What to bring:
Participants are requested to bring their own laptops.
All other materials will be provided, including a hard copy of the latest OSSTMM, a CD with tools and texts, pens, course ware slides & workbooks.
The Open Source Security Testing Methodology Manual (OSSTMM) focuses on the who, what, when, where, why, and how of security testing. Using the OSSTMM as a testing framework provides for testing results which are:
- Consistent and Repeatable
- Valid beyond the "now" time frame
- Based on the merit of the tester and analyst not on brands
- Compliant to individual and local laws and the human right to privacy
Analysis, Red Team Strategies, & Project Management.
The OPSA is partially focused on understanding test results, how and where they came from, and what they mean. The other part is on the process that brings a team to getting these test results and what to do with the results. The student will work with real test data to make analysis and to see where this data comes from or even if it's complete. The final exam includes working with scope information and test data to answer analysis, policy, and risk planning questions. Based on ISECOM's OSSTMM, this OPSA course will give you a complete and practical window into the methods and practices of world-wide professional security analysts.
- Security Analysis. Security Analysis provides the baseline for understanding security test results such as log files, security tool output, and protocol dumps as well as the application of the OSSTMM modules by expected results and practical solutions with business justifications in mind. Also applied are strategies for risk assessment, system and network survivability, and solutions in network security architecture. Dyad will also unveil the first public demonstration of the OSACE project which is a correlation engine to make analyzing test results from large tests manageable.
- Red Team Strategies. Red Team Strategies provides an in depth review of the security consulting rules of engagement from pre-sales and the preparation phase through to the final reporting and workshop with a team of testers. Students will also analyze various Red Team and Blue Team strategies for best results including various attack-net structure deployment both for internal and external testing. Dyad will share design goals and configuration layout from the Advanced Attack and Penetration Testing lab being built at the University of Southern California.
- Security Project Management. Security Project Management provides insight and knowledge transfer in the realm of OSSTMM testing projects and their applications. The focus of this component will be project management: time reporting, estimations, team management, contracts, client interaction, testing efficiency, and cost controls including Return of Investment management using the OSSTMM. We will also share some real-world experiences working with law enforcement and tracking down attackers after a security incident.
What You Will Learn:
The premise of the course is to provide a variety of hard and soft skills to the security professional. The course focuses on the analytical skills and security knowledge necessary for security and risk analysis and the business skills required for successful security team and project management. This course is about combining the international knowledge and experiences of security team leaders to provide depth and insight to the students.
Who Should Attend:
Information security officers, system and network administrators, security consultants, & government agencies will all benefit from the valuable insights provided by this class. A basic understanding of networking, security, Unix and Windows is a course prerequisite.
About the Exam:
The exam is 4 hours of open book, hands on skills assessment of 50 questions in 5 categories:
- Professional - Consulting, ethics, and project planning.
- Enumeration - Analysis of various packet types.
- Assessments - Determining estimates from test data and project planning.
- Application - The analysis of Internet application tests.
- Verification - Determination test validity through tool outputs.
Course Length: 2 days
Cost: US $1900 on or before July 1, 2004, or US $2100 after July 1, 2004
NOTE: this is a two day course. ISECOM's OPSA exam will be proctored at the end of the 2nd day. A Blackhat Certificate of Completion will be offered.
Robert E. Lee is the Chief Technical Officer of Dyad Security where his primary function is managing the security testing team. Robert also serves as Co-Chairman of the Board for the Institute for Security and Open Methodologies (ISECOM). Robert is very active in the Information Security community and is a contributor to such projects as The Open Source Security Testing Methodology Manual (OSSTMM), the OPTE project, and the OSACE project. Robert drinks Dr. Pepper and plays the French Horn.
Jack Louis is a lead security researcher for Dyad Security. He has a background in core networking technologies and programming. While his passion is in the defense side of the house, that knowledge transfers well into understanding the mind of the attacker. Jack has UNIX tattooed on the fingers of his left hand.
Peter Bartoli is the founder and CTO of Dyad Security partner Consolvant. Over the last ten years in the security field, Peter has been involved with all facets of the security testing world, including involvement in nearly 100 security tests. His background also includes rendering opinions about computer intrusions and patent suits in Federal court. Peter has served organizations from energy and utility companies, health care providers, automobile manufacturers, Internet service providers, embedded device manufacturers, retail chains, government entities, and multinational organizations. Peter lives with his two Tonkinese cats, Isabella and Vito.