Regardless of how safe and secure any organization may think its IT infrastructure are, they realize that they are still not immune to information security threats. In addition to deploying the right tools and technology, organizations globally needs to develop a robust and competent workforce equipped with the necessary skills to adequately defend its IT infrastructures. These cyber defenders need not just basic training to sufficiently defend against mounting security threats, more than ever, they now require advanced security training. Information security professionals are required to stay up-to-date on the latest security technologies, threats and remediation strategies. While certification training may provide the baseline knowledge, security professionals must embark on advanced security training to acquire highly technical skills to defend against and mitigate the most vicious attacks. Such advanced security training are designed to equip IT security professionals with the most advanced security skills required to safeguard the integrity of the IT infrastructures of their organization
EC-Council’s Center for Advanced Security Training (CAST) was created to address the need for highly technical and advanced security training for information security professionals. CAST programs stand out from others thorough their extreme hands-on approach. These highly technical, lab intensive advanced security training courses will allow a participant to combat real life scenarios.
CAST programs are designed and developed by EC-Council in collaboration with well-respected subject-matter experts and industry practitioners. All of these advanced security training courses will only conducted by appointed EC-Council Master Trainers, some of whom are authors of the respective courses. Theories are limited to the bare essentials, and the bulk of the training session will be focused on a participant’s individualized involvement in “getting their hands dirty”. CAST will offer information security programs that will cover important domains such as advanced penetration testing training, malware analysis, advanced social engineering, cryptography, digital forensics deep dive, web application security, among others.
EC-Council Information Security Training Programs
| |Advanced Penetration Testing (CAST 611) Attacking Hardened Defense Systems
A 3 day highly intensive and technical program that focuses on attacking and defending highly secured environments. Here you will have the opportunity to learn and apply methods of attacking new operating systems such as Windows Vista, Windows 7, Windows Server 2008, and the latest Linux servers. Read More
|Advanced Mobile Hacking & Forensics (CAST 612) Elevating Mobile Forensics & Investigation To An Art Form|
A 3 day advanced course offering the opportunity for you to Deep Dive into all crucial practical and theoretical aspects of mobile hacking, forensics and hardening with more than 80% of the course focusing on practical & hands-on LAB exercises taken from actual REAL WORLD scenarios. Read More
|Advanced Application Security (CAST 613) Crafting Robust Defensive Codes|
A course designed with the advance programmer in mind where more than 50% of the class involves hands-on coding labs requiring all students to have programming experience. This course is NOT language specific although program logic is an absolute must have. Read More
|Advanced Network Defense (CAST 614) Hardening Your Enterprise|
Come experience a comprehensively structured and fast paced program that immerses you into the mysterious world of the “hacker”, providing insights of their mindset; a critical weapon for defending against some of the most malicious attacks around. Read More
|Hacking "Secure" Encryption and Countermeasures (CAST 615) An In-Depth Analysis of Cryptography|
Perhaps you already know SSL/TLS in depth, you can setup a VPN in your sleep, and you have been using TruCrypt for years. Maybe your middle name is AES (John AES Smith), but do you know enough? This course will teach you the major algorithms in depth, allowing you to understand proper implementation and exploitation. For example can you crack hard drive encryption? How likely is it to be able to break a given RSA implementation? This course does not assume you have a strong math background, it will teach you enough number theory to understand cryptography. Read More
|Securing Windows Infrastructure (CAST 616) Attack Based Defense from the Ground Up|
This 3 day technical course focuses on the key aspects of Windows Infrastructure Security, applying best practices to secure interconnected information systems within your organization providing a holistically reliable framework to support an entire enterprise structure. Read More
|Advanced Metasploit Decoded (CAST 617) Mastering a Hacking Power-Tool|
A 3 day hands on workshop taking students into every nook and cranny necessary to taming the Metasploit Framework towards your benefit. Go beyond the basics and get the hang of wielding what is now a weapon of choice among a critical threat; potential hackers looking to harm your organization. Read More
|Advanced Penetration Testing (CAST 611)||Jan 21 - 23, 2013
|Advanced Network Defense (CAST 614)||May 06 - 08, 2013
|Advanced Application Security (CAST 613)
||May 06 – 10, 2013
|Securing Windows Infrastructure (CAST 616)
||May 06 – 10, 2013
|Hacking “Secure” Encryption & Countermeasures (CAST 615)
||May 13 – 15, 2013
|Advanced Network Defense (CAST 614) ||May 13 – 15, 2013
|Advanced Penetration Testing (CAST 611)
||May 13 – 17, 2013
|Advanced Application Security (CAST 613)
||May 21 – 23, 2013
|Advanced Network Defense (CAST 614)
||May 25 – 27, 2013
|Advanced Penetration Testing (CAST 611)
May 31 – Jun 02,
|Advanced Mobile Hacking & Forensics (CAST 612)
May 31 – Jun 02,
|Advanced Network Defense (CAST 614)
May 31 – Jun 02,
|Hacking Secure Encryption and Countermeasures (CAST 615)
May 31 – Jun 02,
|Securing Windows Infrastructure (CAST 616)
May 31 – Jun 02,
|Advanced Network Defense (CAST 614)||Jun 03 – 07, 2013
|Advanced Application Security (CAST 613)||Jun 06 – 14, 2013 |
|Advanced Metasploit Decoded (CAST 617)||Jun 10 – 12, 2013 |
|Hacking “Secure” Encryption & Countermeasures (CAST 615)||Jun 24 – 30, 2013
|Advanced Application Security (CAST 613)
||Jul 01 – 03, 2013
|Advanced Penetration Testing (CAST 611)||Jul 12 – 14, 2013
|Advanced Mobile Hacking & Forensics (CAST 612)||Jul 12 – 14, 2013
|Advanced Network Defense (CAST 614)||Jul 12 – 14, 2013
|Hacking Secure Encryption and Countermeasures (CAST 615)||Jul 12 – 14, 2013
|Securing Windows Infrastructure (CAST 616)||Jul 12 – 14, 2013
|Advanced Mobile Hacking & Forensics (CAST 612) ||Jul 15 – 19, 2013
|Advanced Mobile Hacking & Forensics (CAST 612) ||Aug 05 – 07, 2013
|Advanced Application Security (CAST 613)||Sep 16 – 18, 2013
|Advanced Penetration Testing (CAST 611)||Sep 16 – 18, 2013
|Advanced Mobile Hacking & Forensics (CAST 612)||Sep 16 – 18, 2013
|Advanced Network Defense (CAST 614)||Sep 16 – 18, 2013
|Hacking Secure Encryption and Countermeasures (CAST 615)||Sep 16 – 18, 2013
|Securing Windows Infrastructure (CAST 616)||Sep 16 – 18, 2013
|Advanced Penetration Testing (CAST 611) ||Oct 04 – 06, 2013
|Advanced Mobile Hacking & Forensics (CAST 612) ||Oct 04 – 06, 2013
|Advanced Network Defense (CAST 614) ||Oct 04 – 06, 2013
|Hacking Secure Encryption and Countermeasures (CAST 615) ||Oct 04 – 06, 2013
|Securing Windows Infrastructure (CAST 616) ||Oct 04 – 06, 2013
|Advanced Mobile Hacking & Forensics (CAST 612) ||Oct 05 – 08, 2013
|Advanced Penetration Testing (CAST 611)||Dec 09 – 11, 2013
Joseph McCray – Advanced Penetration Testing (CAST 611)
Joe McCray has over 10 years of experience in the security industry with a diverse background that includes network and web application penetration testing, forensics, training, and regulatory compliance. Having performed hundreds of penetration tests assessing well over 250,000 hosts in the DoD, Federal, Financial, Gaming, Retail, and Hospitality industries – Joe’s specialty is pentesting high security environments, and bypassing high end security systems.
Joe is a US Air Force veteran with 5 years of US Army contracting experience in information assurance (specifically Information Assurance Network Engineering, Incident Response, Forensics, Vulnerability Assessments, and Penetration Testing). He is well versed in cyber war, cyber terrorism tactics having spent 2 years in Iraq and 1 year at US Army NetCom. He now gives advanced hacking and forensics training to the FBI, NSA, DHS, Royal Canadian Mounties, and several other entities. Joe is also a frequent trainer and presenter at security conferences such as Black Hat, Def Con, BruCON, Hacker Halted, Techno Security, Techno Forensics, and many others.
Joe was awarded the EC-Council Instructor of the Year award for 2010, and a Circle of Excellence (Instructor) recipient for 2009.
Wayne Burke – Advanced Mobile Hacking & Forensics (CAST 612)
Wayne Burke has had considerable hands-on IT Security experience consulting or lecturing, whether it was for Government Agencies, Healthcare Institutions, Financial and international companies.
His experience in the public / defense sectors is equally complemented by assignments undertaken for heavyweight world renowned corporations including Yahoo, Xerox, AT&T and Texas Instruments to name but a few. He is imminently qualified in his field in that he holds a string of professional qualifications in Networking to name a few (MCT, MCSE, Cisco, Network+) and IT Security (CIW-SA, Security+, CEH, ECSA, LPT, CHFI) besides a bachelor’s degree in science.
Wayne is currently the CSO for Sequrit CSI, responsible for the technical realm and security management, which includes consulting teams . He is a captain of a global operating group of penetration testers and security experts. Wayne and his group have delivered security assessments, Penetration Test assignments and customized training for International Corporations and many Government Agencies such as: EPA, FAA, DOJ, DOE, DOD + 8570: Air force, Army, Navy, Marines, FBI and Statewide Law Enforcement Offices in the USA.
In Europe: NATO, Europol, MOD (Military of Defense UK) various EU Law Enforcement, Dutch Ministry of Defense, Ministry of Justice, local European Law Enforcement: UK, Ireland, Switzerland, Belgium, Holland, Denmark.
ASIA: Singapore Gov, Philippines’ Presidential Office, the Undersecretary, and Cyber Crime Police Specialist Unit. Jakarta, Tax Investigations Office. Various Malaysian Gov agencies. Plus Corporate and government bodies from Africa, and numerous Gulf locations to name a few. His office has become his next long haul international flight.
Wayne’s consulting and training undertakings cover specializing in Penetration Testing, Forensics, Security Expert Advisor and secure infrastructure design. His expertise include DMZ firewalls, Secure VPNs, EAP/TLS, PEAP, SSL, PKI, Smart Cards, Biometrics, IPSEC, IDS, Vulnerability Scanners, AV, Honey Pots, Audits, filtering policies, multi-layer encrypted file systems, patch management and deployments. He additionally develops customized and blended security curriculum.
Wayne is constantly engaged in helping businesses optimize their systems security vision He is acknowledged as an expert consultant and trainer serving large organizations with cutting edge IT security. His wide range of all product experience has helped to develop his overall systems security knowledge. Wayne has a passion for tracing malicious hackers in pursuit of which he has had to grapple with issues, which are inextricably entwined in meeting the everyday challenges of information systems security.
Tim Pierson – Advanced Application Security (CAST 613)
Tim Pierson is one of the World’s leading trainers in technology networks and security with credentials including ongoing selection to author training courses and manuals for global corporations. He conducts high-level security evaluations and delivers seminars before professional conventions. He is endowed with exceptional skills in communicating sophisticated information to sophisticated and non-sophisticated clientele.
Tim has been a technical trainer for the past 23 years and is an industry leader in both Security and Virtualization. He has been the noted speaker at many industry events including, Lectures at/for Savannah River & Los Alamos Nuclear Power Plant, Innotech, GISSA, many military venues including the Pentagon, and numerous Military facilities addressing security both in the US and Europe, Including but not limited to Numerous Army Bases in Germany and Belgium with both the US and Foreign Military organizations.
Tim is currently Senior Consultant and Trainer at Data Sentry, Inc. with special responsibilities to initiate, develop and validate training programs for current security practices and procedures. Tim possesses formidable knowledge in these areas and the years ahead will see Tim transcribe his know-how into authoring many certification training classes, often times completing self-certification on new and emerging products in advance of teaching or writing courseware or books on related subjects.
Tim’s training stints have taken him to many parts of the world — most major US cities, Europe and Asia. Having been exposed to a variety of students and audiences has given him the added advantage of being able to pitch his commitment at the appropriate level. It is therefore not surprising that he consistently receives accolades bearing testimony to his training prowess.
Tim’s projects include being contributing author of “VMware Virtual Infrastructure Security: Securing ESX and the Virtual Environment“. Moreover, he has done work for the bi-monthly Virtualization Security Roundtable Podcast available as a download on iTunes and Talk Shoe. Tim was Featured Speaker on Secure Coding
and Virtualization Practices at Hacker-Halted in Miami September 2009 and the Hacker-Halted in Kuala Lumpur Malaysia in November 2009.
Kevin Cardwell – Advanced Network Defense (CAST 614)
Kevin Cardwell spent 22 years in the U.S. Navy, during this time he tested and evaluated Surveillance and Weapon system software, some of this work was on projects like the Multi-Sensor Torpedo Alertment Processor (MSTRAP), Tactical Decision Support System (TDSS), Computer Aided Dead Reckoning Tracer (CADRT), Advanced Radar Periscope Discrimination and Detection (ARPDD), and the Remote Mine Hunting System (RMHS). He has worked as both software and systems engineer on a variety of Department of Defense projects and early on was chosen as a member of the project to bring Internet access to ships at sea. Following this highly successful project he was selected to head the team that built a Network Operations Center (NOC) that provided services to the commands ashore and ships at sea in the Norwegian Sea and Atlantic Ocean . He served as the Leading Chief of Information Security at the NOC for six years prior to retiring from the U.S. Navy. During this time he was the leader of a 5 person Red Team that had a 100% success rate at compromising systems and networks.
He currently works as a free-lance consultant and provides consulting services for companies throughout the world, and as an advisor to numerous government entities within the US and UK. He is an Instructor, Technical Editor and Author for Computer Forensics, and Hacking courses. He is technical editor of the Learning Tree Course Ethical Hacking
and Countermeasures and Computer Forensics. He is author of the Controlling Network Access course. He has presented at the Blackhat USA Conferences. He is a contributing author to the Computer Hacking Forensics Investigator V3 Study Guide and The Best Damn Cybercrime and Digital Forensics Book Period. He is a Certified Ethical Hacker (CEH), Certified Security analyst (E|CSA), Qualified Penetration Tester (QPT), Certified in Handheld Forensics, Computer Hacking Forensic Investigator (CHFI) and Live Computer Forensics Expert (LCFE), and holds a BS in Computer Science from National University in California and a MS in Software Engineering from the Southern Methodist University (SMU) in Texas. His current research projects are in Computer Forensic evidence collection on "live" systems, Professional Security Testing and Advanced Rootkit technologies. He developed the Strategy and Training Development Plan for the first Government CERT in the country of Oman, he servers as a professional information security training
consultant to the Oman Information Technology Authority, and is currently developing the team to man the first Commercial Security Operations Center in the country of Oman.
Chuck Easttom – Hacking “Secure” Encryption & Countermeasures (CAST 615)
Chuck Easttom is the author of 13 computer science books including 2 computer security textbooks used at universities around the globe and translated into several languages. He also holds a host of IT certifications including MCP, MCSA, MCSE, MCAD, MCTS (Windows 7, Windows Server 2008, SQL Server 2008, and Visual Studio 2010), MCITP (Windows 7 and SQL Server 2008), MCDBA, MCT, A+, Network+, Linux+,iNet+, Server+, CEH, CHFI, ECSA, and CISSP. He currently has 7 provisional patents, all related to computer science and 4 related to computer security. One of those patents regards a new method of steganography, another regards a new approach to detecting spyware, and yet another involves the invention of a new, more stable file system.
Mr. Easttom is also the inventor of a method for quantifying network security that is being taught at several universities, and most recently has developed a new approach to creating ghost drives. He has taught various security related courses for several years and has over 10 years of teaching experience. He is also a frequent consultant on various computer related court cases including both criminal and patent cases. While Mr. Easttom has a broad range of security expertise, his passion has always been cryptography.
Paula Januszkiewicz - Securing Windows Infrastructure (CAST 616)
Paula Januszkiewicz is an IT Security Auditor and Penetration Tester, Enterprise Security Most Valuable Professional, Microsoft Certified Trainer and Microsoft Security Trusted Advisor. She is a familiar face at international events and conferences such as TechEd North America, TechEd Middle East and TechEd Europe, RSA worldwide, CyberCrime and others worldwide. Her passion for Windows & IT Security allows her to spread her expertise via her trainings and consulting services focusing on areas such as Infrastructure Security & Design, Penetration Testing, IT Security Audits, Networking Security, Windows Internals and Forensics and through her writing regarding Windows Security. Her distinct specialization is definitely on Microsoft security solutions in which she holds multiple Microsoft certifications (MCITP, MCTS, MCSE, MCDBA etc.) besides being familiar and possessing certifications with other related technologies. She proudly holds the role of the Security Architect in iDESIGN and has conducted hundreds IT security audits and penetration tests. When she’s not driving her own company CQURE, she enjoys researching new related technologies, which she converts to authored trainings and describes them on her blog. She is also a co-author of the Microsoft Forefront Threat Management Gateway 2010 book and is currently working on her new book under the same subject.
Georgia Weidman – Advanced Metasploit Decoded (CAST 617)
Georgia Weidman is an experienced penetration tester, security researcher, and trainer. She holds a Master of Science degree in computer science, secure software engineering, and information security as well as holding Certified Ethical Hacker (CEH), Certified Information Systems Security Professional (CISSP), NIST 4011, and an Offensive Security Certified Professional (OSCP) certifications. Her groundbreaking work in the field of smartphone exploitation has been featured in print and on television including MIT Technology Review, ArsTechnica, PC World, Fox News and Global TV Canada. She has presented her research at conferences around the world including Shmoocon, Hacker Halted, Security Zone, and Bsides. Georgia has delivered highly technical security training at conferences, hacker spaces, and schools to excellent reviews. Building on her experience working in both the public and private sectors, Georgia founded Bulb Security LLC, a security consulting firm specializing in security assessments/penetration testing, security training, and research/development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security.
|“Wayne had done some EC-Council Security Fast Tracks at our organisation. He is able to motivate his students to adopt his enthusiasm and guidelines. Where possible, Wayne will use his security skills for the benefit of the client. He has proven to be of added value, not just because of his security skills (which are plenty) but also because of his creative ways to finish the course in time. He is a very positive driven person who motivates the people around him.” - Emile Kok, Netherlands|
|“I had the fortune of having Tim as my instructor on my ECSA/LPT course. What a man, not only does Tim get through the necessary course work, but also teaches the latest techniques in the field. He arranged video conferences with some of the industry’s leading minds. Not many teachers go the extra mile, but Tim went further.” - Wynn Jones, Greenfield, Flintshire, United Kingdom |
|This class provides an excellent framework to begin a career as a Professional Wireless Penetration Tester, or to add to your systems/networks defense knowledge. Mr. Cardwell has given us a "complete approach" to penetration and defense: showing us that in wireless networks, the wired side is as important (if not more) to ensure protection on as the wireless side. This class was engaging, and Mr. Cardwell's vast experience certainly contributed to the value of the course. I highly recommend this course and certification to anyone who has any wireless nodes on their network, and also to those who want to make sure that none pop up, unexpectedly. - US Army|
|Mr. McCray provides all the expected training, and then exponentially more. His style and delivery not just provides the basic information, but real-life examples, personal experiences, and current, hands on solutions. Mr. McCray's teaching and consultative services are my first choice.” - Gergely T. Baltimore, Maryland Area|
|“In a constantly threatening and consistently changing internet security world, Wayne always delivered the most up-to-date and informative security training classes possible. His pre-class preparation and his attention to the latest real world challenges and scenarios made students know that they were learning what they needed to learn to handle any present day situation involving an internet/network/hacking security threat. His student evaluations always received the highest scores, and his availability for months after his classes was especially valuable to his students.” - Bill Markman, Dallas/Fort Worth Area|
|This is an excellent course Kevin is a very knowledgeable instructor and I feel that Iam leaving this course a much better Security Specialist. - M. Wilson, DHS|
|“Wayne is a great personality with a high degree of integrity. He gives knowledge with enormous enthusiasm that's addictive for the whole class. I would without any reservation recommend him as a trainer or security consultant.” - Bram Stienstra, The Hague Area, Netherlands|
|The instructor is very knowledgeable and interesting. - David Caissy, CAST Summit|
| “Wayne is one of the most experienced Information Security experts I dealt with. His vast knowledge and hands-on experience advanced technical is unmatched.” - Mohammed Isa Hammad, Bahrain|
|Joe is dynamic, engaging, and a great instructor! I thoroughly enjoyed the training. - Joshua Broussard|
|This course was very interesting and contained a lot of important knowledge that i needed. i would like if you would notify me for similar courses that are gonna be held in Lebanon. Thank you , Joe was excellent. The labs were very educational and a lot was learned from them. I wish this course was longer. - Georges EL HAJAL, Lebanon|
|This is an excellent course Kevin is a very knowledgeable instructor and I feel that Iam leaving this course a much better Security Specialist. - M. Wilson DHS|
|The course material was excellent. - Hanna Jabbour, Lebanon|
|We hope to see similar trainings in the region if not in the country.Joe is a reference in this field and an excellent instructor.He is the one you can get the right answers from no matter what your questions are-just ask!! - JEAN MICHEL KAOUKABANI, Lebanon|
|“He taught the basics of hacking databases. I was working lightspeed to keep up, but the pace and content were invigorating--and Joe was funny! He made the class easy to understand both from the technical perspective and the real world application. After class, I was able to take my experience and demonstrate these hacks with my colleagues at work. Seeing the ease with which these occur underscored our requirement to remediate these vulnerabilities in all our efforts. I continue to follow Joe and always find his LI links and comments valuable. Further, I know if I reach out to him with a question, he will be there. I cannot more highly recommend Joe and his team.” - Marsha Wilson, Greater San Diego Area|
|“Joe has been a very welcome addition to the Extreme Networks security team. He brings a level of security expertise, both technically and administratively that would take me years to duplicate. His extensive background in end systems penetration testing is unparalleled in my experience in this career field and is a demonstration of his technical ability. Joe also has an extensive background in compliance efforts covering numerous government and industry standards polished through his years working for and consulting for the government. These skills have enabled Extremes security practice to grow considerably.” - Brian Comstock. Phoenix, Arizona Area|
CAST On-site provides personalised Advanced Security Courses to meet the needs of the individual or company and are planned to ensure maximum flexibility in terms of logistics, dates and cost issues. Our certified expert trainers are experienced educators and highly knowledgeable in their respective fields. CAST On-site prides itself on strict quality control principles at all times to ensure that clients receive the highest standard of training and service.
CAST On-Site training is designed to add great value to your work force by increasing staff efficiency and skills ensuring improved productivity and output that far exceeds the value of the initial training costs.
Key features of CAST On-site:
Each of the courses selected from the CAST Advanced Training Suite will be specifically designed to meet the needs of each individual, based according to their current skills and pace of learning to meet your organisation’s unique objectives and goals
CAST On-site expert/trainers will be flown down to your premise of choice at a date most suitable to you
CAST On-site allows students to receive training in more manageable sessions arranged over a spread of a few days that allowing for greater absorption of knowledge with an opportunity to practice and verify the new skills after each session prior to commencing the next one
With CAST On-site Advanced Security courses students will be able to take advantage of directly conversing with the chosen expert in matters unique to the student and your organisation
You can be rest assured that all challenges and objectives pertaining to your organisation’s goals can be discussed in an environment that ensures complete confidentiality
Each individual client receives the required high level of training that is benchmarked to international best practise and standards
Each student receives a CAST Advanced Security Training Courseware that allows them to follow and revise the material that has been taught to them
Upon completion of the course, each student will receive a CAST On-Site Advanced Security Training certificate of attendance
We at CAST would like to hear from you
if you have questions, comments or feedback for us, please send us a message using the from below or email us at firstname.lastname@example.org
For more information and news updates, connect with us via Social Media or our Mailing List.
We look forward to hearing from you!