Welcome to GTRA

HackThat courses and curriculum are designed specifically for you based on consultation with GTRA to identify your top security training needs. Based on this research, GTRA will present suggested course options for you to select from and design your unique HackThat training program.

Courses delivered through HackThat are developed in real-time so ensure that the examples, case studies, and reference points used during training are current and cutting-edge. Our highly-skilled, professional and experienced educators will tailor courses specifically to meet the needs of your organization.

 

HackThat instructors have training expertise in the following critical security areas:

 

• Continuous Monitoring
• Network Forensics
• Advanced Persistent Threat (APT)
• Security Testing Methodologies
• Malware
• FISMA C&A
• Vulnerability Assessments
• Exploitation for Risk Mitigation
• Risk Management
• Wireless/Mobile Security
• Developing Effective Cyber Security Training Programs for your Workforce

 

Below are examples of courses offered through HackThat.

"Advanced Persistent Threat" (APT) refers to advanced and normally clandestine means to gain continual, persistent intelligence on an individual, or group of individuals such as a foreign nation state government or corporation. We will demonstrate the techniques used by attackers as well as the dangers and benefits of intelligence gathering. This workshop aims to build intelligence on the importance of enterprise information protection and where the leaks exist in technology, policies, procedures and the human factor.

What value do Vulnerability Assessments and Exploitation provide? What are some of the most cutting edge Security Testing Methodologies out there? This workshop will:

1. Explain in detail the advantages and disadvantages of Vulnerability Assessments. Understanding the output of tools and reports is key for proper risk management of compliance. In this workshop we will perform Vulnerability Assessments with a number of tools and review the output to better understand the true risk to your organizations infrastructure.
2. Be an opportunity for attendees to listen to all of the current concerns and issues surrounding exploitation and verification versus the usual "assessment" and see LIVE demonstrations to better understand how to perform manual versus automated penetration-testing. We will be discussing how to safely exploit vulnerabilities in a target network, replicating the kinds of access an attacker could achieve, and proving the actual risks that must be mitigated.
3. This workshop will review the options for doing security testing and the methodologies used by professionals around the world for performing security tests and metrics. It will cover the management of risks across information and data controls, personnel security awareness levels, fraud and social engineering control levels, computer and telecommunications networks, wireless devices, mobile devices, physical security access controls, security processes, and physical locations such as buildings, perimeters, and military bases.

The focus of this workshop is on the technical details of exactly which items need to be tested, what to do before, during, and after a security test, and how to measure the results.

Much has been said about FISMA. How do you know what to believe? Laura Taylor dispels much talked about myths and provides an executive overview of what it means to comply with FISMA and the key components of a compliance program. This session is applicable to private industry, government, and universities.

Through classroom instruction and practical hands-on exercises, this two-day workshop will teach you how to conduct basic and in-depth network forensic investigations to monitor and defend your organization’s network against advanced network attack methodologies, and find the roots of external and internal security problems in the network data. This two-part course provides the valuable knowledge needed to improve your incident response process by creating “situational awareness” within your incident response team, including the ability to expose covert network communications channels, detect of data leakage, discover zero-day malware, and find other unauthorized network activity and emerging threats. At the end of this workshop, attendees will leave better equipped to identify and respond to advanced network attack activity, perform in-depth network-based investigations and analysis, continuously monitor the status of critical security controls, lower risk and save time and resources by resolving network security problems more quickly, and properly preserve evidence to assist management or law enforcement.