SANS SEC575: Mobile Device Security and Ethical Hacking 2017
Imagine an attack surface spread throughout your organization, in the hands of every user, which moves from place to place regularly, stores highly sensitive and critical data, and sports numerous different wireless technologies all ripe for attack. You have it today: mobile devices. These devices are the biggest attack surface in most organizations today, yet these same organizations often don’t have the skills needed to assess them. SANS SEC575: Mobile Device Security and Ethical Hacking 2017
NOW COVERING ANDROID NOUGAT, iOS 10, APPLE WATCH AND ANDROID WEAR
Mobile devices are no longer a convenience technology: they are an essential tool carried or worn by users worldwide, often displacing conventional computers for everyday enterprise data needs. You can see this trend in corporations, hospitals, banks, schools, and retail stores throughout the world. Users rely on mobile devices more today than ever before – we know it, and the bad guys do too.
LEARN HOW TO PEN TEST THE BIGGEST ATTACK SURFACE IN YOUR ENTIRE ORGANIZATION. SANS SEC575: Mobile Device Security and Ethical Hacking 2017
This course is designed to give you the skills you need to understand the security strengths and weaknesses in Apple iOS, Android, and wearable devices including Apple Watch and Android Wear. With these skills, you will evaluate the security weaknesses of built-in and third party applications. You’ll learn how to bypass platform encryption, and how to manipulate Android apps to circumvent obfuscation techniques. You’ll leverage automated and manual mobile application analysis tools to identify deficiencies in mobile app network traffic, file system storage, and inter-app communication channels. You’ll safely work with mobile malware samples to understand the data exposure and access threats affecting Android and iOS devices, and you’ll exploit lost or stolen devices to harvest sensitive mobile application data.
TAKE A DEEP DIVE INTO EVALUATING MOBILE APPS, OPERATING SYSTEMS, AND THEIR ASSOCIATED INFRASTRUCTURES SANS SEC575: Mobile Device Security and Ethical Hacking 2017
Understanding and identifying vulnerabilities and threats to mobile devices is a valuable skill, but it must be paired with the ability to communicate the associated risks. Throughout the course, you’ll review the ways in which we can effectively communicate threats to key stakeholders. You’ll leverage tools including Mobile App Report Cards to characterize threats for management and decision makers, while identifying sample code and libraries that developers can use to address risks for in-house applications as well.
YOUR MOBILE DEVICES ARE GOING TO COME UNDER ATTACK – HELP YOUR ORGANIZATION PREPARE FOR THE ONSLAUGHT!
Through the use of your new skills, you’ll apply a mobile device deployment penetration test in a step-by-step fashion. Starting with gaining access to wireless networks to implement man-in-the-middle attacks and finishing with mobile device exploits and data harvesting, you’ll examine each step in conducting such a test with hands-on exercises, detailed instructions, and tips and tricks learned from hundreds of successful penetration tests. By building these skills, you’ll return to work prepared to conduct your own test, or better informed on what to look for and how to review an outsourced penetration test.
Mobile device deployments introduce new threats to organizations including advanced malware, data leakage, and the disclosure of enterprise secrets, intellectual property, and personally identifiable information assets to attackers. Further complicating matters, there simply are not enough people with the security skills needed to identify and manage secure mobile phone and tablet deployments. By completing this course, you’ll be able to differentiate yourself as having prepared to evaluate the security of mobile devices, to effectively assess and identify flaws in mobile applications, and to conduct a mobile device penetration test – all critical skills to protect and defend mobile device deployments.