The course is ALL Hands-On - 100%.
The format is practice the professional security testing methodology for the first half of the class.
The sample methodology:
- Information gathering and OSINT
- Scanning Building a Target Database
- Vulnerability Analysis
- Post exploitation
- Advanced techniques
- Data Analysis
Once you have practiced this then you will go against a "live" range.
The process is as follows:
Access the range:
- You will be provided a scope of work
- Have 2-3 hours on the range and then be provided a debrief
The ranges are progressive and increase in difficulty at each level. There are 3-4 levels to complete then you are ready for the challenge range practical!
- Three phases
- scope of work for each phase.
- 6 hours to complete the practical.
- save all of the data and build a target database of your findings. At completion of the range section.
- Two hours for written exam base on ranges – Pass exam
- Receive CAST Advanced Penetration Tester Certification
- So you think you can pen test? PROVE IT!
The course will teach you how to do a professional security test and produce the most important thing from a test ... the findings and the report!.
The ranges progresses in difficulty and reflect an enterprise level architecture. There will be defenses to defeat and challenges to overcome. This is not your typical FLAT network! As the range levels increase you will encounter the top defenses of today and learn the latest evasion techniques.
The format you will use has been used to train 1000s penetration testers globally, it is proven and effective!
Kevin Cardwell served as the leader of a 5 person Red Team that achieved a 100% success rate at compromising systems and networks for six straight years. He has conducted over 500 security assessments across the globe. His expertise is in finding weaknesses and determining ways clients can mitigate or limit the impact of these weaknesses.
He currently works as a free-lance consultant and provides consulting services for companies throughout the world, and as an advisor to numerous government entities within the US, Middle East, Africa, Asia and the UK . He is an Instructor, Technical Editor and Author for Computer Forensics, and Hacking courses. He is the author of the Center for Advanced Security and Training (CAST) Advanced Network Defense course. He is technical editor of the Learning Tree Course Penetration Testing Techniques and Computer Forensics. He has presented at the Blackhat USA, Hacker Halted, ISSA and TakeDownCon conferences. He has chaired the Cybercrime and Cyberdefense Summit in Oman. He is author of Bactrack: Testing Wireless Network Security. He holds a BS in Computer Science from National University in California and a MS in Software Engineering from the Southern Methodist University (SMU) in Texas. He developed the Strategy and Training Development Plan for the first Government CERT in the country of Oman that recently was rated as the top CERT for the Middle East. he serves as a professional training consultant to the Oman Information Technology Authority, and developed the team to man the first Commercial Security Operations Center in the country of Oman. He has worked extensively with banks and financial institutions throughout the Middle East, Europe and the UK in the planning of a robust and secure architecture and implementing requirements to meet compliance. He currently provides consultancy to Commercial companies, governments, major banks and financial institutions in the Gulf region to include the Muscat Securities Market (MSM) and the Central Bank of Oman. Additionally, he provides training and consultancy to the Oman CERT and the SOC team in the monitoring and incident identification of intrusions and incidents within the Gulf region.
Students completing this course will gain in-depth knowledge in the following areas:
- Advanced Scanning methods
- Attacking from the Web
- Client Side Pen-testing
- Attacking from the LAN
- Breaking out of Restricted Environments
- Bypassing Network-Based IDS/IPS
- Privilege Escalation
How will this course benefit you?
- Understanding what it REALLY takes to break into a highly secured organization from the outside
- Reviewing proven methods on how to move around the network without being detected by IDS/IPS
- BAppreciating best practices that are applied for mitigating or circumventing common security implementations such as Locked Down desktops, GPOs, IDSs/IPSs/WAFs, among others
- Having an in depth know-how on Pen-testing “High Security environments” such as government agencies, financial institutions, and other key installations
CAST On-site provides personalised Advanced Security Courses to meet the needs of the individual or company and are planned to ensure maximum flexibility in terms of logistics, dates and cost issues. Our certified expert trainers are experienced educators and highly knowledgeable in their respective fields. CAST On-site prides itself on strict quality control principles at all times to ensure that clients receive the highest standard of training and service.
CAST On-Site training is designed to add great value to your work force by increasing staff efficiency and skills ensuring improved productivity and output that far exceeds the value of the initial training costs.
Key features of CAST On-site:
- Each of the courses selected from the CAST Advanced Training Suite will be specifically designed to meet the needs of each individual, based according to their current skills and pace of learning to meet your organisation’s unique objectives and goals
- CAST On-site expert/trainers will be flown down to your premise of choice at a date most suitable to you
- CAST On-site allows students to receive training in more manageable sessions arranged over a spread of a few days that allowing for greater absorption of knowledge with an opportunity to practice and verify the new skills after each session prior to commencing the next one
- With CAST On-site Advanced Security courses students will be able to take advantage of directly conversing with the chosen expert in matters unique to the student and your organisation
- You can be rest assured that all challenges and objectives pertaining to your organisation’s goals can be discussed in an environment that ensures complete confidentiality
- Each individual client receives the required high level of training that is benchmarked to international best practise and standards
- Each student receives a CAST Advanced Security Training Courseware that allows them to follow and revise the material that has been taught to them
- Upon completion of the course, each student will receive a CAST On-Site Advanced Security Training certificate of attendance
We at CAST would like to hear from you
if you have questions, comments or feedback for us, please send us a message using the from below or email us at email@example.com
For more information and news updates, connect with us via Social Media or our Mailing List.
We look forward to hearing from you!
CAST General Enquiry Form