Cybersecurity Training

Chiron's Cybersecurity Model provides products and services in five key areas that address core cybersecurity needs. We work with our clients to Identify, Protect, Detect, Respond, and Recover from cyber threats, helping to eliminate worry so they can focus on running their business.

There is no such thing as one size fits all cyber training. Chiron uses a mission-driven, state-of-the-art training process for cyber professionals that uniquely customizes each work-role certification to address specific customer needs and requirements. Unlike conventional simulation trainings, our classes are held in a laboratory-like setting that is unrestricted by the rigid network security constraints that often limit the hands-on training exercises required to turn out truly qualified professionals equipped for real-life cyber threats.

This new way of cyber training enriches and enhances the learning experience by leveraging everyday challenges that the cybersecurity professional faces in the field.

Credibility

As a top advisor and steady consultant for the Department of Defense for more than a decade, we have established a strong and reliable track record as a leader in the cybersecurity training industry. We have leveraged that solid history to build our customized approach to training. Our elite level of expertise, once only available in the public sector, is now available to private sector industries. Today, we work with leading financial and healthcare institutions to establish protection of their vital information, critical facility systems and functions from cyber-attackers.

Our Instructors

All training courses are taught by highly qualified instructors with specialized training and field experience.

Instructors are subject-matter-experts in the topics presented and offer a world-class learning experience for cyber professionals who are looking to add depth and immediately applicable knowledge to their skill base.


Train Like You Fight Methodology

Our "train like you fight" mantra drives every simulation strategy. Our team of instructors bring their years of relevant, real-world experience into our training process - providing high-level tactics in these core areas:

  • Offensive and defensive cyber operations
  • Advanced threat simulation
  • Network forensics and threat analysis
  • Malware reverse engineering
  • Training Environment

Our cyber program trainees are challenged and tested with real scenarios based on today's dynamic, agile and ever-evolving cyber environment.


Training Approach

Chiron takes a direct and transparent approach to training which delivers comprehensive results. More than a mere pass/fail score, we provide specific, in-depth post-training analysis regarding what each cyber professional is ideally fit to do and the areas of unique specialty where they most excel.

Consider it a "personality assessment" for your professional skills.

Training Curriculum

We don't train from a textbook. Our curriculum is constantly evolving to meet the demands of our clients by anticipating new threats and designing innovative solutions that set the trends for the industry.

Our training content is continually updated to reflect the most current technological advances and developments in the world of Computer Network Operations.

Training Courses

All courses provide hands-on application and implementation, each concluding with a simulation exercise that tests and solidifies knowledge and techniques taught during the course.

Upon completion of our training program, graduates emerge not just trained to pass a test but ready to tackle real world cyber issues.


Course Descriptions

Digital Media Forensics I

40 hours / 5 days

Course Objective:

To teach prospective forensics examiners the approach to media exploitation with analytic workflow in mind.

Description:

This course is designed for introducing prospective forensics examiners how to approach media exploitation (MEDEX) with analytic workflow in mind. Students will focus on extraction of useful and actionable intelligence immediately available for injection into collateral and corporate databases, and bridges the gap between the rapidness of tactical exploitation needs and the complexity of media exploitation. Students work on multiple case files in a hands-on environment leveraging multiple tools such as EnCase Forensic Edition, Sleuthkit, Linux dd and more.


Digital Media Forensics II

40 hours / 5 days

Course Objective:

Building on the coursework of the Digital Media Forensics training, this course dives deeper into the advanced methods of media exploitation.

Description:

Students participate in multiple exercises that examine devices in a virtual environment, acquire data over a network and stress the importance of memory forensics during live analysis. A variety of tools will be used in an inclusive forensics toolbox consisting of commercial applications, open-source methods and advanced techniques in order to accomplish complex tasks associated with thorough digital media examinations.


Mobile Device Exploitation

80 hours / 10 days

Course Objective:

This comprehensive course is designed to provide analysts, cyber professionals and enthusiasts with an in-depth look at the iOS and Android operating systems and vulnerabilities.

Description:

Students will learn how each operating system functions, where critical files are located and how to gain interactive access to the device both locally and through remote attacks. The course ends with a two day culmination exercise that challenges the students to apply all of the skills learned.


Cyber Operations Training (COTC)

200 hours / 25 days

Course Objective:

A highly intensive, five week course designed to take cyber professionals through a wide variety of topics relevant to operationally-focused cyber missions within the offensive and defensive arenas.

Description:

Throughout five weeks of interactive and practical instruction, students will focus heavily in the areas of TCP/IP stack, deep-packet analysis, network forensics, Windows and *Nix operating system fundamentals, malware triage, exploitation methodology and techniques, and post-compromise forensics of remote hosts. The course concludes with a 2 ½ day culmination exercise designed to challenge and assess the knowledge, tradecraft and skills learned.


Computer Network Exploitation (CNE) Boot Camp

56 hours / 7 days

Course Objective:

This intense, hands-on course takes cybersecurity professionals through each stage of offensive operations methodologies using tradecraft, stealth and detection avoidance as the key principals.

Description:

This course offers a thorough, complete and up-to-date curriculum in topics such as: open-source and passive targeting and information gathering, vulnerability scanning and reconnaissance, remote and client-side exploitation, and advanced post-exploitation techniques. The course concludes with a comprehensive Capture-the-Flag competition designed to challenge and assess the knowledge, tradecraft and skills learned.


CNO Attack and Defend

40 hours / 5 days

Course Objective:

This rigorous course is designed to take participants through a wide variety of topics relevant to operationally-focused cyber missions within the offensive and defensive arena.

Description:

This course focuses heavily on deep packet inspection, statistical flow record analysis, post-exploitation forensics, intrusion detection, network tunneling, and malware network behavior. Students' experience will conclude with a two-day intense culmination exercise designed to replicate today's operational challenges in both offensive and defensive space to reinforce topics taught throughout the course.


Wireless Exploitation and Attack

40 hours / 5 days

Course Objective:

This course takes students through the most common and current techniques for gaining access to a wireless network.

Description:

Each student will learn the latest exploits and use the most effective tools to perform such techniques as secure man-in-the-middle attacks through wireless hotspot impersonations, exploiting weaknesses in Wi-Fi Protected Setup, and how to correctly secure networks using properly configured enterprise-grade authentication.


CNO Exploit Capabilities (Developer's Course)

40 hours / 5 days

Course Objective:

This five day course is designed to take participants through the steps needed to develop their own exploits on both Windows and Unix-based operating systems.

Description:

Students will create custom exploits against applications, learning to how to fuzz the application’s inputs to find a vulnerability and successfully execute arbitrary code on the system. On the last day, students will be challenged with a culmination exercise that tests their skills learned throughout the course.


Reverse Engineering Malware

40 hours / 5 days

Course Objective:

Teaches the fundamentals of malicious code analysis beginning with the configuration of a malware analysis lab in order to gain an understanding of the components of a malware analysis toolbox and how each component contributes to either behavioral or code analysis techniques.

Description:

Malware analysis is not just about tracing code, but also about understanding the effect on its environment. Exercises are used throughout the course to examine the effects of various types of malware that run natively on a Windows platform, such as botnets and rootkits. Students will be challenged to analyze the entirety of an event using behavior analysis techniques. Students will learn to create signatures based off malicious code and develop techniques to discover and prevent that type of malicious code from entering and spreading through their own networks.


Python Programming

40 hours / 5 days

Course Objective:

A concentrated course that arms cyber trainees with the skills and knowledge to leverage the Python programming language in everyday computer network operations (CNO).

Description:

Students will use real-world CNO techniques ranging from creating a password cracking tool to setting up client-server applications. On the final day, students will be challenged with a multi-level culmination exercise aimed at reinforcing all the skills and know-how gained throughout the course.


Python for Exploiters

40 hours / 5 days

Course Objective:

An intense five day development course which challenges participants to implement their own custom framework for use during penetration testing and other activities.

Description:

This course challenges students to implement their own custom attack frameworks to use for penetration testing and other similar activities. Students no longer need to rely on a framework written and designed by someone else during course assignments because they will use a tool that they created - free of known and compromising signatures. The topics covered range from simple scanners to custom browser exploitation to privilege escalation, all built into a custom framework. On the final day, students will be challenged to use their newly created attack platform in a live assessment that involves designing and developing new features on-the-fly to handle new challenges within the assessment range.


PowerShell for Red Teaming (PRT)

40 hours / 5 days

Course Objective:

This course is based on the methodologies and processes used by professional government and corporate penetration testers, but with a strong emphasis on utilizing Windows Powershell to leverage the .NET framework and Windows Management Instrumentation.

Description:

Course material focuses on scanning, host enumeration, remote and local exploitation, as well as tool building and scripting. Students will focus on avoiding detection by users or security on a target, process analysis, redirection and tunneling, as well as maintaining persistent presence. This course is very hands on, with each section being reinforced with multiple labs, and concludes with a culmination exercise to challenge the skills and knowledge the students gained.


Cyber Threat Emulation (CTE)

80 hours / 10 days

Course Objective:

This course focuses on the methodologies and processes used by professional "Red" teams in government and corporate spaces.

Description:

This CTE course was developed around the behaviors and techniques used by malicious network attackers, while maintaining focus on professional testing and ensuring the integrity and security of information assets. The focus is on information gathering, scanning and service enumeration, mapping, remote and local exploitation and reporting. Trainees will be exposed to and learn advanced penetration testing using advanced persistent threat techniques. CTE perfects the skills needed to effectively identify protection and mitigation strategies and optimize security controls appropriate for the organization.


Discovery and Counter-Infiltration

80 hours / 10 days

Course Objective:

This course focuses on the methodologies and processes used by professional "Hunt" teams in corporate and government spaces.

Description:

Instructors, with multiple years of Hunt experience, use open-source tools to teach students the necessary skills to successfully identify malicious behavior not caught by traditional security products. Students will set up security products like McAfee, Security Onion, OSSEC, and other tools with a mock network to ensure they understand the capabilities of traditional security measures, as well as the gaps. They will provide written reports for each behavior they identify, build target profiles based off their findings and use timeline analysis and log analysis to map out and professionally report an incident.


Mission Protection

80 hours / 10 days

Course Objective:

This two week instruction focuses on the methodologies and processes used by professional "Blue" teams in corporate and government spaces.

Description:

Instructors use open-source tools to teach students methodologies of securing a network and its hosts. Students will learn the necessary skills to successfully identify the customer's network and critical nodes, protect the network through extensive configurations management and log analysis, detect anomalies and respond to incidents. Each section of the course will cover network devices, Unix and Windows Operating Systems and policy.