Question 1

What Are The Laptop Requirements?

Accepted Answer

Important! Bring your own system configured according to these instructions.A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.It is critical that you back up your system before class. It is also strongly advised that you do not bring a system storing any sensitive data.Mandatory System Hardware Requirements CPU: 64-bit x86/AMD64 processor with at least 4 cores, launched in 2020 or later: Intel Core i5/i7/i9 (10th generation or newer) or Intel Core Ultra 5/7/9, or AMD Ryzen 5/7/9 equivalent. Apple Silicon Support: This course fully supports Apple Silicon (M1/M2/M3/M4/M5) MacBooks using VMware Fusion and specially built ARM64 virtual machines. Students with Apple Silicon devices receive ARM64 Linux virtual machines that provide native performance on these platforms. BIOS settings must be set to enable virtualization technology, such as "Intel-VTx" or "AMD-V" extensions. Be absolutely certain you can access your BIOS if it is password protected, in case changes are necessary. 16GB of RAM or more is required. 60GB of free storage space or more is required. At least one available USB 3.0 Type-A port. A Type-C to Type-A adapter may be necessary for newer laptops and is a suitable replacement if no Type-A ports are available. Some endpoint protection software prevents the use of USB devices, so test your system with a USB drive before class. Wireless networking (802.11 standard) is required. There is no wired Internet access in the classroom. A wired Ethernet network adapter is required for this course. This can be either an internal or an external USB-based network adapter but you cannot use wireless networking alone. Mandatory Host Configuration and Software Requirements Your host operating system must be the latest version of Windows 11, or macOS 15 (Sequoia) or newer. Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed. Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials and/or VMs. Local Administrator Access is required. (Yes, this is absolutely required. Don't let your IT team tell you otherwise.) If your company will not permit this access for the duration of the course, then you should make arrangements to bring a different laptop. You should ensure that antivirus or endpoint protection software is disabled, fully removed, or that you have the administrative privileges to do so. Many of our courses require full administrative access to the operating system and these products can prevent you from accomplishing the labs. Any filtering of egress traffic may prevent accomplishing the labs in your course. Firewalls should be disabled or you must have the administrative privileges to disable it. Download and install VMware Workstation Pro 25H2 or later (for Windows 11 hosts), or VMWare Fusion Pro 25H2 or later (for macOS hosts) prior to class beginning. VMware Workstation Pro and VMware Fusion Pro are now free for commercial, educational, and personal use with no license key required. Download the latest version from the Broadcom Support Portal. For those with Windows host systems, Workstation Pro is recommended for a more seamless student experience. On Windows hosts, VMware products might not coexist with the Hyper-V hypervisor. For the best experience, ensure VMware can boot a virtual machine. This may require disabling Hyper-V. Instructions for disabling Hyper-V, Device Guard, and Credential Guard are contained in the setup documentation that accompanies your course materials. Download and install 7-Zip (for Windows Hosts) or Keka (for macOS hosts). These tools are also included in your downloaded course materials.Your course media is delivered via download. The media files for class can be large. Many are in the 40-50GB range, with some over 100GB. You need to allow plenty of time for the download to complete. Internet connections and speed vary greatly and are dependent on many different factors. Therefore, it is not possible to give an estimate of the length of time it will take to download your materials. Please start your course media downloads as soon as you get the link. You will need your course media immediately on the first day of class. Do not wait until the night before class to start downloading these files. Your course materials include a "Setup Instructions" document that details important steps you must take before you travel to a live class event or start an online class. It may take 30 minutes or more to complete these instructions. Your class uses an electronic workbook for its lab instructions. In this new environment, a second monitor and/or a tablet device can be useful for keeping class materials visible while you are working on your course's labs. If you have additional questions about the laptop specifications, please contact customer service.

Question 2

Who Should Attend SEC556 loT Training?

Accepted Answer

This course is will enable attack-focused and defense-focused security practitioners, as well as those designing and implementing embedded, IoT, and IIoT solutions across many verticals (automotive, healthcare, consumer electronics, industrial instrumentation, smart home, etc.). This course is suited for: Penetration testers Embedded system developers Security analysts Security architects Product security engineers IoT product developers Anyone releasing an IoT device to market

Question 3

What Will You Get?

Accepted Answer

BusPirate 3.6a and cableSPI Flash integrated circuitSolderless breadboardHackRF One with antennaHackRF ANT500 antennaUSB Logic analyzerDupont wiresRaspberryPi 2G Vilros Kit (32 Gig SD card) (Note: this comes with a U.S. plug, so international students will need to bring an adapter)USB wireless adapterTP-Link Bluetooth Low Energy USB adapter433Mhz IoT remote-controlled outlet (110/120V only, EU and APAC students will need to bring a voltage converter)A pair of CC2531 custom-flashed USB Zigbee adaptersUSB 3.0 4-port hubEthernet cableCustom Slingshot Linux Virtual Machine (copies for amd64 and arm64 architectures are available)Custom Raspberry Pi image (PIoT.L01) Access to Azure firmware analysis for the duration of the class Access to ChatGPT (GUI) for the duration of the class

Question 4

What Are The Prerequisites For This Course?

Accepted Answer

Attendees are expected to have a working knowledge of TCP/IP and web technologies and a basic knowledge of the Linux command lines before they come to class. While SEC556 is technically in-depth, it is important to note that programming knowledge is not required for the course.

Question 5

What Learning Path Is This IoT Hacking Course A Part Of?

Accepted Answer

SEC556 is part of the Offensive Operations curriculum. It is considered a Specialized Penetration Testing course, alongside courses SEC575 iOS and Android Application Security Analysis and Penetration Testing, SEC580 Metasploit for Enterprise Penetration Testing, and SEC617 Wireless Penetration Testing and Ethical Hacking.

Question 6

What Is IoT Security Training And Why Is It Important?

Accepted Answer

IoT (Internet of Things) security training focuses on teaching professionals how to secure connected devices—everything from smart thermostats and industrial sensors to medical equipment and automotive tech. These devices often have limited computing resources and weak default security, making them vulnerable to attack.At SANS, this training is part of our broader commitment to empower practitioners with real-world, hands-on skills. It typically includes: Secure IoT architecture and design Embedded device forensics Protocol analysis (e.g., MQTT, CoAP) Firmware exploitation and patching Threat modeling for IoT ecosystems Defensive strategies tailored to resource-constrained devices

Question 7

How Will This Course Benefit My Career?

Accepted Answer

Specialize in a High-Demand Field: Stand out with expertise in IoT—an urgent, underserved cybersecurity domain. Gain Hands-On, Real-World Skills: Learn by doing: reverse firmware, exploit vulnerabilities, and secure devices. Boost Your Market Value: Employers are racing to secure IoT—become the in-house expert they rely on. Qualify for Leadership Roles: Develop cross-functional skills in architecture, threat modeling, and policy.

SEC536: Adversarial AI - Penetration Testing AI Systems

SEC556: IoT Penetration Testing

Featured Quote

Course Overview

2026 Course Update Summary

What You’ll Learn

Business Takeaways

Meet Your Authors

Larry Pesce

James Leyte-Vidal

Course Syllabus

Section 1Introduction to IoT Network Traffic and Web Services

Topics covered

Labs

Section 2Exploiting IoT Hardware Interfaces and Analyzing Firmware

Topics covered

Labs

Section 3Exploiting Wireless IoT: WiFi, BLE, Zigbee, LoRA, and SDR

Topics covered

Labs

Things You Need To Know

What Are The Laptop Requirements?

Who Should Attend SEC556 loT Training?

What Will You Get?

What Are The Prerequisites For This Course?

What Learning Path Is This IoT Hacking Course A Part Of?

What Is IoT Security Training And Why Is It Important?

How Will This Course Benefit My Career?

Relevant Job Roles

Vulnerability Analysis (OPM 541)

Application Pen Tester

Red Teamer Training, Salary, and Career Path

Systems Testing and Evaluation (OPM 671)

Course Schedule and Pricing

OnDemand Bundle

SANS Skills Quest by NetWars Core Edition

Group and Private Pricing

Virtual (OnDemand)

SANS Live Online Europe October 2026

Virtual (live)

SANS Japan November 2026

Virtual (live)

SANS Stay Sharp: Jan 2027

Virtual (live)

Learn Alongside Leading Cybersecurity Professionals From Around The World

Benefits of Learning with SANS

Related Courses

SEC575: iOS and Android Application Security Analysis and Penetration Testing

Quick view

SEC580: Metasploit for Enterprise Penetration Testing

Quick view

SEC617: Wireless Penetration Testing and Ethical Hacking

Quick view