Profile picture
Daniel Cuthbert @dcuthbert
, 11 tweets, 3 min read Read on Twitter
Busy doing @BlackHatEvents USA 2019 training submissions and feel many trainers are missing out on a few things. This thread should help anyone wanting to build and deliver a course

1: Know your market. Training is hard, very hard, please don't think it's a walk in the park.
For a 2 day course, you need 16 hours of content and labs. You need to sketch out each hour, taking into account different levels of students. Each lab should have 90% passable rate, then 10% for those who excel. This means less idle fingers at any time. Challenge all students
Each module should have a Mission Essential Task List (METL). I'm a huge fan of METL and have used it effectively over the last decade training. It sets out what students will learn at each module, globalsecurity.org/military/libra…
Environment: It's 2019, if you don't build a unique environment for each student, you are taking the piss. Single targets for a class of 40 are not good at all. Use the cloud, learn how to automate infrastructure using puppet/chef. Expecting 8gb ram, 60gb space is not on.
Content: Is your course valid? Are you wanting to do a wireless course and spending 3 hours on WEP? Is your appsec course still thinking the web is a webserver + backend DB? This is not what customers want, so deliver modern content.
Content: There is a trend to offer the world and deliver a snippet. Students don't want youtube videos or handouts, they want personal training, so understand the class flow and timing and make sure you cover all.
Training is hard, it's mentally and physically challenging if you are doing it right, this is not a 'throw some powerpoints up the night before and a few labs'. Those days are gone, the ability to earn hundreds of thousands of dollars from 4 days exists, so invest in content
It's great to see many new trainers submitting courses, but the submissions haven't been QA'd. Missing vital bits of information about the labs, the content, the flows, the METLs etc. Get a friend to review, ask me (DMs are open).
Education is the most powerful weapon which you can use to change the world.

Nelson Mandela
Had a few ask what should a good training environment look like? @_staaldraad & I set about answering this 4 years ago, and documented it at sensepost.com/blog/2015/into…

Today it's even easier, so no more VMware or PDFs. Tailor a proper learning environment
Finally, stuck for ideas? Everyone has an appsec course, or a red team one (aka pentesting), and yet there are hardly ANY defensive courses. The demand for solid defensive courses is huge, not ones that play lip service.

Build it and they will come, trust me...
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Daniel Cuthbert
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!