Train your team

to understand the TTPs of the adversary. Enable your team to execute breach and attack simulations as well as prevention and protection techniques to outplay your adversary.

In-House Training

Our team of experts is available to provide private on-site training sessions to your organization. This is the best way for your team to get one on one time with the instructors and gain a deep understanding of the training content. We will provide all of the training materials, as well as laptops and classroom locations if needed. If you are interested, please contact us!

We provide these courses as in-house training for interested companies, organizations and/or groups. Our training was created to be applicable to:

  • Red Teamers & Penetration Testers

  • Blue Teamers & Security Professionals, who wish to see the offensive side

  • Site Reliability Engineers (SREs) & System Administrators, who work with cloud technologies

Please contact us to get the conversation going about our in-house training services!

Live Venue Training

We offer onsite, online, and custom training offerings.  S2 provides end-user as well as operator specific training throughout the world and delivers cutting edge hands-on practical training at cyber security conferences such as BlackHat, DefCon, and BSides.

Past live events:

  • Salt Lake City/Lehi, Utah; July 11-12, 2019; Astute Hunting in the Cloud - Bring the Thunder!

  • Las Vegas, Nevada; BlackHat USA 2019 - August 3-4; Astute Hunting in the Cloud - Bring the Thunder!

  • Las Vegas, Nevada; BlackHat USA 2019 - August 5-6; AWS and Azure Exploitation - Making the Cloud Rain Shells!

  • Alexandria, Virginia; BlackHat Trainings 2019 - October 17-18; Astute Hunting in the Cloud - Bring the Thunder!

  • London, UK; BlackHat Europe 2019 - December 2-3; AWS and Azure Exploitation - Making the Cloud Rain Shells!

  • Salt Lake City/Lehi, Utah; December 12-13, 2019; AWS and Azure Exploitation - Making the Cloud Rain Shells!

Our Trainers

The Stage 2 Security team of trainers are industry experts who are focused on providing you with the best experience possible when you attend a training course. Our trainers hold various certifications (e.g. OSCP, GPEN, CISSP, …) and have spoken at several other cybersecurity conference (e.g. BlackHat, DerbyCon, Bsides*). Each of our trainers has a deep passion for cybersecurity that drives them to research and develop real-world tools and techniques which are shared throughout the training experience.

In-House Training Courses

 

AWS & Azure Exploitation: Making the Cloud Rain Shells!

Stay frosty within AWS and Azure environments with this fast-paced and hands-on course which teaches each participant the Tactics, Techniques, and Procedures (TTPs) needed to infiltrate and expand access within cloud platforms.

In this course you will:

  • Exploit serverless (e.g. Lambda) applications for initial access into targets

  • Pivot between data and control planes to expand access (e.g. secrets, snapshots)

  • Evade and disrupt cloud logging platforms (e.g. CloudTrail) to remain undetected

  • Breach and backdoor boundaries (e.g. VPCs) to access hard to reach systems

  • Leverage stealthy persistence techniques to ensure long-term access (e.g. session tokens)

  • Compete to see who is the best with our hands-on Capture the Flag (CTF) tournament

AWS, Azure, & GCP Exploitation II: Boomeranging Lightning Bolts Back At The Cloud!

Stay frosty within AWS, Azure, & GCP environments with this sequel to the best selling training at BlackHat Europe! This is a fast-paced and hands-on course which teaches participants the Tactics and Techniques needed to infiltrate and expand access within cloud platforms. 

 

In this course you will:

  • Automate your Red Team’s Recon via Leveraging AWS Serverless Technologies

  • Gain access and pillage data via Azure’s Internet of Things (IoT) Cloud Services

  • Expand access via Docker & Kubernetes (K8s) services within GCP

Live Venue Training Courses

 

Astute Infrastructure Red Teaming - Commandeering the Fleet

Stay frosty by (ab)Using Configuration Management (CM) systems (e.g. WSUS, jamf, Puppet, Chef, SaltStack, Ansible, etc...) to expand access within modern macOS, Linux, & Windows environments. This fast-paced and hands-on course teaches participants the Tactics, Techniques, and Procedures (TTPs) needed to infiltrate and expand access throughout various CM systems.

In this course you will:

  • Gain access to client-side endpoints (e.g. macOS) & create a TLS tunnel (via SOCKS)

  • Expand access onto Linux servers via piggybacking off SSH connections

  • Learn how to avoid osquery detection and bypass other EDR solutions

  • Exploit & Pivot through various Configuration Management (CM) systems (e.g. WSUS)

Compete throughout the course in our hands-on Capture the Flag (CTF) tournament!

Next scheduled course: Black Hat 2020 (August 3-4, 2020 - Las Vegas, NV)

LOCATIONS

Virginia (D.C. Area)
1660 International Dr
Suite 600
McLean, VA 22102

New York

95 Public Square

Suite 201

Watertown, NY 13601

Utah

2901 Bluegrass Blvd

Suite 200-36

Lehi, UT 84043

QUICK LINKS

CONTACT US

Call Us
Email Us

© 2020 Stage 2 Security LLC

CONNECT WITH US

  • Stage 2 Security Twitter
  • Stage 2 Security LinkedIn