If you want to beat the attackers, you’ve got to think like a hacker. That’s the premise of computer security company Foundstone’s four-day Ultimate Hacking course. Using Foundstone’s self-contained network to hack into simulated systems, class participants learn the vul-nerabilities of their own systems through the eyes of an attacker. This perspective reveals a new world of weaknesses, says George Kurtz, CEO of the Irvine, Calif.-based company. “We’ve actually had people run out in the middle of class to call their system administrator to make some changes on the fly,” he says. But mostly they’re riveted to their seats by topics like footprinting, Unix security, protecting Windows, and firewalls and other esoteric techniques, all covered in the US$3,500 class.
Steve Peters, a senior security engineer in Herndon, Va., for the Chicago-based Marchfirst, a global professional services company, took the course last November because he was looking for ways to protect his company from cybersabotage. “The course gives you the ability to keep ahead. I was definitely able to make changes and recognize different avenues that malicious people could take if they wanted to break into the network,” he says.
To ensure that students use this newfound knowledge for good, Foundstone requires them to sign legal forms indicating they will use the techniques only for internal purposes. A signed piece of paper is not going to stop a hacker bent on mischief, although the price tag of the course might.