homepage
Open menu
Go one level top
  • Train and Certify
    Train and Certify

    Immediately apply the skills and techniques learned in SANS courses, ranges, and summits

    • Overview
    • Courses
      • Overview
      • Full Course List
      • By Focus Areas
        • Cloud Security
        • Cyber Defense
        • Cybersecurity and IT Essentials
        • DFIR
        • Industrial Control Systems
        • Offensive Operations
        • Management, Legal, and Audit
      • By Skill Levels
        • New to Cyber
        • Essentials
        • Advanced
        • Expert
      • Training Formats
        • OnDemand
        • In-Person
        • Live Online
      • Course Demos
    • Training Roadmaps
      • Skills Roadmap
      • Focus Area Job Roles
        • Cyber Defence Job Roles
        • Offensive Operations Job Roles
        • DFIR Job Roles
        • Cloud Job Roles
        • ICS Job Roles
        • Leadership Job Roles
      • NICE Framework
        • Security Provisionals
        • Operate and Maintain
        • Oversee and Govern
        • Protect and Defend
        • Analyze
        • Collect and Operate
        • Investigate
        • Industrial Control Systems
      • European Skills Framework
    • GIAC Certifications
    • Training Events & Summits
      • Events Overview
      • Event Locations
        • Asia
        • Australia & New Zealand
        • Latin America
        • Mainland Europe
        • Middle East & Africa
        • Scandinavia
        • United Kingdom & Ireland
        • United States & Canada
      • Summits
    • OnDemand
    • Get Started in Cyber
      • Overview
      • Degree and Certificate Programs
      • Scholarships
    • Cyber Ranges
  • Manage Your Team
    Manage Your Team

    Build a world-class cyber team with our workforce development programs

    • Overview
    • Why Work with SANS
    • Group Purchasing
    • Build Your Team
      • Team Development
      • Assessments
      • Private Training
      • Hire Cyber Professionals
      • By Industry
        • Health Care
        • Industrial Control Systems Security
        • Military
    • Leadership Training
  • Security Awareness
    Security Awareness

    Increase your staff’s cyber awareness, help them change their behaviors, and reduce your organizational risk

    • Overview
    • Products & Services
      • Security Awareness Training
        • EndUser Training
        • Phishing Platform
      • Specialized
        • Developer Training
        • ICS Engineer Training
        • NERC CIP Training
        • IT Administrator
      • Risk Assessments
        • Knowledge Assessment
        • Culture Assessment
        • Behavioral Risk Assessment
    • OUCH! Newsletter
    • Career Development
      • Overview
      • Training & Courses
      • Professional Credential
    • Blog
    • Partners
    • Reports & Case Studies
  • Resources
    Resources

    Enhance your skills with access to thousands of free resources, 150+ instructor-developed tools, and the latest cybersecurity news and analysis

    • Overview
    • Webcasts
    • Free Cybersecurity Events
      • Free Events Overview
      • Summits
      • Solutions Forums
      • Community Nights
    • Content
      • Newsletters
        • NewsBites
        • @RISK
        • OUCH! Newsletter
      • Blog
      • Podcasts
      • Summit Presentations
      • Posters & Cheat Sheets
    • Research
      • White Papers
      • Security Policies
    • Tools
    • Focus Areas
      • Cyber Defense
      • Cloud Security
      • Digital Forensics & Incident Response
      • Industrial Control Systems
      • Cyber Security Leadership
      • Offensive Operations
  • Get Involved
    Get Involved

    Help keep the cyber community one step ahead of threats. Join the SANS community or begin your journey of becoming a SANS Certified Instructor today.

    • Overview
    • Join the Community
    • Work Study
    • Teach for SANS
    • CISO Network
    • Partnerships
    • Sponsorship Opportunities
  • About
    About

    Learn more about how SANS empowers and educates current and future cybersecurity practitioners with knowledge and skills

    • SANS
      • Overview
      • Our Founder
      • Awards
    • Instructors
      • Our Instructors
      • Full Instructor List
    • Mission
      • Our Mission
      • Diversity
      • Scholarships
    • Contact
      • Contact Customer Service
      • Contact Sales
      • Press & Media Enquiries
    • Frequent Asked Questions
    • Customer Reviews
    • Press
    • Careers
  • Contact Sales
  • SANS Sites
    • GIAC Security Certifications
    • Internet Storm Center
    • SANS Technology Institute
    • Security Awareness Training
  • Search
  • Log In
  • Join
    • Account Dashboard
    • Log Out
  1. Home >
  2. Courses >
  3. SEC568: Combating Supply Chain Attacks with Product Security Testing
Alpha

SEC568: Combating Supply Chain Attacks with Product Security Testing

    30 CPEs

    Think Red, Act Blue - Attackers are using new methods of compromising software supply chains that bypass traditional security controls on products spanning multiple attack surfaces. SEC568 is a complete training program designed to equip you with the skills and knowledge necessary to execute product security assessments through deeply technical risk analysis.

    Course Authors:
    Douglas McKee
    Douglas McKee
    SANS Instructor
    Ismael Valenzuela
    Ismael Valenzuela
    Senior Instructor
    What You Will LearnSyllabusPrerequisitesLaptop RequirementsAuthor Statement

    What You Will Learn

    Supply chain attacks go unnoticed on average for 235 days and do more damage as a result of us not having a deep understanding of the products being used on a network. Product security tests help obtain a comprehensive understanding of how choosing to use a particular product in your organization can increase your attack surface and affect your threat model and risk posture. This makes product security testing vital in preparing your organization to defend and recover from software supply chain attacks.

    SEC568 is a practical on-ramp into the world of product security testing and risk analysis through more than 20 hands-on exercises designed to be challenging to both beginners and more advanced students. By utilizing offensive tactics with a defensive mindset, students will learn how to analyze the risk of introducing desktop, mobile, proprietary protocols, and hardware devices into your environment. You will use a wide variety of technical skills to gain a deep understanding of how a target operates.

    Each section of the class will be accompanied by flow diagrams that provide each student a roadmap on how to navigate these complex topics with documented processes and clearly defined goals. As the class progresses, sections will increase in technical depth and difficulty. The number of hands-on exercises and the duration of them also increases proportionally as you gain new knowledge and develop new skills.

    You will notice the class also gains a larger focus on networking as we dive deeper into product security testing. This networking focus is critical for a complete risk assessment in almost all organizations, as this threat vector has the highest likelihood to cause the most damage.

    In the last section, the class culminates with a capstone event, a fully guided 5-hour exercise in which students will apply the entire product security testing process, starting with a closed-box analysis on a popular commercial application.

    You Will Learn

    • Windows OS basics
    • Linux OS basics
    • Android OS basics
    • How to conduct efficient internet searching
    • Networking fundamental concepts
    • How to decrypt networking traffic
    • How to build custom Scapy networking layers
    • How to collect, prepare, and analyze data with Python, Pandas DataFrame, and Jupyter Notebooks
    • When to continue or stop a product security assessment
    • A variety of threat modeling concepts
    • Different methods for determining risk
    • Basics of network fuzzing
    • How to analyze decompiled code

    You Will Be Able To

    • Conduct a product security test
    • Reduce the impact of supply chain attacks on your organization
    • Evaluate a Windows, Linux, or Android product for threats
    • Perform basic static firmware analysis to understand what is running on a device
    • Determine how a system changes because of installing new software
    • Use Exploratory Data Analysis (EDA) techniques to analyze and present a large amount of data
    • Dissect propriety protocols
    • Build a threat model to articulate the biggest risks and mitigations
    • Construct attack trees and use a risk scoring methodology to determine the risk of each threat discovered in previous phases

    You Will Receive With This Course

    • A Corellium license
    • 3 virtual machines
    • Process flow charts
    • An electronic workbook with step-by-step instructions for 20+ fully functional labs that do not expire and can be repeated any time after the course

    Syllabus (30 CPEs)

    • Overview

      The first section of this course describes the principles associated with both supply chain attacks and product security testing. We start to navigate the "why" and the "what" to product security testing, followed by which skills are important for success. We introduce our main methodology, our toolbox included in the supplied virtual machines, and the name of our fictious company you will be working for during the class, "Think Red, Act Blue". The main technical emphasis for section one will be to explore the basic, yet critical concept, of online product research followed by our first section on basic enumeration. Through lectures and 3 hands-on exercises we will explore how to use simple tools such as binwalk, Microsoft Attack Surface Analyzer (ASA), Microsoft's Sysinternal Suite, ProcDOT and associated product security methodologies to begin to understand how your target accomplishes its main goals.

      Exercises
      • Initial recon of product, existing CVEs, and vendor website
      • Unpacking firmware and examining components
      • Basic enumeration on Windows
      Topics

      Course overview and methodology

      • This module is focused on an introduction to product security assessments and its application to combating supply chain attacks. We will start by covering the who, what, when, where, and how methodologies for product security assessments, with a particular emphasis on online product research and basic enumeration.

      General and software supply chain application

      • In this module we will explore several practical examples of when you want to deploy the concepts and processes of this course in real-world scenarios not related to supply chain attacks, followed by diving into supply chain attacks and ultimately demonstrating how product security testing is a critical component of your defenses.

      Online product research

      • With an overview of the process under our belt, in this module we will start to follow the Product Security Testing flow chart. We will look at how to effectively acquire system requirements and efficiently perform online product research, a concept that is recurring and critical to product security testing.

      Basic enumeration on hardware devices, Linux & Windows

      • In this module we will embark on understanding the core technical concepts needed to start evaluating a target using basic enumeration. We will start with the overall methodology of basic enumeration and then dive into the specific core concepts and tools needed for hardware devices, Linux, and Windows.

    • Overview

      The second section of the course will close out our study of basic enumeration by looking at Android devices and networking concepts that fit within the basic enumeration methodology. Students will be provided with access to a cloud-based mobile emulation platform (Corellium) to complete the first lab of this section. This will allow for an in-depth conversation around the important role threat modeling plays in product security assessments and is a crucial first step to reducing the impact of supply chain attacks. Doing threat modeling and answering questions related to product security testing requires sifting through a large amount of data. In this section we will introduce Exploratory Data Analysis (EDA), a common workflow to conduct analysis used to try to make sense of the data and present the results. Through lectures, demos, and hands-on exercises we will learn how to explore this data using data science tools like Python, Jupyter Notebooks, Pandas DataFrame, and graphical libraries like Matplotlib, among others. Lastly, this section will start to segue into the deeper technical concepts of the course by introducing deep enumeration.

      Exercises
      • Basic enumeration of an Android Package Kit (APK) with Corellium
      • Initial network traffic profiling with Pandas DataFrame & Jupyter Notebooks
      • Investigating network traffic on Android
      • Threat modeling products

      Topics

      Basic enumeration on Android

      • We have now covered basic enumeration on the most likely system to run across on servers, client machines, and hardware devices. For this section we will pivot to another large category of devices which you may need to audit as part of an assessment - mobile devices. We will cover important concepts related to product security testing at a high level, walk through Android fundamentals, and provide useful tools for performing basic enumeration on Android systems.

      Basic networking analysis

      • This module will introduce network analysis at a basic level as it pertains to basic enumeration. Besides exploring important fundamental networking concepts, this module will leverage some basic data analysis and traffic profiling with Jupyter Notebooks and Pandas DataFrame to help demonstrate how to turn complex analysis into a more simplistic and visual task.

      Threat modeling

      • Threat modeling is a crucial concept in successful product security testing but even more important is when to perform threat modeling. This module will discuss different types of threat modeling, demonstrate one suggested approach within product security testing, and cover the information required to build a useful model. This module will conclude with a review of how our process up to this point has impacted the way we defend against supply chain attacks.

      Deep enumeration

      • Section 2 will just begin to explore the concept of deep enumeration. We will introduce deep enumeration, explore how a threat model influences deep enumeration, and discuss when to deploy these techniques. This module will begin increasing the technical depth of the course and push students' knowledge of finer topics.
    • Overview

      This section is all about deep enumeration, the process of deeper technical analysis to answer critical questions from a threat model. We will focus on two deep enumeration skills: binary code analysis and network analysis of unknown protocols. In the first half of section 3, we will learn how to use decompiler tools to access the underlying code of an application and unpack archives when needed. This will culminate in a hands-on lab using JetBrain's dotPeek to answer critical questions related to supply chain attacks regarding how an application is being updated. Network traffic is often a key input to a system and a common entry point for attackers. To dive deeper into network analysis, this section will also take a pause to provide a primer into Scapy, a Python framework designed to manipulate networking packets. Armed with the knowledge and skills covered in this section, you will be better prepared to start dissecting proprietary or unknown protocols later in the course.

      Exercises
      • Using APKLab and HTTP Toolkit to defeat cert pinning
      • Learning from decompiled source code
      • Using Scapy to create a 3-way handshake
      • Searching for networking artifacts within payloads
      • Bonus: Learning from decompiled source code on Android
      Topics

      Binary code analysis

      • The ground truth to how a target or system works is its source code. Unless the application or device you are auditing is open source, you will not have access to this code. Binary code analysis is the concept of performing a code review without having access to the source code. This module walks through some basic skills to apply binary code analysis during product security testing as one of the two core concepts covered in this course within deep enumeration.

      Scapy primer

      • In order to dive deeper into network analysis, it is beneficial to be able to programmatically analysis and create networking packets. Scapy is a python module that helps take our analysis and testing to the next level. This module of section 3 will teach the basics of Scapy needed for product security testing.

      Understanding proprietary protocols

      • We will leverage the knowledge of Scapy acquired in the previous module and apply it to the deep enumeration concept of understanding unknown or proprietary protocols. This last module of section 3 will be an introduction to proprietary protocols that will be continued in section 4.
    • Overview

      This section will conclude our exploration of deep enumeration and work toward finalizing a product security test project. We begin with a continuation and finalization of dissecting proprietary protocols using Scapy to create custom layers and explain the basics of networking fuzzing. This will bring us to our final risk analysis section where we will focus on creating attack trees and applying risk scoring methods to assess the risk of supply chain attacks, among other risks to the Think Red, Act Blue organization. The section will conclude with important final topics that will allow us to wrap up our product security assessment, such as reporting and vulnerability disclosure.

      Exercises
      • Learning through enumerating patterns
      • Finding your network traffic's heartbeat
      • Using basic Linux tools to analyze unknown payloads
      • Basic fuzzing with Scapy
      • Results analysis
      Topics

      Dissecting proprietary protocols

      • This module is one of the most technically challenging sections of the course, as we discuss how to use techniques such as enumerating patterns and finding heartbeat packets to help gain a glimpse of the purpose of every byte in a packet payload. We will examine several real protocols and lean on previous modules such as data analysis with Pandas DataFrame and Scapy to gain as much insight as possible.

      Fuzzing

      • Every threat model should contain a risk of unknown vulnerabilities. While fuzzing is often considered a vast and sometimes daunting topic in security, it can help reduce the risk of unknown vulnerabilities plaguing your network. This module will explore the basic concepts of networking fuzzing as part of deep enumeration and the value it can bring to a product security test.

      Risk analysis

      • Determining the risk associated with our technical findings is the most important step of a product security test event. This module will focus on questions like: What does this mean for my organization? What steps can I take to mitigate my findings? Here we will study how to turn your previous threat model into realistic attack trees and quantify the risk for each scenario using a modified and improved version of the DREAD risk scoring method.

      Reporting

      • In many cases it will be required to report your findings and processes throughout your organization. This module will talk about industry best practices in reporting your findings from product security testing and highlight important items directly related to supply chain attacks.

      Vulnerability disclosure

      • In some cases, your analysis will result in the discovery of new vulnerabilities. This module will highlight best practices in reporting your team's finding to the affected vendors.
    • Overview

      The course culminates in an all-day hands-on lab designed to give each student the experience of completing a product security test from start to finish. Students will be given a real application to test during this course section, which will apply the most crucial concepts learned throughout each previous section using the toolbox included in the supplied virtual machines and cloud-based labs.

      Exercises
      • Basic enumeration: Installation analysis
      • Basic enumeration: Execution analysis
      • Threat modeling
      • Deep enumeration: Network analysis
      • Results analysis
      Topics

      Introduction to target

      • The section will start with an introduction to the target application and the basics of how it functions. This will help frame the following exercises and reduce the time needed to learn the basics of the program.

      Hands-on product security testing event

      • The product security test for this section has been broken down into 5 hands-on exercises. Each exercise will guide the student through one of the core concepts of the product security testing process, including basic enumeration, threat modeling, deep enumeration, and results analysis.

      Instructor-led discussion

      • Each lab exercise will be followed by an instructor-led discussion on what was uncovered during the lab. This will help ensure all students stay on the best path to provide the highest amount of value from the event.

    Prerequisites

    • Basic Python coding skills
    • Basic OS fundamentals
    • Basic networking knowledge

    • Understanding of core security principals

    • Experience using VMware and virtual machines

    Laptop Requirements

    Important! Bring your own system configured according to these instructions!

    A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.

    CRITICAL NOTE: Apple systems using the M1 processor line cannot perform the necessary virtualization functionality and therefore cannot in any way be used for this course.

    A properly configured system is required for each student participating in this course. Before coming to class, carefully read and follow these instructions exactly.

    Host Operating System: Latest version of Windows 10, macOS 10.15.x or later, or Linux that also can install and run VMware virtualization products described below. It is necessary to fully update your host operating system prior to the class to ensure you have the right drivers and patches installed to utilize the latest USB 3.0 devices. Those who use a Linux host must also be able to access exFAT partitions using the appropriate kernel or FUSE modules. You also must have 8 GB of RAM or higher for the VM to function properly in the class.

    It is critical that your CPU and operating system support 64-bit so that our 64-bit guest virtual machine will run on your laptop.

    In addition to having 64-bit capable hardware, AMD-V, Intel VT-x, or the equivalent must be enabled in BIOS/UEFI.

    Download and install either VMware Workstation Pro 16.X.X+, VMware Player 16.X.X+ or Fusion 12.X+ or higher versions before class. If you do not own a licensed copy of VMware Workstation or Fusion, you can download a free 30-day trial copy from VMware. VMware will send you a time-limited serial number if you register for the trial at their website.

    Other virtualization software, such as VirtualBox and Hyper-V, are not appropriate because of compatibility and troubleshooting problems you might encounter during class.

    VMware Workstation Pro and VMware Player on Windows 10 is not compatible with Windows 10 Credential Guard and Device Guard technologies. Please disable these capabilities for the duration of the class, if they're enabled on your system, by following instructions in this document.

    MANDATORY SYSTEM REQUIREMENTS:

    • CPU: 64-bit 2.0+ GHz processor or higher-based system is mandatory for this class (Important - Please Read: a 64-bit system processor is mandatory)
    • BIOS/UEFI: VT-x, AMD-V, or the equivalent must be enabled in the BIOS/UEFI
    • RAM: 8 GB (gigabytes) of RAM or higher is mandatory for this class (Important - Please Read: 8 GB of RAM or higher is mandatory. 16 gigs of RAM is recommended)
    • Wireless Ethernet 802.11 B/G/N/AC
    • USB 3.0 Ports highly recommended
    • Disk: 100 Gigabytes of free disk space
    • Administrative access to disable any AV, endpoint security software or host-based firewall
    • Ability to disable your enterprise VPN client temporarily for some exercises
    • Ability to disable your anti-virus tools temporarily for some exercises
    • VMware Workstation Pro 16.X.X+, VMware Player 16.X.X+ or Fusion 12.X+
    • A Linux and Windows virtual machines will be provided in class

    Author Statement

    In our many years of experience conducting security assessments, we have observed the importance of being able to develop a holistic picture of the major areas of risk of an organization, while at the same time being prepared to zero-in on the risks introduced by a particular device or a specific product. However, the reality is that many organizations lack the knowledge and skills required to do a proper product security assessment. Some of these often rely on vulnerability scans that offer minimal information, with a focus on patching the systems evaluated and implementing generic security controls. Many others simply choose to ignore these threats altogether, closing their eyes to the reality and hoping for the best, while silently transferring the risk to their users, customers, and other stakeholders.

    While it is true that threat actors still use unpatched vulnerabilities to obtain initial access into their victims, we are now seeing how attackers are more commonly using new methods of compromising software supply chains, undermining trust in the patching process by inserting malicious code into legitimate products. Think about it this way: Each time your organization deploys and installs new software on desktop, mobile, and cloud platforms, you can be creating new "holes" in your cyber defenses, from which sensitive data can leak.

    We have designed this course to address this gap. Throughout five sections filled up with case studies, techniques, instructor-led demos and over 20 hands-on labs in realistic lab settings (including a final end-to-end capstone exercise), we will provide you with the knowledge and skills required to "Think Red, Act Blue" and combat these supply chain attacks employing product security testing. Our goal as authors is to make this class as practical and valuable to you and your organization as possible. To fulfil this promise, all the exercises we have created can be repeated at your own pace, both during and after class, and are thoroughly documented to maximize your learning experience.

    Armed with the knowledge and skills we teach you in this class, you will obtain deep technical understanding of how product security testing works and how it can help mitigate the risks that any organization faces when it comes to supply chain attacks.

    - Douglas McKee and Ismael Valenzuela

    No scheduled events for this course.

    Who Should Attend SEC568?

    This course is useful both for individuals looking to enter the product security testing domain and those who seek to formalize and expand their skills in this area while focusing on combating supply chain attacks. Both attack-focused and defense-focused security practitioners will be interested in this course by gaining a deep understanding of how to perform an effective product security assessment. This course enhances the skills of not only penetration testers and defenders, but is applicable to those designing and implementing corporate security controls in networks and endpoints across many verticals (automotive, healthcare, consumer electronics, industrial instrumentation, smart home, etc.)

    • Network and systems penetration testers: SEC568 provides penetration testers in-depth skills needed to perform advanced tests such as dissecting unknown network protocols. The course teaches how to go deeper than a simple vulnerability scan and how to break down every aspect of a target, elevating pen testing and red team engagements to the next level.
    • Application developers: SEC568 teaches developers the ramifications of poor coding and how to look for product flaws from an attacker's mindset. This course provides developers with the knowledge needed to create realistic testing and evaluations, which can aid in discovering critical issues before a release.
    • Security auditors: SEC568 provides core skills to audit products at a deep level while customizing the audit to a specific organization. This course equips auditors with the skills needed to audit an entire ecosystem while understanding where the most critical risk and impact is.
    • SOC analysts, incident responders & security engineers: SEC568 provides complementary skills used to look for threats that new products can introduce across your network and endpoints. With this course, you will develop analytical skills that will help you assess how desktop and mobile applications interact with the underlying OS, the network, and other applications; how to explore it in a methodological way to extract data of value, build a threat model, and ultimately understand the risk to implement mitigations specific to your organization.
    See prerequisites

    Related Programs

    DoDD 8140
    DoDD 8140 (0)
    See how this and other SANS Courses and GIAC Certifications align with the Department of Defense Directive 8140.
    • Register to Learn
    • Courses
    • Certifications
    • Degree Programs
    • Cyber Ranges
    • Job Tools
    • Security Policy Project
    • Posters & Cheat Sheets
    • White Papers
    • Focus Areas
    • Cyber Defense
    • Cloud Security
    • Cybersecurity Leadership
    • Digital Forensics
    • Industrial Control Systems
    • Offensive Operations
    Subscribe to SANS Newsletters
    Receive curated news, vulnerabilities, & security awareness tips
    United States
    Canada
    United Kingdom
    Spain
    Belgium
    Denmark
    Norway
    Netherlands
    Australia
    India
    Japan
    Singapore
    Afghanistan
    Aland Islands
    Albania
    Algeria
    American Samoa
    Andorra
    Angola
    Anguilla
    Antarctica
    Antigua and Barbuda
    Argentina
    Armenia
    Aruba
    Austria
    Azerbaijan
    Bahamas
    Bahrain
    Bangladesh
    Barbados
    Belarus
    Belize
    Benin
    Bermuda
    Bhutan
    Bolivia
    Bonaire, Sint Eustatius, and Saba
    Bosnia And Herzegovina
    Botswana
    Bouvet Island
    Brazil
    British Indian Ocean Territory
    Brunei Darussalam
    Bulgaria
    Burkina Faso
    Burundi
    Cambodia
    Cameroon
    Cape Verde
    Cayman Islands
    Central African Republic
    Chad
    Chile
    China
    Christmas Island
    Cocos (Keeling) Islands
    Colombia
    Comoros
    Cook Islands
    Costa Rica
    Croatia (Local Name: Hrvatska)
    Curacao
    Cyprus
    Czech Republic
    Democratic Republic of the Congo
    Djibouti
    Dominica
    Dominican Republic
    East Timor
    East Timor
    Ecuador
    Egypt
    El Salvador
    Equatorial Guinea
    Eritrea
    Estonia
    Ethiopia
    Falkland Islands (Malvinas)
    Faroe Islands
    Fiji
    Finland
    France
    French Guiana
    French Polynesia
    French Southern Territories
    Gabon
    Gambia
    Georgia
    Germany
    Ghana
    Gibraltar
    Greece
    Greenland
    Grenada
    Guadeloupe
    Guam
    Guatemala
    Guernsey
    Guinea
    Guinea-Bissau
    Guyana
    Haiti
    Heard And McDonald Islands
    Honduras
    Hong Kong
    Hungary
    Iceland
    Indonesia
    Iraq
    Ireland
    Isle of Man
    Israel
    Italy
    Jamaica
    Jersey
    Jordan
    Kazakhstan
    Kenya
    Kiribati
    Korea, Republic Of
    Kosovo
    Kuwait
    Kyrgyzstan
    Lao People's Democratic Republic
    Latvia
    Lebanon
    Lesotho
    Liberia
    Liechtenstein
    Lithuania
    Luxembourg
    Macau
    Macedonia
    Madagascar
    Malawi
    Malaysia
    Maldives
    Mali
    Malta
    Marshall Islands
    Martinique
    Mauritania
    Mauritius
    Mayotte
    Mexico
    Micronesia, Federated States Of
    Moldova, Republic Of
    Monaco
    Mongolia
    Montenegro
    Montserrat
    Morocco
    Mozambique
    Myanmar
    Namibia
    Nauru
    Nepal
    Netherlands Antilles
    New Caledonia
    New Zealand
    Nicaragua
    Niger
    Nigeria
    Niue
    Norfolk Island
    Northern Mariana Islands
    Oman
    Pakistan
    Palau
    Palestine
    Panama
    Papua New Guinea
    Paraguay
    Peru
    Philippines
    Pitcairn
    Poland
    Portugal
    Puerto Rico
    Qatar
    Reunion
    Romania
    Russian Federation
    Rwanda
    Saint Bartholemy
    Saint Kitts And Nevis
    Saint Lucia
    Saint Martin
    Saint Vincent And The Grenadines
    Samoa
    San Marino
    Sao Tome And Principe
    Saudi Arabia
    Senegal
    Serbia
    Seychelles
    Sierra Leone
    Sint Maarten
    Slovakia
    Slovenia
    Solomon Islands
    South Africa
    South Georgia and the South Sandwich Islands
    South Sudan
    Sri Lanka
    St. Helena
    St. Pierre And Miquelon
    Suriname
    Svalbard And Jan Mayen Islands
    Swaziland
    Sweden
    Switzerland
    Taiwan
    Tajikistan
    Tanzania
    Thailand
    Togo
    Tokelau
    Tonga
    Trinidad And Tobago
    Tunisia
    Turkey
    Turkmenistan
    Turks And Caicos Islands
    Tuvalu
    Uganda
    Ukraine
    United Arab Emirates
    United States Minor Outlying Islands
    Uruguay
    Uzbekistan
    Vanuatu
    Vatican City
    Venezuela
    Vietnam
    Virgin Islands (British)
    Virgin Islands (U.S.)
    Wallis And Futuna Islands
    Western Sahara
    Yemen
    Yugoslavia
    Zambia
    Zimbabwe

    By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
    • © 2023 SANS™ Institute
    • Privacy Policy
    • Contact
    • Careers
    • Twitter
    • Facebook
    • Youtube
    • LinkedIn