GRIMM offers several off-the-shelf courses developed to train your team on how to better understand how an attacker might attack and exploit an organization’s systems, networks, or devices. These courses are “hands-on” so that students "understand by doing it themselves".
Courses generally focus on vulnerability research of Windows and OS internals, automotive security. Most students are hardware or software developers, engineers, penetration testers, forensic investigators, vulnerability researchers, security auditors, or general IT professionals -- all may benefit from these courses.
Additionally, GRIMM develops custom courseware for organizations with unique needs. In the past, GRIMM has developed courseware for commercial clients interested in better training their IT workforce -- building security into development practices, understanding how the attackers think, and learning techniques they may employ to secure specific technology.
Defensive Automotive Engineering Security Training (AutoSec)
During this 5-day course, participants gain an understanding of the automotive cybersecurity threat-landscape from an attacker's perspective. Automotive attack surfaces are highlighted, with a focus on attack techniques -- providing insight into creating defensible designs. Attendees benefit from hands-on offensive exercises in a lab environment. These exercises are designed to ensure that each student comprehends real-world exploitation, enhancing the ability to integrate defensive security measures into their vehicle networks.
Training for Software Developers
Windows Internals for Developers - This developer-focused windows internal architecture course discusses the components, data structures, and algorithms that make up the core of the Windows operating system.
Application Security for Software Developers - This developer-focused course covers over the nuts and bolts of Windows security, cryptography, and proposes a defensive secure application life cycle. Additionally, it covers techniques to defend your software against software cracking and reverse engineering.
Software Reverse Engineering - Detailing how compiled code becomes machine language, and the art of reversing that process, this course pushes students to overcome assumption and realize how to make sense out of seeming chaos that is compiled code. Students will see improvement in Vulnerability Research and many other aspects of low-level understanding.
Operating System Internals
Linux Internals - This course takes a deep dive into the internals of the Linux kernel from a security perspective.
Windows Internals for Security Professionals - This Windows internal architecture course discusses the components, architecture, and internals of the Windows operating system from a security perspective.
Internet of Things (IoT) and Cyber-Physical System (CPS) Security
IoT Exploitation - As smart devices become ubiquitous and are necessary for our everyday life, so are the threats to those devices. This course focuses on the common threats to IoT devices and how you can begin to discover and exploit their weaknesses on your own.
Vulnerability Research and Exploitation
Intro to Vulnerability Research - This course goes through typical tactics used for vulnerability research. Students learn how to be successful at bug hunting, including how to select targets (programs), understanding the context of a target, and a process for finding and validating vulnerabilities.
Advanced Vulnerability Research - This course teaches advanced techniques used for vulnerability research. Attendees build upon the introductory overview class to deep-dive with significant hands-on practice for vulnerability research and an introduction into weaponizing exploits.
Software Reverse Engineering - Detailing how compiled code becomes machine language, and the art of reversing that process, this course pushes students to overcome assumptions and realize how to make sense of seeming chaos that is compiled code. Students will see improvement in Vulnerability Research and many other aspects of low-level understanding.
Did you know GRIMM’s 5-day, hands-on Automotive Security training can come to you? You provide the venue; we’ll bring training, instructors, materials, and lab kits! Private group sessions or a public offering in your area are available.