MetricFire has a special promotion running until the end of 2019. We’re offering $1,000 towards the Black Hat Asia Hacking Enterprise training by in.security to anyone from the MetricFire community. Send us an email at email@example.com to claim the promotion!
Here at MetricFire, we couldn’t speak more highly of the quality of the training we experienced at in.security. Our training was held in February 2019 and was attended by eight of our teammates. The course by in.security focused mainly on the technical aspects of security, but also 1/3 of their material was directly accessible to our non-technical teammates. This accessible content allowed for security awareness to spread throughout our team, and our buy-in and respect for security practices became cemented. Our non-technical teammates became empowered to participate in security protocols, which is deeply significant as cybersecurity is impossible to achieve in isolation. This course has given us the foundation for company-wide discussions around best practices for security, recent and relevant hacks, and the contributing factors to breaches.
This year, in.security is running a course called “Hacking Enterprises - 2020 release” at Black Hat Asia. The course focuses on the tactical battleground that leads to direct cyber attacks. Over two full days, the course will cover a broad range of security topics in an immersive and hands-on environment. The most unique aspect is that the course is hosted in a cloud-based LAB that simulates real networks where students can identify and exploit configuration weaknesses. Day 1 covers 10 topics such as MITRE ATT&CK framework, OSINT, targeting IPv4 and IPv6 hosts, and Kubernetes and container security. The second day covers 13 more topics including P@ssw0rd cracking, RDP hijacking, and enumerating and extracting LAPS secrets.
Black Hat Asia 2020 will be held in Singapore over four days from March 31st - April 1st. This year the list of specialized courses extends to more than 20 different options. Beyond the training hosted by in.security, there are courses about how to improve Incident Response programs, practical approaches to malware analysis and memory forensics, advanced Frida and Radare2, advanced Infrastructure hacking, and so much more. Courses are two day, four day, or attendees can opt for the Business Pass. The Business Pass allows access to the Business Hall, keynote, Arsenal, sponsored sessions and sponsored workshops.
“The Black Hat events worldwide are known to be lively – giving a raw cross-section of security issues, compromises and new tactics. Having experienced the quality at in.security, it is extremely easy for me to refer folks to the Hacking Enterprises training, as well as the Black Hat event.”
- Jonathan Siegel, Founder and Chairman at Xenon Partners, Inc.
After the in.security training, two of our teammates were able to complete the CREST CPSA, which is the knowledge-based examination that must be passed in order to sit the practical CRT exam. The CRT exam simulates a real-world network and challenges the participant to successfully navigate, identify and exploit the connected systems. These teammates are now CREST CRT certified, as well as CISSP certified, and can now execute pentests according to the proper framework stipulated by CREST. We are also able to provide vulnerability analysis, and remediation guidance in the form of remote and onsite activities, ultimately leading to the presentation of a pentest report. We are qualified to schedule and properly execute regular pentests, and are able to work towards further certifications, such as SOC2, that require this practice.
We chose in.security after multiple teammates attended the Brown Executive Masters in Cybersecurity program. This established a strong baseline of cybersecurity awareness and cracked open the door to more tactical content. Having in.security continue our training was a natural next step. We will continue to offer in.security training to our teammates as our team grows and the technical landscape changes.
With over 25 years combined experience, in.security offers cybersecurity services such as 3rd party pentesting, password audits, phishing assessments, vulnerability assessments, and more. Beyond their cybersecurity services, in.security is a leader in cybersecurity training. in.security runs both the Awareness training and the Hacker Enterprise training, and facilitates the trainings on-site or at major conferences. In.security is constantly accumulating expertise in the cybersecurity field - check out their blog and twitter for more.
At MetricFire, we know that it is paramount that we maintain good stewardship of our network and business practices so we can protect our community’s network-connected assets. Having deep domain knowledge on active technical measures used to exploit networks gives us corresponding awareness of how best to prevent bad actors from compromising our system and networks. It further gives us the ability to be a resource for our customers and provide cybersecurity-aware support when needed.
We’re excited to give the best quality of cybersecurity to our MetricFire customers that stems from deeper understanding developed through this course, and we hope our community will also get involved by getting educated about information security.
Sign up for the in.security course and contact us at firstname.lastname@example.org to arrange the promotion!