Pentestit Corporate Laboratories: Practical Information Security Skills

" Corporate Laboratories " is a training program in the field of information security, consisting of theoretical (webinar courses) and practical training (work in pentest laboratories).

Specialists trained in Corporate Laboratories gain invaluable practical experience in working with modern methods and tools to penetrate the system, study the psychology of intruders, investigate cybercrime, and, based on this, learn to develop the most effective defense mechanisms.

Learning process

The learning process is based on the principle: 20% of the theoretical part and 80% of the practice for securing the material. The theoretical parts are given in portions, after which students have access to practical laboratories.
')
The course is completely remote. For maximum comfort of students, we have developed a specialized webinar platform, a convenient personal account and a virtual lab environment, which is connected via a VPN connection.

The program "Corporate Laboratories" is developed taking into account the materials and practices used by both hackers and employees of the information security departments of various companies. Listening to the wishes of specialists attending our training, we regularly update the course content so as to ensure comfortable and high-quality training.

Practice

The main focus on conducting courses of Corporate Laboratories is on practical tasks that make up about 80% of the course. Practical tasks are aimed both at the exploitation of various vulnerabilities and at acquiring the skills to investigate information security incidents. This approach provides the most complete immersion of course participants in the field of practical information security and provides an opportunity for a fairly short period of time to obtain the maximum amount of knowledge and vectors for further development. This is confirmed by course participants: employees of leading Russian and foreign companies.

Companies interested in effectively counteracting cyber-criminals, protecting their own infrastructure evaluate the effectiveness of this approach: an interview with Sergey Lebed (head of the cyber security service of Sberbank):

The RedTeam team is a division that operates according to its own plan, tests the security of IT systems, and checks the quality of work of our own cyber security service. There is a work plan for this team. He is coordinated with our supervising deputy chairman, Stanislav Kuznetsov. The task of RedTeam is to find vulnerabilities, implement them without disrupting the continuity of the bank, show them. If the cyber security service worked out, found a vulnerability or “attack” - all done. If not, you need to figure out why it happened.

Last year we conducted training for the whole team in Moscow and partly in the regions. We have attracted several centers to this: Pentestit, Moscow State University security laboratory, IBM's Cyber ​​Center in Dublin. We are also negotiating with several research companies. The task is to teach our engineers how to become hackers. So that they think like hackers and understand how intruders act.

The course program consists of complementary blocks: Profi, Expert and RedTeam.

The pros

The Profi course is designed for medium skills of compromising networks and systems, as well as investigating various types of security incidents.

For example, one of the tasks is aimed at identifying suspicious user actions in the system using the auditd audit subsystem. Using the ausearch utilities (search for events in the system logs), it is necessary to identify which user has received unmanaged access to the system, which was affected by the incidinite.

Expert

The Expert Advisor course is designed for expert skills of compromising networks and systems, it pays more attention to the attack specific vectors, and explores the vulnerabilities of web applications implemented in the form of advanced workshops. A separate point is the consideration of the disciplines of mobile forsenics - the widespread use of the BYOD paradigm imposes certain requirements on working with mobile applications and their research.

One of the tasks includes the study of an iOS application by disassembling it to identify the offset at which in the application you can see the code for setting the password for the internal storage.

Red team

The Red Team course is designed to create and manage an effective team for finding and operating vulnerabilities. The Red Team is similar to a military operation: it identifies targets or objects of attack, areas of responsibility and the role of team members. Often in the Red Team a team can be an insider who transmits data from inside the company or who performs auxiliary functions.

This course covers both data processing systems for teamwork and the analysis of the most effective penetration testing methods and practices that are as close as possible to the actions of the attacker. The program contains unique material for finding and identifying the source of the attack, tools and methods of operation.

This course covers current APT threats, virus outbreaks, attackers' tools, and entry methods. These skills will allow you to quickly respond to security incidents, identify their size, affected systems and consequences, as well as apply objectively protective measures and means.

One of the tasks includes the collection of information about the object of attack and the compilation of spear-phishing companies comparable to modern APT (advanced persistent threat) for a targeted and effective campaign to compromise infrastructure.

---

Specialists trained in Corporate Laboratories gain invaluable practical experience in working with modern methods and tools to penetrate the system, study the psychology of intruders, investigate cybercrime, and, based on this, learn to develop the most effective defense mechanisms.

Learn more and sign up for the next courses can be on the link .