Version 7 includes iLabs, vulnerability testing in a real server environment; Frankenstein, a threat code repository; plus new course material and a video archive.
“We train information security professionals, the good guys, in the exact art that is well known to the bad guys”, said Jay Bavisi, president of the EC-Council.
The CEH program is designed to teach the “good guys”, who tend to rely on defensive security, offensive security, Bavisi told Infosecurity. By training the good guys on the unconventional methods used by attackers, they will be better able to defend their organizations.
“Because of the evolution of the hacking industry, there was a tremendous amount of information that needed to be passed on”, Bavisi noted. To incorporate this information, the EC-Council decided to switch to “full pictorial courseware”, he said.
The CEHv7’s iLabs is a subscription based “virtual lab” that allows students to logon to a virtualized remote machine running Windows 2003 Server to perform various exercises featured in the CEHv7Lab Guide.
In addition, Frankenstein provides users with searching, downloading and installation of the latest hacking and penetration testing tools. By using Frankenstein, CEH students can check the release date of a hacking tool, the category under which it is published, probable size of the tool, name of the publisher/author, the website details and technical requirements for the tool to run.
“Frankenstein is a site where we host all of the most dangerous hacking tools that we find in the underground and make them available to IT security professionals. So now if you want to conduct a penetration test in your organization, you don’t have to carry a toolkit because with a password you can get access to all of the hacking tools available”, Bavisi said.
“We think we can make the online world a much safer place by producing some of the best-training ethical hackers that are out there today”, Bavisi concluded.