Exploitation of Embedded Devices

Introduction to Embedded System Exploitation

Embedded hardware is everywhere you look today – from your vehicle’s infotainment system to refrigerators to medical devices and everything else in-between. With so much exposure one would think that such devices are secure against attack; however, sadly for a large number of devices this is not the case. For proof, just look no further than your local news reports. They are full of reports on devices being hacked into.

So, as engineers, how do we go about first identifying and mitigating (or capitalizing) these potential security vulnerabilities within these devices? The answer to this question, and the subject of this seminar, is through the reverse engineering of the hardware itself. This seminar is a combination of lecture and hands-on exercises which will conclude with the students attempting to attack and defeat a custom embedded device.

Contact us

Software Assurance

Organizations are becoming increasingly aware of the importance of developing secure software. These classes introduce the student to the concepts of software assurance, which have direct application in all software industries, including automotive and aerospace sectors. Students gain an appreciation of the technical challenges associated with software assurance and develop the technical skills necessary to engineer secure software. Laboratory exercises reinforce the principles taught in the course, and give students an opportunity to develop their skills.

Learn More

DoD Weapon Systems Security

Cyber Security Essentials for DoD Weapon Systems

Students are introduced to threats that exist for our increasingly sophisticated DoD weapon systems with a foundation for strategies to reduce and combat those threats. Through real-world examples, students learn how attackers can exploit weapon systems, and develop the fundamentals of relevant cyber security, along with supply chain risks, system weaknesses, and operational implications. These concepts are critical for anyone involved in the designing, testing, evaluating, assessing, commanding or operating DoD weapon systems.

Learn More

Employee Awareness

An organization’s livelihood is in large part dependent on its ability to grow and protect its most critical assets: employees, customers, sensitive information, revenue, reputation and supporting infrastructure. Given the investment most companies make to develop these assets, protecting them should be a continuous priority. While controls are established to limit access to systems and information and ensure authorized availability, many of these same controls can be easily bypassed by exploiting one of the weakest links in any corporate security chain: the employee. Employees are often not security conscious, and/or bypass security controls out of laziness and/or the pressure to be productive.

While some organizations provide reminders and internal information security training, the employee often focuses more on “checking the box” than actually retaining and implementing the information they have been provided. What does all of this mean? Employees unnecessarily take and introduce risks to their employer and critical assets. This is where AIS can help.

We provide practical information security awareness training that is delivered in a straightforward, relaxed and interactive manner. Attendees are exposed to relevant information that can be seamlessly converted into proactive action within their professional and personal lives, all with minimal impact on productivity. Our training encompasses both cyber and physical elements and demonstrates the impact by highlighting actual techniques that criminals utilize to gain unauthorized access to, and/or disrupt the availability of, critical assets. AIS’s Information Security Training is completely customizable to an organization’s specific needs, including target audience, executive leadership, management, employees, partners and vendors.

Contact us to learn more, as we are confident that our training will help protect your organization’s critical assets.

Contact us

Custom Training

AIS provides custom training courses in a number of different areas related to cyber and security. Whether it’s a pre-existing training course, or one developed from scratch to support your organization’s unique needs, contact us to learn how we can help. In addition to having qualified staff on hand to deliver our training, our diverse offering of cyber and security services is supported by industry leading employees who possess strong backgrounds in computer science, engineering, and cyber security. In fact, many of these same employees also teach at various colleges and universities. With all of this expertise, we are confident that AIS can develop and deliver a quality course that exceeds your expectations.

Sample training topics include:

  • Secure software design and development
  • Cyber security assessments
  • Security configuration reviews
  • Penetration testing
  • Application security assessments
  • Hardware hacking
  • Red Team assessments
  • Cyber investigations
  • Forensics and eDiscovery
  • Policy design and development approaches
  • Security awareness for executive leadership, management, and employees

Contact us today about these or any other topics you may be interested in.

Contact us