Whatever your skill level, I can teach you how to be more secure and protect your privacy.
Whether it’s a short presentation or a longer set of content, I can teach you, your family, or your organization about security, including the following topics:
- Social media privacy and safety
- OSINT techniques
- OPSEC and PERSEC defenses and practices
- Securing software and building a secure software development lifecycle (SDLC)
- Social Engineering techniques and defenses
- Security Awareness
- Personal security assessments / risk profiling
- Executive security awareness training
- Protecting your devices and personal OPSEC for International Travel
- Compliance and Risk Management
Each training can be customized to be relevant to you (e.g. Security for providers of services such as Legal, Financial, Government, SaaS, Cloud, Personal, etc).
Types of Traininng
- Education Where You Are: on-site training at your location
- One-on-One or Small-Group/Family training
- Virtual Live Training: via video chat or phone
- Public Training: at events and conferences
- Next: BlackHat USA 2018
Current Public Training:
A comprehensive two-day introductory course taught by: JAYSON E. STREET & APRIL C. WRIGHT
- BlackHat USA 2018 – AUGUST 4-5 and AUGUST 6-7, 2018 – https://www.blackhat.com/us-18/training/achieving-security-awareness-through-social-engineering-attacks.html
- DerbyCon 2018 [SOLD OUT] – https://www.derbycon.com/training-courses-2018/
- Texas Cyber Summit – OCTOBER 10-11, 2018 – https://www.texascybersummit.org/trainings
The ability to “think like an attacker” is the best way to defend against attacks. Your employees are your biggest asset, but also at the biggest risk for social engineering (SE). Awareness is the best defense against SE threats. Through hands-on exercises using software and hardware tools, SE risks will be discussed and evaluated with an emphasis on developing awareness programs. Class activities will introduce students to profiling the online presence of employees and enterprises, as well as performing hands-on attacks against WiFi and computers.
After successful completion of this course, students will have a better understanding of how to detect and/or prevent to SE events by looking at their defenses from a different perspective. Students will gain insight into how to educate others and create greater awareness about the various dangers that can occur. The primary goal of this course is to substantially increase the security posture of an organization by implementing changes to better handle malicious SE attacks. This 2-day course will use current Red Team strategies to develop a better understanding of how attackers use SE, as well as provide methods to prevent and detect these attacks via awareness programs and “teachable moments”.
This course utilizes Hak5 hardware tools for exercises. Hardware will be provided to each student for use during the class, and depending on which training course is attended, students may be able to keep and take home the hardware.
WHO SHOULD TAKE THIS COURSE
- Security defenders
- Blue team (Data Forensics, Incident Response, Analysts)
- Security Auditors
- Internal Awareness Teams / Trainers
- Infosec personnel interested in defending against social engineering
- IT support staff
- Customer-facing call-centers and similar jobs
- Anyone interested in learning more about common social engineering attacks
- No prerequisites, per se
- Students should have a willingness to try
WHAT STUDENTS SHOULD BRING
- A laptop with WiFi capability
- A phone or a tablet with WiFi capability. A 2nd laptop would also work.
- If required for their laptop (e.g. newer Macbooks), an adapter so the student is able to connect a USB-A cable (e.g. USB-C to USB-A adapter)
WHAT STUDENTS WILL BE PROVIDED WITH
Students will be provided with a custom Hak5 Field Kit that they will get to keep.