Training

GRIMM offers off-the-shelf (OTS) courses developed in-house to train hardware and software developers, engineers, penetration testers, forensic investigators, vulnerability researchers, security auditors, and general IT professionals to better understand how an attacker might attack and exploit an organization’s systems, networks, or devices. These courses are “hands-on” so students understand by doing it themselves.

GRIMM's Defensive Engineering Training is August 27 - 31, 2018.

Sign Up Now!

Custom courseware can be developed to meet your specific needs.

GRIMM develops custom courseware for organizations with unique needs. In the past, GRIMM has developed courseware for commercial Internet of Things (IoT) vendors who are interested in better training their IT workforce to build security into development practices by understanding how the attackers think, and what techniques they employ against that vendor’s specific technology. Typical courseware development can take up to eight weeks to develop.

Training for Software Developers

  • Windows Internals for Developers - This developer-focused windows internal architecture course discusses the components, data structures, and algorithms that make up the core of the Windows operating system.
  • Application Security for Software Developers - This developer-focused course covers over the nuts and bolts of Windows security, cryptography, and proposes a defensive secure application life cycle. Additionally, it covers techniques to defend your software against software cracking and reverse engineering.
  • Software Reverse Engineering - Detailing how compiled code becomes machine language, and the art of reversing that process, this course pushes students to overcome assumption and realize how to make sense out of seeming chaos that is compiled code. Students will see improvement in Vulnerability Research and many other aspects of low-level understanding.

Operating System Internals

  • Linux Internals - This course takes a deep dive into the internals of the Linux kernel from a security perspective.
  • Windows Internals for Security Professionals - This Windows internal architecture course discusses the components, architecture, and internals of the Windows operating system from a security perspective.

Internet of Things (IoT) and Cyber-Physical System (CPS) Security

  • IoT Exploitation - As smart devices become ubiquitous and are necessary for our everyday life, so are the threats to those devices. This course focuses on the common threats to IoT devices and how you can begin to discover and exploit their weaknesses on your own.
  • Defensive Automotive Engineering - Security-minded Automotive Engineers are severely lacking, and most of those who think about security lack the exploitation experience required to be the most effective. This hands-on course teaches how to secure automotive systems by teaching many ways to break those systems. This approach provides students real-world lessons about how to implement secure ECU’s and subsystems. Students will learn how to think about cybersecurity to apply it in pragmatic ways to vehicles, back-ends and infrastructure.

Vulnerability Research and Exploitation

  • Intro to Vulnerability Research - This course goes through typical tactics used for vulnerability research. Students learn how to be successful at bug hunting, including how to select targets (programs), understanding the context of a target, and process for finding and validating vulnerabilities.
  • Advanced Vulnerability Research - This course teaches advanced techniques used for vulnerability research. Attendees build upon the introductory overview class to deep-dive with significant hands-on practice for vulnerability research and an introduction into weaponizing exploits.
  • Software Reverse Engineering - Detailing how compiled code becomes machine language, and the art of reversing that process, this course pushes students to overcome assumption and realize how to make sense out of seeming chaos that is compiled code. Students will see improvement in Vulnerability Research and many other aspects of low-level understanding.
“Automotive cybersecurity is still a fairly new concept, and has a steep learning curve whether you have a background in IT, automotive product development or any other technical field. Looking for a training that could help me get up to speed with certain automotive security methodologies, I decided to attend the GRIMM Defensive Automotive Engineering Security training and am happy I did.  Not only did this training provide clarity on the security implications of common technologies found in vehicles, it also provided a hands-on experience exploiting some of these security flaws.  The instructors (Aaron, Matt, Mitch and Tim) did an excellent job explaining the concepts, guiding us through the labs and using the real-life automotive lab they let us play with.  They also did a great job promoting a laid-back learning environment that resulted in engaging discussions and information-sharing among the attendees. Overall, I would highly recommended this training for any individual in the automotive industry looking to get more familiar with the automotive hacking space.” Tyler H., Product Cybersecurity Specialist

Are you interested in learning more about training?

A GRIMM representative will reach out as soon as possible.

Thank you! A GRIMM representative will be in touch shortly!
Oops! Something went wrong while submitting the form.