SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
SEC568: Product Security Penetration Testing - Safeguarding Supply Chains and Managing Third-Party Risk
SEC568Offensive Operations
- 5 Days (Instructor-Led)
- 30 Hours (Self-Paced)
Course created by:
Douglas McKee & Ismael Valenzuela
Course created by:Douglas McKee & Ismael Valenzuela
- 30 CPEs
Apply your credits to renew your certifications
- In-Person or Virtual
Attend a live, instructor-led class from a location near you or virtually from anywhere
- Intermediate Skill Level
Course material is geared for cyber security professionals with hands-on experience
- 20 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Develop advanced product security testing skills to combat supply chain attacks and protect hardware, software, and network infrastructure.
Featured Quote
There's nothing out there like this course and it surpassed what I expected out of it.
Course Overview
SEC568 delivers advanced product security training and supply chain risk analysis. Through more than 20 hands-on lab exercises, students learn systematic methodologies for assessing security risks in third-party products. The product security course progresses from basic enumeration to deep technical analysis, covering hardware devices, mobile applications, proprietary protocols, and network traffic analysis. Using tools like Corellium, APKLab, and Scapy, students master techniques for firmware analysis, binary code examination, and protocol dissection. The course culminates in a comprehensive capstone event where students conduct a complete product security assessment on a real application.
What You’ll Learn
- Execute comprehensive product security assessments
- Analyze firmware and binary code for vulnerabilities
- Dissect and evaluate proprietary network protocols
- Build effective product security threat models
- Conduct risk analysis using attack trees and scoring
Business Takeaways
- Reduce supply chain attack risks across the enterprise
- Strengthen third-party product evaluation processes
- Improve vulnerability detection and mitigation
- Enhance regulatory compliance capabilities
- Build robust product security testing programs
- Lower costs through systematic security testing
- Develop in-house product security expertise
Meet Your Authors
- Slide 1 of 2
Douglas McKee
Certified Instructor CandidateDouglas McKee, Executive Director of Threat Research at SonicWall, revolutionized cybersecurity by spearheading the detection of over 210,000 novel malware variants and pioneering real-time threat intelligence that accelerates defense responses.
Read more about Douglas McKee - Slide 2 of 2
Ismael Valenzuela
Senior InstructorIsmael Valenzuela, VP of Threat Research & Intelligence at Arctic Wolf, has fortified global cybersecurity by leading critical threat intelligence initiatives and pioneering defenses against AI-driven threats like deepfakes and ransomware.
Read more about Ismael Valenzuela
Slide 1 of 0
(1/0)
Course Syllabus
Explore the course syllabus below to view the full range of topics covered in SEC568: Product Security Penetration Testing - Safeguarding Supply Chains and Managing Third-Party Risk.
Section 1Product Security Penetration Testing
Introduces fundamental principles of supply chain attacks and product security testing. Focuses on online product research and basic enumeration using tools like binwalk, Corellium, and APKLab. Students learn initial methodology through hands-on exercises with the supplied virtual machines.
Topics covered
- Product security methodology
- Supply chain attack principles
- Online research techniques
Labs
- Product and vendor website reconnaissance
- Firmware unpacking and analysis
- APK enumeration with Corellium
Section 2Basic Enumeration, Threat Modeling, and Intro to Deep Enumeration
Covers Windows platform analysis and networking concepts using tools like Attack Surface Analyzer and Sysinternals. Introduces Exploratory Data Analysis with Python and Jupyter Notebooks for threat modeling and data visualization.
Topics covered
- Windows enumeration techniques
- Network analysis fundamentals
- Threat modeling methodologies
- Data analysis frameworks
- Deep enumeration concepts
Labs
- Windows system enumeration
- Network traffic analysis with Pandas
- Android traffic investigation
- Data visualization with Matplotlib
Section 3Binary Code Analysis and Deep Network Analysis
Focuses on deep enumeration through binary code analysis and network protocol investigation. Students learn to use decompiler tools, analyze application updates, and manipulate network packets using Scapy.
Topics covered
- Deep network analysis
- Binary code examination
- Protocol analysis
- Scapy framework usage
- Network traffic decryption
Labs
- Certificate pinning bypass
- Source code decompilation
- Scapy protocol manipulation
- Network artifact analysis
- Android code analysis
Section 4Deep Network Analysis and Risk Analysis
Concludes our deep enumeration study and focuses on risk analysis. Covers protocol dissection, network fuzzing, and risk assessment using attack trees and DREAD scoring methodology.
Topics covered
- Protocol dissection techniques
- Fuzzing methodologies
- Risk analysis frameworks
- Reporting best practices
- Vulnerability disclosure
Labs
- Pattern enumeration analysis
- Network traffic heartbeat detection
- Payload analysis
- Basic fuzzing implementation
- Risk assessment
Section 5Capstone Event
Provides hands-on experience conducting a complete product security test on a real application, applying all concepts learned throughout the course using provided tools and cloud-based labs.
Topics covered
- Target application analysis
- Security testing methodology
- Hands-on assessment practice
- Finding documentation
- Results discussion
Labs
- Installation security analysis
- Execution behavior assessment
- Threat model development
- Network traffic examination
- Results documentation
Things You Need To Know
Relevant Job Roles
System Testing and Evaluation Specialist (DCWF 671)
DoD 8140: Cyber ITPlans and executes system tests, analyzing results to verify compliance with technical and operational requirements and expectations.
Explore learning pathInfrastructure Support (OPM 521)
NICE: Protection and DefenseResponsible for testing, implementing, deploying, maintaining, and administering infrastructure hardware and software for cybersecurity.
Explore learning pathCourse Schedule & Pricing
Looking for Group Purchasing Options?Contact Us
Filter by:
Location & instructorDate & TimeCourse priceEnrollment options
- Location & instructor
Amsterdam, NL & Virtual (live)
Instructed by Douglas McKeeDate & TimeFetching schedule..View event detailsCourse price€7,715 EUR*Prices exclude applicable local taxes - Location & instructor
San Antonio, TX, US & Virtual (live)
Instructed by Douglas McKeeDate & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxesEnrollment options
Showing 2 of 2
Learn Alongside Leading Cybersecurity Professionals From Around The World
- Slide 1 of 3This is exactly what we've been talking about at work with threat modeling and software being added to the network.
- Slide 2 of 3Learned more useful skills on Day 1 than I've learned in a month elsewhere.
- Slide 3 of 3This is hard.... But very fun!
Slide 1 of 0
(1/0)
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources