Training: Achieving Security Awareness Through Social Engineering Attacks

WHERE TO TAKE THIS COURSE

Our next training will be at Black Hat USA 2019 – Sign up at: https://www.blackhat.com/us-19/training/schedule/index.html#achieving-security-awareness-through-social-engineering-attacks-14149

SUMMARY

Achieving Security Awareness Through Social Engineering Attacks is a comprehensive two-day course taught by: JAYSON E. STREET & APRIL C. WRIGHT

Related Reading: The Importance of Security Awareness Training and the Impact of Attack Demonstrations

DETAILS

The ability to “think like an attacker” is the best way to defend against attacks. Your employees are your biggest asset, but also at the biggest risk for social engineering (SE). Awareness is the best defense against SE threats. Class activities will introduce students to profiling the online presence of employees and enterprises, as well as performing hands-on attacks against WiFi and physical computers. After successful completion of this course, students will have a better understanding of how to detect and/or prevent to SE events by looking at their defenses from a different perspective. Students will gain insight into how to educate others and create greater awareness about the various dangers that can occur. Students will also learn about operational security (OPSEC) for defense against attacks. The primary goal of this course is to demonstrate vulnerabilities with the intent of substantially increasing the security posture of an organization by implementing changes to better handle malicious SE attacks. This 2-day course will use current Red Team strategies to develop a better understanding of how attackers use SE, as well as provide methods to prevent and detect these attacks via awareness programs and “teachable moments”. A custom Hak5 Field Kit will be provided to each student for use during the class, which students will be able to keep and take home.


KEY TAKEAWAYS

  • How to perform OSINT and other reconnaissance to craft customized spearphishing tests and to demonstrate the dangers of oversharing on social media
  • Ways to use creativity in conjunction with various hardware, web, and software tools to make social engineering testing and awareness activities relevant and meaningful to employees
  • Step-by-step how to build a successful security awareness program, from management buy-in to policy to metrics

WHO SHOULD TAKE THIS COURSE

  • Security defenders
  • Blue team (Data Forensics, Incident Response, Analysts)
  • Security Auditors
  • Internal Awareness Teams / Trainers
  • Infosec personnel interested in defending against social engineering
  • IT support staff
  • Customer-facing call-centers and similar jobs
  • Anyone interested in learning more about common social engineering attacks

AUDIENCE SKILL LEVEL

Beginner/Intermediate


STUDENT REQUIREMENTS

No prerequisites, per se
Students should have a willingness to try


WHAT STUDENTS SHOULD BRING

A laptop with WIFI capability (preferably not a Chromebook)


WHAT STUDENTS WILL BE PROVIDED WITH

A custom Hak5 field kit

SIGN UP TO ATTEND

Our next training will be at Black Hat USA 2019 – To register, please visit:

https://www.blackhat.com/us-19/training/schedule/index.html#achieving-security-awareness-through-social-engineering-attacks-14149