Join us for the FREE DFIR Summit | Live Online on July 16-17

NetWars: Course

Courses Available Using the SANS NetWars Training Platform:

SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise

Computers, networks, and programmable logic controllers operate most of the physical infrastructure of our modern world, ranging from electrical power grids, water systems, and traffic systems all the way down to HVAC systems and industrial automation. Increasingly, security professionals need the skills to assess and defend these important infrastructures. In this innovative and cutting-edge course based on the SANS CyberCity kinetic range, you will learn how to analyze and assess the security of control systems and related infrastructures, finding vulnerabilities that could result in significant kinetic impact.

You Will Learn:

  • How to analyze cyber infrastructures that control and impact kinetic infrastructures.
  • How to manipulate a variety of key industrial protocols, including Modbus, CIP, DNP3, Profinet, and other SCADA-related protocols.
  • How to rapidly prototype computer attack tools against specific vulnerabilities
  • How to discover security flaws in a variety of SCADA and Industrial Control Systems (ICSs) and thwart attacks against them.
  • How to conduct penetration tests and assessments associated with kinetic infrastructures.

Learn More

SEC575: Mobile Device Security and Ethical Hacking

Mobile phones and tablets have become essential to enterprise and government networks, from small organizations to Fortune 500 companies and large-scale agencies. Often, mobile phone deployments grow organically, adopted by multitudes of end-users for convenient email access as well as managers and executives who need access to sensitive organizational resources from their favored personal mobile devices. In other cases, mobile phones and tablets have become critical systems for a wide variety of production applications from ERP to project management. With increased reliance on these devices, organizations are quickly recognizing that mobile phones and tablets need greater security implementations than a simple screen protector and clever password.

From practical policy development to network architecture design and deployment, and mobile code analysis to penetration testing and ethical hacking, this course will help you build the critical skills necessary to support the secure deployment and use of mobile phones and tablets in your organization.

Learn More

FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques

This popular malware analysis course has helped forensic investigators, incident responders and IT administrators acquire practical skills for examining malicious programs that target Microsoft Windows. This training also teaches how to reverse-engineer Web browser malware implemented in JavaScript and Flash, as well as malicious documents, such as PDF and Microsoft Office files. The course builds a strong foundation for reverse-engineering malicious software using a variety of system and network monitoring utilities, a disassembler, a debugger and other tools for turning malware inside-out.

The course culminates with a series of capture-the-flag style challenges using the hugely popular SANS NetWars tournament platform. These challenges are designed to reinforce the techniques learned in class and to provide additional opportunities for learning practical, hands-on malware analysis skills. By applying the techniques learned earlier in the course, students solidify their knowledge and can shore up skill areas where they feel they need additional practice.

Learn More

AUD507: Auditing Networks, Perimeters, and Systems

One of the most significant obstacles facing many auditors today is how exactly to go about auditing the security of an enterprise. What systems really matter? How should the firewall and routers be configured? What settings should be checked on the various systems under scrutiny? Is there a set of processes that can be put into place to allow an auditor to focus on the business processes rather than the security settings? All of these questions and more will be answered by the material covered in this course.

Leveraging the well known NetWars engine, students have the opportunity to connect to a simulated enterprise network environment. Building on the tools and techniques learned throughout the week, each student is challenged to answer a series of questions about the enterprise network, working through various technologies explored during the course.

Learn More