Overview
In this comprehensive course on Applied Attack Surface Analysis and Reduction, we delve into the strategic significance of performing an organization’s potential attack surfaces and how to reduce threats and vulnerabilities on it strategically. This course aims to equip professionals from risk management, threat intelligence, vulnerability management, red and blue teams, security engineers, and more with an in-depth understanding of attack surface analysis and reduction methodologies and techniques.
To start off the course, we will introduce the idea of an attack surface and delve deep into the field of attack surface analysis. An important aspect of this analysis is understanding how it provides a comprehensive and strategic perspective on an organization’s overall attack surface.
As we progress, we learn how to determine an organization’s attack surface and establish or utilize metrics to measure the extent of the attack surface, employing methodologies like the layered-defense model, crown jewel first, and PPT (People, Process, Technology). The focus will be on uncovering weaknesses and threats within both digital and physical attack surfaces through practical demonstrations.
In this course, you will gain a detailed understanding of how to effectively apply various methodologies and techniques in various business sectors such as retail, banking, and logistics as an example. With this, you will be able to confidently and accurately analyze your own business, identifying potential vulnerabilities in the attack surface.
In the later part of the course, we will explore different techniques for prioritising risks. We will also address the dynamic nature of the attack surface and learn how to adjust to its changes. Additionally, we will be introduced to strategies that help reduce the attack surface, including the implementation of strong mitigating controls, the principles of Zero Trust, and methods for simplifying and eliminating complexities.
At the end of the course, we will go through various attack surface analysis tools that are free and open-source as a part of the examples. Additionally, we offer a roadmap for those who wish to pursue further education by exploring EC-Council's Certified Chief Information Security Officer (CCISO) Program. By finishing this course, participants will possess the skills to perform comprehensive attack surface analyses and implement strong measures to reduce an organization’s attack surface. This will ultimately enhance the organization’s cybersecurity posture.
Instructor
Chintan Gurjar is a highly experienced cybersecurity expert with over 12 years of dynamic experience. Chintan specializes in various areas, including vulnerability management, threat intelligence, penetration testing, and attack surface management. He has worked with a diverse range of clients, from agile consulting firms to large-scale retail orga See More information
Chintan Gurjar is a highly experienced cybersecurity expert with over 12 years of dynamic experience. Chintan specializes in various areas, including vulnerability management, threat intelligence, penetration testing, and attack surface management. He has worked with a diverse range of clients, from agile consulting firms to large-scale retail organizations on a global level.
Chintan possesses a wealth of core competencies, including Risk-Based Vulnerability Management, Penetration Testing & Red Teaming, Attack Surface Management, Threat Intelligence, and proficiency in Security Operation Center & SIEM. He has held esteemed roles such as Global Senior Vulnerability Management Analyst at TikTok, Security Engineering Manager at Tesco, and Cybersecurity Manager at KPMG. Chintan's academic credentials are equally impressive, with an MSc in Computer Security & Forensics from the University of Bedfordshire and a B. Tech in Computer Engineering from Gandhinagar Institute of Technology. He also carries numerous industry certifications, including OSCP, CEH, CTIA, CCFH, CCFA, and SANS MGT516.
Apart from being an expert in his field, Chintan is also a recognized leader. He serves as a member of the Board of Advisors at the Sri Sri School of CyberPeace Foundation and has co-trained at the prestigious HackCon Norwegian cybersecurity conference. His contributions to the cybersecurity domain have earned him recognition in multiple Bug-Bounty programs and official CVE entries for identifying key vulnerabilities. Given his vast expertise and commitment to the field, Chintan is the ideal guide to navigate learners through this comprehensive course on Applied Attack Surface Analysis and Reduction.