RangeForce Content Rewind | August 2021

Welcome to the RangeForce Content Rewind. In August, we added 25 modules to the RangeForce platform to continue supporting your cybersecurity training needs.

With all-new training being added to the RangeForce platform each week, we wanted to take a moment and highlight some of the new modules available on the platform.

Take a look at the list below to get acquainted with our top additions from the past month. Be sure to give our new modules a try and let us know what you think!

New Training Modules

Battle Path: IoT Security Practitioner | This new Battle Path has been added to educate learners on Internet of Things, which enables data to be quickly collected and analyzed on a large scale. The data handled by IoT systems is oftentimes acquired, processed, and presented using new technologies. Because these new technologies are rapidly evolving, concerns exist over data privacy and cybersecurity. Here are a few of the new modules you can find in this Battle Path:

• Map the IoT Attack Surface | As an IoT Security Practitioner, one is responsible for protecting the security and privacy of organizations and personnel using IoT systems. A strategy is needed to break this task into solvable problems, which a risk management approach will help accomplish.
• Protect Data in Motion / at Rest / in Use | Data may be vulnerable at all stages: moving across networks, in storage, and in active processing. Vulnerabilities could allow for data to undergo unauthorized viewing or modification. Learners will need to learn strategies for protecting data at all points.
• Implement Secure Authentication / Authorization | IoT systems need to establish the identity of users before allowing access to IoT resources, which is done through authentication. Once access is granted, the next step will be gaining the right to perform tasks on the host through authorization.

Battle Path: Junior Penetration Tester | This new Battle Path goes through all the stages of a Penetration Test. These tests act as authorized simulated cyberattacks on a computer system, performed to evaluate the security of the system. The following are a few examples of the modules you can find in this Battle Path:

• Introduction to Threat Modeling | This module will look at threat actors which learners will potentially deal with in the future, as well as the importance of when and why threat modeling is used.
• Windows Microsoft Office Macro Malware | Microsoft Office documents including Word, Excel, PowerPoint, etc. can contain embedded code, also known as macros. These codes are usually written in Visual Basic for Applications (VBA). Learners will learn how to craft a malicious document and how it is delivered to the target computer.
• Pentest Reporting and Delivery | An explanation of the different types of pentesting formats and why they are needed. Learners will also get to look at techniques used in reporting, depending on the intended audience.

x86 Calling Conventions – Microsoft x64 | This module will teach the Microsoft x64 calling convention, which works as a scheme for how subroutines receive parameters from their caller and return a result. Users will also learn how floating-point values are passed in the Microsoft x64 and System V calling conventions.

Introduction to OSINT | Open Source Intelligence (OSINT) is the use of publicly available sources of data for collecting information. Learners will obtain an introduction to methods in conducting OSINT research, as well as finding information about an attacker who sent out a phishing email.

Java Reverse Engineering | Learn how to reverse engineer Java applications, keeping in mind Java as one of the most popular programming languages in the world.

SASE Overview | Organizations are now allowing more of their workforce to work remotely full time, while keeping in mind securing the data remains critical. This module gives an overview to Secure Access Service Edge (SASE) platforms and the role they play in successful remote work.

Elastic: Osquery | Osquery provides a universal interface for querying information from a host, which exposes the host’s system information as a relational database. Elastic Stack has an integration called Osquery Manager, which learners will utilize to run live and scheduled queries on the hosts.

Additional Modules

Additional modules added in the last month include x86 Calling Conventions – System V ABI, Elastic: Packetbeat – Log Analysis, Boot or Logon Autostart: Registry Run Keys Detection, Ansible: Inventory, WMI Introduction, Mshta Introduction, Elastic: Elastic Agent – Installation on Linux, Boot or Logon Autostart: Registry Run Keys Introduction, Ansible: Ad-Hoc Commands, x86 Calling Conventions – cdecl, RansomEXX Ransomware TTP, Mshta Detection, Wireshark Exercise, Scheduled Tasks Detection, Compiler Security Features, Compiler Optimizations, Ansible: Sensitive Data Handling, Vim Usage: Advanced, and Rundll32 Introduction.

As RangeForce adds new content, we also make platform enhancements to improve the experiences of our Learners and Admins. Our user feedback is critical to these changes. Here’s a few highlights from the past month that we’d like to share with you:

• Admins can now view their Members, Teams, and Licenses all within the Organization tab. This includes the capability to suspend or switch the team of any learners necessary.
• Admins now have the ability to assign training plans to either an entire team or individual learners. Training plans can still include full courses as well as individual modules with or without a due date. Training plans are a great way to engage users in our wide range of content.

If you’re interested in learning more about the RangeForce platform or seeing our full course catalog, request a demo here or contact our sales team at sales@rangeforce.com.