SEC504 will prepare you to turn the tables on computer attackers. This course addresses the latest cutting-edge insidious attack vectors, the 'oldie-but-goodie' attacks that are still so prevalent, and everything in between. You will learn a time-tested, step-by-step process to respond to computer incidents; how attackers undermine systems so you can prepare, detect, and respond to them; and how to discover holes in your system before the bad guys do.

Instead of merely teaching you a few hack attack tricks, this course will give you hands-on experience, equip you with a comprehensive incident handling plan, and help you understand the legal issues associated with responding to computer attacks, including employee monitoring, working with law enforcement, and handling evidence. 'The training offered at SANS is the best in the industry, and the SEC504 course is a must for any IT security professional - highly recommended.'

SANS SEC542 (Web App Penetration Testing and Ethical.pdf - 0 downloads sans-sec542-web-app-penetration-testing-and-ethical-hacking-cheat-sheet - This week I obtained my GWAPT (GIAC Web Application Penetration Tester) certification (as a follow up to the SEC542 Web App Penetration Testing and Ethical Hacking. Learn web application penetration testing and ethical hacking through current course content, hands-on labs, and an immersive capture-the-flag challenge. 'With the infinite tools used for web application penetration, SEC542 helps you understand/use the best tools for your environment.' Web App Penetration Testing and Ethical Hacking.

- Michael Hoffman, Shell Oil Products US. In SEC542, you will practice the art of exploiting web applications to find flaws in your enterprise's web apps.

You'll learn about the attacker's tools and methods in order to be a more powerful defender. Through detailed, hands-on exercises and with guidance from the instructor, you will learn the four-step process for web application penetration testing; inject SQL into back-end databases to learn how attackers exfiltrate sensitive data; and utilize cross-site scripting attacks to dominate a target infrastructure. You will also explore various other web app vulnerabilities in-depth using proven techniques and a structured testing regimen. 'SEC542 shows a hands-on way of doing web app penetration testing--not just how to use this tool, or that tool.'

- Christopher J. Stover, Infogressive Inc. In SEC550, you will learn to better understand attackers and their methods, develop new strategies to defend your network, and learn how to attack the attackers. You won't just learn about Active Defenses - you'll learn to track attackers using callback Word documents and Honeybadgers, and how to create and deploy honeypots. We'll work through many hands-on activities and labs that will enable you to quickly and easily implement what you learn in your own working environment. 'SEC550 provides defender TTPs that have the ability to be game changers.'

- Kathryn Swan, Federal Resrve Bank of San Francisco. SEC560 prepares you to conduct successful penetration testing and ethical hacking projects. Download yourkit. You will learn how to perform detailed reconnaissance, exploit target systems to gain access and measure real business risk, and scan target networks using best-of-breed tools in hands-on labs and exercises.

You won't just learn run-of-the-mill options and configurations, you'll also learn the lesser-known but super-useful capabilities of the best pen test toolsets available today. The course concludes with an intensive, hands-on Capture-the-Flag exercise in which you will conduct a penetration test against a sample target organization and demonstrate the knowledge you have mastered. 'SEC560 provides practical, how-to material that I can use daily in my penetration testing activities--not only technically, but also from a business perspective.' - Steve Nolan, General Dynamics. SEC562 will prepare you to analyze and assess the security of control systems and related infrastructure and find vulnerabilities that could result in significant kinetic impact.