Training

GRIMM builds and instructs off-the-shelf training courses that explore how to think like an attacker -- how an attacker might target and exploit an organization’s systems, networks, or devices. Courses are "hands-on" and made for developers, engineers, penetration testers, forensic investigators, vulnerability researchers, security auditors, and general IT professionals.

*Next Upcoming Course*
GRIMM's Defensive Engineering Training (AutoSec) from September 16th to 20th, 2019

Register Now!

Interested in a particular discipline?

GRIMM also develops custom courseware. Recently, a commercial Internet of Things (IoT) vendor asked GRIMM to build a course to better train their IT workforce in understanding how the attackers think and what techniques they employ against that vendor’s specific technology.

Defensive Automotive Engineering Security Training (AutoSec)

During this 5-day course, participants gain an understanding of the automotive cybersecurity threat-landscape from an attackers perspective. Automotive attack surfaces are highlighted, with a focus on attack techniques -- providing insight into creating defensible designs. Attendee benefit from hands-on offensive exercises in a lab environment. These exercises are designed to ensure each student comprehends real-world exploitation, enhancing the ability to integrate defensive security measures into their vehicle networks.

  • September 16th-20th, 2019: Location is TBD

Training for Software Developers

  • Windows Internals for Developers - This developer-focused windows internal architecture course discusses the components, data structures, and algorithms that make up the core of the Windows operating system.
  • Application Security for Software Developers - This developer-focused course covers over the nuts and bolts of Windows security, cryptography, and proposes a defensive secure application life cycle. Additionally, it covers techniques to defend your software against software cracking and reverse engineering.
  • Software Reverse Engineering - Detailing how compiled code becomes machine language, and the art of reversing that process, this course pushes students to overcome assumption and realize how to make sense out of seeming chaos that is compiled code. Students will see improvement in Vulnerability Research and many other aspects of low-level understanding.

Operating System Internals

  • Linux Internals - This course takes a deep dive into the internals of the Linux kernel from a security perspective.
  • Windows Internals for Security Professionals - This Windows internal architecture course discusses the components, architecture, and internals of the Windows operating system from a security perspective.

Internet of Things (IoT) and Cyber-Physical System (CPS) Security

  • IoT Exploitation - As smart devices become ubiquitous and are necessary for our everyday life, so are the threats to those devices. This course focuses on the common threats to IoT devices and how you can begin to discover and exploit their weaknesses on your own.
  • Defensive Automotive Engineering - Security-minded Automotive Engineers are severely lacking, and most of those who think about security lack the exploitation experience required to be the most effective. This hands-on course teaches how to secure automotive systems by teaching many ways to break those systems. This approach provides students real-world lessons about how to implement secure ECU’s and subsystems. Students will learn how to think about cybersecurity to apply it in pragmatic ways to vehicles, back-ends and infrastructure.

Vulnerability Research and Exploitation

  • Intro to Vulnerability Research - This course goes through typical tactics used for vulnerability research. Students learn how to be successful at bug hunting, including how to select targets (programs), understanding the context of a target, and process for finding and validating vulnerabilities.
  • Advanced Vulnerability Research - This course teaches advanced techniques used for vulnerability research. Attendees build upon the introductory overview class to deep-dive with significant hands-on practice for vulnerability research and an introduction into weaponizing exploits.
  • Software Reverse Engineering - Detailing how compiled code becomes machine language, and the art of reversing that process, this course pushes students to overcome assumption and realize how to make sense out of seeming chaos that is compiled code. Students will see improvement in Vulnerability Research and many other aspects of low-level understanding.
“Automotive cybersecurity is still a fairly new concept, and has a steep learning curve whether you have a background in IT, automotive product development or any other technical field. Looking for a training that could help me get up to speed with certain automotive security methodologies, I decided to attend the GRIMM Defensive Automotive Engineering Security training and am happy I did.  Not only did this training provide clarity on the security implications of common technologies found in vehicles, it also provided a hands-on experience exploiting some of these security flaws.  The instructors (Aaron, Matt, Mitch and Tim) did an excellent job explaining the concepts, guiding us through the labs and using the real-life automotive lab they let us play with.  They also did a great job promoting a laid-back learning environment that resulted in engaging discussions and information-sharing among the attendees. Overall, I would highly recommended this training for any individual in the automotive industry looking to get more familiar with the automotive hacking space.” Tyler H., Product Cybersecurity Specialist

Interested in learning more?

Contact us. A GRIMM representative will reach out as soon as possible.

Thank you! A GRIMM representative will be in touch shortly!
Oops! Something went wrong while submitting the form.
Company
ValuesTeamCareersBlog
Expertise
ServicesIndustriesTraining
Community
Community InvolvementNews & Events
Connect
Contact Request

info@grimm-co.com
+1 (202) 810-3015