities
      • Network Attacks
      • Node Security
      • Centralized Integration
      • User Security
    • Attacks on Private Keys
      • BIP-32/BIP-39 and PBKDF2
      • Cracking Mnemonics Keys
    • Attacks on Privacy
      • Blockchain-based Attacks
      • Non-Blockchain-based Attacks
      • Defenses for Privacy
    • Malicious Uses of Blockchain
      • Ransomware and Crypto-Lockers
      • Cryptojacking
      • ICO Scams and Ponzi Schemes
    • Regulatory Compliance and Investigation
      • The Current Regulatory Environment
      • OSINT and Anonymity Issues and Detection
      • TOR and Dark Net Markets
  • Overview

    The final course section focuses on the security aspects of the most widely used smart contract platform, ethereum. Smart contracts differ in architecture from blockchains such as bitcoin because of their multi-purpose implementations. Developers write smart contracts in languages such as Solidity, which often contain bugs and vulnerabilities. The vulnerabilities can be exploited on the public main-net and cause massive amounts of financial and reputational damage. We'll introduce the ethereum smart contract programming language, Solidity, and examine how to compile, deploy, and interact with smart contracts locally and remotely. Then, after students are familiar with the development process from using tools like Truffle and Ganache, we'll deep-dive into the common ethereum vulnerabilities and walk through case studies of how they have been exploited in the past. Several tools and scanners, such as Slither, Mythril, and Remix, are provided for students to identify and validate these vulnerabilities. Finally, after students learn how to identify a smart contract vulnerability, we'll attack and exploit a custom smart contract on a locally created ethereum network deployed by the students.

    Exercises

    Lab 3.1: Create a Private Ethereum Blockchain

    Lab 3.2: Compile and Analyze EVM Code

    Lab 3.3: Deploy a Smart Contract

    Lab 3.4: Vulnerability Scanning a Solidity Project

    Lab 3.5: Identifying an Exploit

    Lab 3.6: Exploiting a Smart Contract on the Blockchain

    Topics
    • The Smart Contract Lifecycle
      • The Architecture and Concepts of Ethereum
      • Tools for the Ethereum Blockchain
    • Solidity
      • Solidity Programming
      • Components of a Solidity Smart Contract
      • Compiling a Contract
      • Deploying a Contract
      • Interacting with a Smart Contract
    • Smart Contract Vulnerabilities
      • Types of Vulnerabilities
      • Well-Known Security Failures
      • Security Tools for Ethereum Smart Contracts
    • Attacking and Exploiting Smart Contracts
      • Exploiting Ethereum Smart Contracts
      • Case Study: The DAO Hack
      • Case Study: The Parity Hack
    • Conclusion
      • Security Best Practices
      • The Future of Smart Contracts and Security

Laptop Requirements

Important! Bring your own system configured according to these instructions!

A properly configured system is required to fully participate in this course. These requirements are the mandatory minimums. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. We strongly urge you to arrive with a system meeting all the requirements specified for the course.

It is critical that you back-up your system before class. it is also strongly advised that you do not bring a system storing any sensitive data.

System Hardware Requirements

CPU: 64-bit Intel i5/i7 2.0+ GHz processor

Your system's processor must be a 64-bit Intel i5 or i7 2.0 GHz processor or higher. Your CPU and OS must support a 64-bit guest virtual machine.

  • VMware provides a free tool for Windows that will detect whether or not your host supports 64-bit guest virtual machines.
  • Windows users can use this article to learn more about their CPU and OS capabilities.
  • Apple users can use this support page to learn more information about Mac 64-bit capability.

BIOS: Enabled "Intel-VT"

Intel's VT (VT-x) hardware virtualization technology should be enabled in your system's BIOS or UEFI settings. You must be able to access your system's BIOS throughout the class. If your BIOS is password-protected, you must have the password.

USB: USB 3.0 Type-A port

At least one available USB 3.0 Type-A port is required for copying large data files from the USB 3.0 drives we provide in class. The USB port must not be locked in hardware or software. Some newer laptops may have only the smaller Type-C ports. In this case, you will need to bring a USB Type-C to Type-A adapter.

RAM: 8 GB RAM

8 GB RAM is required for the best experience. To verify on Windows 10, press Windows key + "I" to open Settings, then click "System", then "About". Your RAM information will be toward the bottom of the page. To verify on a Mac, click the Apple logo at the top left-hand corner of your display and then click "About this Mac".

Hard Drive Free Space: 40 GB Free space

30 GB of FREE space on the hard drive is critical to host the VMs and additional files we distribute. SSD drives are also highly recommended, as they allow virtual machines to run much faster than mechanical hard drives.

Operating System: Windows 10 Pro or macOS 10.12+

Your system must be running either Windows 10 Pro or macOS 10.12 or higher. Make sure your operating system is fully updated with the correct drivers and patches prior to arriving in class. Note: Apple systems using the M1 processor cannot perform the necessary virtualization at this time and cannot be used for this course.

Additional Hardware Requirements

The requirements below are in addition to baseline requirements provided above. Prior to the start of class, you must install virtualization software and meet additional hardware and software requirements as described below. If you do not carefully read and follow these instructions, you will leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course.

Network, Wireless Connection: A wireless 802.11 B, G, N, or AC network adapter is required.

A wireless 802.11 B, G, N, or AC network adapter is required. This can be the internal wireless adapter in your system or and external USB wireless adapter. A wireless adapter allows you to connect to the network without any cables. If you can surf the Internet on your system without plugging in a network cable, you have wireless.

Additional Software Requirements

You will need Adobe Acrobat or other PDF reader application.

Chrome Browser: Install Google Chrome

You need the Google Chrome browser installed on your system before you arrive for class. The course exercises have been tested with Chrome and not other browsers. You can download Chrome from here.

Credential Guard

If your host computer is running Windows, Credential Guard may interfere with the ability to run VMs. It is important that you start up VMWare prior to class and confirm that virtual machines can run. It is required that Credential Guard is turned off prior to coming to class.

System Configuration Settings

Local Admin: Have an account with local admin privileges

Some of the tools used in the course will require local admin access. This is absolutely required. If your company will not permit this access for the duration of the course, then you should make arrangements to bring a different system.

Disable VPN: Ability to disable your enterprise VPN client temporarily for some exercises

Enterprise VPN clients may interfere with the network configuration required to participate in the class. To avoid any frustration in class, uninstall or disable your enterprise VPN client for the duration of the class. If you keep it installed, make sure that you have the access to disable or uninstall it at class.

Disable AV: Ability to disable your anti-virus tools temporarily for some exercises

You will be required to disable your anti-virus tools temporarily for some exercises, so make sure you have the anti-virus administrator permissions to do so. DO NOT plan on just killing your anti-virus service or processes, because most anti-virus tools still function even when their associated services and processes have been terminated. For many enterprise- managed clients, disabling your anti-virus tool may require a different password than the Administrator account password. Please bring that administrator password for your anti-virus tool.

Disable Firewall: Disable host firewall

You must have the ability to disable the host firewall (Windows firewall or other third-party firewall)

If you have additional questions about the laptop specifications, please contact laptop_prep@sans.org.

Author Statement

"Blockchain is a revolutionary solution that solves multiple issues inherent in the social, economic, and technological challenges we face today. Decentralization and self-sovereignty are not just concepts, but fundamental ideals that should be made available and accessible for all to benefit from. But those processes need to be carried out responsibly and securely. In order to drive adoption, security must be a priority for all developers, users, or speculators interacting with blockchains or smart contracts. I've always thought the best way to protect something is to learn how to break it." - Steven Walbroehl

Ways to Learn

  • OnDemand

Study and prepare for GIAC Certification with four months of online access to SANS OnDemand courses. Includes labs and exercises, and SME support.

  • Live Online

Live, interactive sessions with SANS instructors over the course of one or more weeks, at times convenient to students worldwide.

Who Should Attend SEC554?

  • Smart contract developers
  • Blockchain developers
  • Security engineers, architects, or analysts whose companies are creating blockchain or smart contract applications
  • Penetration testers interested in expanding their set of skills to newer technologies, and in getting a head start on an emerging new discipline in security
  • Compliance officers tasked with validating and investigating implementations that involve blockchain or smart contracts
  • Executives or managers who are starting projects that involve blockchain or smart contracts and need to understand the technology, security issues, and mitigations involved
  • Employees of government agencies who want to expand their knowledge and skills of blockchain networks
  • Cryptocurrency users who want to learn how to protect their transactions, investments, and privacy
Africa/Abidjan
Africa/Accra
Africa/Addis Ababa
Africa/Algiers
Africa/Asmara
Africa/Asmera
Africa/Bamako
Africa/Bangui
Africa/Banjul
Africa/Bissau
Africa/Blantyre
Africa/Brazzaville
Africa/Bujumbura
Africa/Cairo
Africa/Casablanca
Africa/Ceuta
Africa/Conakry
Africa/Dakar
Africa/Dar es Salaam
Africa/Djibouti
Africa/Douala
Africa/El Aaiun
Africa/Freetown
Africa/Gaborone
Africa/Harare
Africa/Johannesburg
Africa/Juba
Africa/Kampala
Africa/Khartoum
Africa/Kigali
Africa/Kinshasa
Africa/Lagos
Africa/Libreville
Africa/Lome
Africa/Luanda
Africa/Lubumbashi
Africa/Lusaka
Africa/Malabo
Africa/Maputo
Africa/Maseru
Africa/Mbabane
Africa/Mogadishu
Africa/Monrovia
Africa/Nairobi
Africa/Ndjamena
Africa/Niamey
Africa/Nouakchott
Africa/Ouagadougou
Africa/Porto-Novo
Africa/Sao Tome
Africa/Timbuktu
Africa/Tripoli
Africa/Tunis
Africa/Windhoek
America/Adak
America/Anchorage
America/Anguilla
America/Antigua
America/Araguaina
America/Argentina/Buenos Aires
America/Argentina/Catamarca
America/Argentina/ComodRivadavia
America/Argentina/Cordoba
America/Argentina/Jujuy
America/Argentina/La Rioja
America/Argentina/Mendoza
America/Argentina/Rio Gallegos
America/Argentina/Salta
America/Argentina/San Juan
America/Argentina/San Luis
America/Argentina/Tucuman
America/Argentina/Ushuaia
America/Aruba
America/Asuncion
America/Atikokan
America/Atka
America/Bahia
America/Bahia Banderas
America/Barbados
America/Belem
America/Belize
America/Blanc-Sablon
America/Boa Vista
America/Bogota
America/Boise
America/Buenos Aires
America/Cambridge Bay
America/Campo Grande
America/Cancun
America/Caracas
America/Catamarca
America/Cayenne
America/Cayman
America/Chicago
America/Chihuahua
America/Coral Harbour
America/Cordoba
America/Costa Rica
America/Creston
America/Cuiaba
America/Curacao
America/Danmarkshavn
America/Dawson
America/Dawson Creek
America/Denver
America/Detroit
America/Dominica
America/Edmonton
America/Eirunepe
America/El Salvador
America/Ensenada
America/Fort Nelson
America/Fort Wayne
America/Fortaleza
America/Glace Bay
America/Godthab
America/Goose Bay
America/Grand Turk
America/Grenada
America/Guadeloupe
America/Guatemala
America/Guayaquil
America/Guyana
America/Halifax
America/Havana
America/Hermosillo
America/Indiana/Indianapolis
America/Indiana/Knox
America/Indiana/Marengo
America/Indiana/Petersburg
America/Indiana/Tell City
America/Indiana/Vevay
America/Indiana/Vincennes
America/Indiana/Winamac
America/Indianapolis
America/Inuvik
America/Iqaluit
America/Jamaica
America/Jujuy
America/Juneau
America/Kentucky/Louisville
America/Kentucky/Monticello
America/Knox IN
America/Kralendijk
America/La Paz
America/Lima
America/Los Angeles
America/Louisville
America/Lower Princes
America/Maceio
America/Managua
America/Manaus
America/Marigot
America/Martinique
America/Matamoros
America/Mazatlan
America/Mendoza
America/Menominee
America/Merida
America/Metlakatla
America/Mexico City
America/Miquelon
America/Moncton
America/Monterrey
America/Montevideo
America/Montreal
America/Montserrat
America/Nassau
America/New York
America/Nipigon
America/Nome
America/Noronha
America/North Dakota/Beulah
America/North Dakota/Center
America/North Dakota/New Salem
America/Nuuk
America/Ojinaga
America/Panama
America/Pangnirtung
America/Paramaribo
America/Phoenix
America/Port-au-Prince
America/Port of Spain
America/Porto Acre
America/Porto Velho
America/Puerto Rico
America/Punta Arenas
America/Rainy River
America/Rankin Inlet
America/Recife
America/Regina
America/Resolute
America/Rio Branco
America/Rosario
America/Santa Isabel
America/Santarem
America/Santiago
America/Santo Domingo
America/Sao Paulo
America/Scoresbysund
America/Shiprock
America/Sitka
America/St Barthelemy
America/St Johns
America/St Kitts
America/St Lucia
America/St Thomas
America/St Vincent
America/Swift Current
America/Tegucigalpa
America/Thule
America/Thunder Bay
America/Tijuana
America/Toronto
America/Tortola
America/Vancouver
America/Virgin
America/Whitehorse
America/Winnipeg
America/Yakutat
America/Yellowknife
Antarctica/Casey
Antarctica/Davis
Antarctica/DumontDUrville
Antarctica/Macquarie
Antarctica/Mawson
Antarctica/McMurdo
Antarctica/Palmer
Antarctica/Rothera
Antarctica/South Pole
Antarctica/Syowa
Antarctica/Troll
Antarctica/Vostok
Arctic/Longyearbyen
Asia/Aden
Asia/Almaty
Asia/Amman
Asia/Anadyr
Asia/Aqtau
Asia/Aqtobe
Asia/Ashgabat
Asia/Ashkhabad
Asia/Atyrau
Asia/Baghdad
Asia/Bahrain
Asia/Baku
Asia/Bangkok
Asia/Barnaul
Asia/Beirut
Asia/Bishkek
Asia/Brunei
Asia/Calcutta
Asia/Chita
Asia/Choibalsan
Asia/Chongqing
Asia/Chungking
Asia/Colombo
Asia/Dacca
Asia/Damascus
Asia/Dhaka
Asia/Dili
Asia/Dubai
Asia/Dushanbe
Asia/Famagusta
Asia/Gaza
Asia/Harbin
Asia/Hebron
Asia/Ho Chi Minh
Asia/Hong Kong
Asia/Hovd
Asia/Irkutsk
Asia/Istanbul
Asia/Jakarta
Asia/Jayapura
Asia/Jerusalem
Asia/Kabul
Asia/Kamchatka
Asia/Karachi
Asia/Kashgar
Asia/Kathmandu
Asia/Katmandu
Asia/Khandyga
Asia/Kolkata
Asia/Krasnoyarsk
Asia/Kuala Lumpur
Asia/Kuching
Asia/Kuwait
Asia/Macao
Asia/Macau
Asia/Magadan
Asia/Makassar
Asia/Manila
Asia/Muscat
Asia/Nicosia
Asia/Novokuznetsk
Asia/Novosibirsk
Asia/Omsk
Asia/Oral
Asia/Phnom Penh
Asia/Pontianak
Asia/Pyongyang
Asia/Qatar
Asia/Qostanay
Asia/Qyzylorda
Asia/Rangoon
Asia/Riyadh
Asia/Saigon
Asia/Sakhalin
Asia/Samarkand
Asia/Seoul
Asia/Shanghai
Asia/Singapore
Asia/Srednekolymsk
Asia/Taipei
Asia/Tashkent
Asia/Tbilisi
Asia/Tehran
Asia/Tel Aviv
Asia/Thimbu
Asia/Thimphu
Asia/Tokyo
Asia/Tomsk
Asia/Ujung Pandang
Asia/Ulaanbaatar
Asia/Ulan Bator
Asia/Urumqi
Asia/Ust-Nera
Asia/Vientiane
Asia/Vladivostok
Asia/Yakutsk
Asia/Yangon
Asia/Yekaterinburg
Asia/Yerevan
Atlantic/Azores
Atlantic/Bermuda
Atlantic/Canary
Atlantic/Cape Verde
Atlantic/Faeroe
Atlantic/Faroe
Atlantic/Jan Mayen
Atlantic/Madeira
Atlantic/Reykjavik
Atlantic/South Georgia
Atlantic/St Helena
Atlantic/Stanley
Australia/ACT
Australia/Adelaide
Australia/Brisbane
Australia/Broken Hill
Australia/Canberra
Australia/Currie
Australia/Darwin
Australia/Eucla
Australia/Hobart
Australia/LHI
Australia/Lindeman
Australia/Lord Howe
Australia/Melbourne
Australia/NSW
Australia/North
Australia/Perth
Australia/Queensland
Australia/South
Australia/Sydney
Australia/Tasmania
Australia/Victoria
Australia/West
Australia/Yancowinna
Brazil/Acre
Brazil/DeNoronha
Brazil/East
Brazil/West
CET
CST6CDT
Canada/Atlantic
Canada/Central
Canada/Eastern
Canada/Mountain
Canada/Newfoundland
Canada/Pacific
Canada/Saskatchewan
Canada/Yukon
Chile/Continental
Chile/EasterIsland
Cuba
EET
EST
EST5EDT
Egypt
Eire
Etc/GMT
Etc/GMT+0
Etc/GMT+1
Etc/GMT+10
Etc/GMT+11
Etc/GMT+12
Etc/GMT+2
Etc/GMT+3
Etc/GMT+4
Etc/GMT+5
Etc/GMT+6
Etc/GMT+7
Etc/GMT+8
Etc/GMT+9
Etc/GMT-0
Etc/GMT-1
Etc/GMT-10
Etc/GMT-11
Etc/GMT-12
Etc/GMT-13
Etc/GMT-14
Etc/GMT-2
Etc/GMT-3
Etc/GMT-4
Etc/GMT-5
Etc/GMT-6
Etc/GMT-7
Etc/GMT-8
Etc/GMT-9
Etc/GMT0
Etc/Greenwich
Etc/UCT
Etc/UTC
Etc/Universal
Etc/Zulu
Europe/Amsterdam
Europe/Andorra
Europe/Astrakhan
Europe/Athens
Europe/Belfast
Europe/Belgrade
Europe/Berlin
Europe/Bratislava
Europe/Brussels
Europe/Bucharest
Europe/Budapest
Europe/Busingen
Europe/Chisinau
Europe/Copenhagen
Europe/Dublin
Europe/Gibraltar
Europe/Guernsey
Europe/Helsinki
Europe/Isle of Man
Europe/Istanbul
Europe/Jersey
Europe/Kaliningrad
Europe/Kiev
Europe/Kirov
Europe/Lisbon
Europe/Ljubljana
Europe/London
Europe/Luxembourg
Europe/Madrid
Europe/Malta
Europe/Mariehamn
Europe/Minsk
Europe/Monaco
Europe/Moscow
Europe/Nicosia
Europe/Oslo
Europe/Paris
Europe/Podgorica
Europe/Prague
Europe/Riga
Europe/Rome
Europe/Samara
Europe/San Marino
Europe/Sarajevo
Europe/Saratov
Europe/Simferopol
Europe/Skopje
Europe/Sofia
Europe/Stockholm
Europe/Tallinn
Europe/Tirane
Europe/Tiraspol
Europe/Ulyanovsk
Europe/Uzhgorod
Europe/Vaduz
Europe/Vatican
Europe/Vienna
Europe/Vilnius
Europe/Volgograd
Europe/Warsaw
Europe/Zagreb
Europe/Zaporozhye
Europe/Zurich
GB
GB-Eire
GMT
GMT+0
GMT-0
GMT0
Greenwich
HST
Hongkong
Iceland
Indian/Antananarivo
Indian/Chagos
Indian/Christmas
Indian/Cocos
Indian/Comoro
Indian/Kerguelen
Indian/Mahe
Indian/Maldives
Indian/Mauritius
Indian/Mayotte
Indian/Reunion
Iran
Israel
Jamaica
Japan
Kwajalein
Libya
MET
MST
MST7MDT
Mexico/BajaNorte
Mexico/BajaSur
Mexico/General
NZ
NZ-CHAT
Navajo
PRC
PST8PDT
Pacific/Apia
Pacific/Auckland
Pacific/Bougainville
Pacific/Chatham
Pacific/Chuuk
Pacific/Easter
Pacific/Efate
Pacific/Enderbury
Pacific/Fakaofo
Pacific/Fiji
Pacific/Funafuti
Pacific/Galapagos
Pacific/Gambier
Pacific/Guadalcanal
Pacific/Guam
Pacific/Honolulu
Pacific/Johnston
Pacific/Kiritimati
Pacific/Kosrae
Pacific/Kwajalein
Pacific/Majuro
Pacific/Marquesas
Pacific/Midway
Pacific/Nauru
Pacific/Niue
Pacific/Norfolk
Pacific/Noumea
Pacific/Pago Pago
Pacific/Palau
Pacific/Pitcairn
Pacific/Pohnpei
Pacific/Ponape
Pacific/Port Moresby
Pacific/Rarotonga
Pacific/Saipan
Pacific/Samoa
Pacific/Tahiti
Pacific/Tarawa
Pacific/Tongatapu
Pacific/Truk
Pacific/Wake
Pacific/Wallis
Pacific/Yap
Poland
Portugal
ROC
ROK
Singapore
Turkey
UCT
US/Alaska
US/Aleutian
US/Arizona
US/Central
US/East-Indiana
US/Eastern
US/Hawaii
US/Indiana-Starke
US/Michigan
US/Mountain
US/Pacific
US/Samoa
UTC
Universal
W-SU
WET
Zulu
Filters:
Training Formats
Location
Dates

Register for SEC554

  • In Person

Training events and topical summits feature presentations and courses in classrooms around the world.

Learn more
  • Live Online

Live, interactive sessions with SANS instructors over the course of one or more weeks, at times convenient to students worldwide.

Learn more
  • OnDemand

Study and prepare for GIAC Certification with four months of online access to SANS OnDemand courses. Includes labs and exercises, and SME support.

Learn more

Loading...