2 FULL DAYS ONLINE TRAINING

20-21/4/2020

Practical Embedded Security Hands On Course

Attack & Defense Techniques

Secure Development Practices

Hands On Experience

Embedded Security Specialist Certificate

Meet Lior Yaari

Security Researcher and consultant focusing on embedded devices security

Lior started his Security career at the military cyber corps, where he served as an officer for 6 years.

He specialized in automotive ECU hacking, working as a vulnerability researcher for Cymotive Technologies and VW Group.

Lior is an international speaker and trainer for embedded security and secure development. His training was selected for international conferences such as: Hack In The Box (Amsterdam, Singapore), DeepSec (Vienna), x33fcon (Gdynia) and DakotaCon (Madison SD).

You Will Learn How To

01

Understand Famous IoT Attacks and
Vulnerability Types 

02

Protect from Memory Corruption Vulnerabilities

03

Avoid Mistakes in Cryptographic Security Mechanisms

04

Prepare for 
Embedded Devices Attacks

Full Agenda

Day 1

Day 2

20/04 - 9:30 - 17:30 *(CET)

21/04 - 9:30 - 16:30 *(CET)

Introduction to Embedded Security:

  • Famous IoT attacks

  • Vulnerabilities types and classification

Memory Corruption Vulnerabilities:

  • Complied programs memory layout

    • Stack​

    • Heap

    • Globals

  • Buffer Overflows + Lab

    • Stack Overflows​

    • Heap Overflows

  • Protection Mechanisms + Lab​

    • DEP

    • ASLR

    • Stack Canary

​​

Advanced Vulnerabilities:​​

  • Format String Attacks + Lab

  • Integer Overflows + Lab

  • Command Injections + Lab

  • Daily Summary

Cryptographic Security Mechanisms and Their Risks:

  • Hashes + Lab

  • Encryption + Lab

  • Signatures

  • Certificates

  • Password Breaking Lab

Embedded Devices Attacks:

  • TOCTOU Attacks + Lab

  • SPI Intrusion + Lab​​

  • Memory Swaps + Lab

  • Glitching 

Final Exercise – Hacking a Secure Boot System

  • Detecting & Fixing Buffer Overflows

  • Identifying Architecture Issues 

 

Embedded Security Specialist Certificate

will be given upon completion of lab exercises

What People Say

I know more than i thought i did! - interesting aspects for the physical and lower level weaknesses. Excellent workshop.
- David S.
Embedded Software Developer at a Medical Devices Company

DeepSec 2019

Featured on

1_vG5uPKC1QCb3gor8jf1ydA.png
D21KA1dWkAAQgMN_edited.jpg
154d-300x225.jpg
Questions & Group Signups
arrow&v

Schiffgraben 24, 30175

Hannover, Germany

Tel: +49 176 439 17074     |     info@zyberum.com

  • LinkedIn
  • White Facebook Icon
  • White Twitter Icon

Seats are limited!

Please sign up early to ensure your ticket.