Frequently Asked Questions

Yes. 8kSec delivers all courses on-site at partner or customer premises worldwide. On-site delivery has been conducted in the UK, US, Singapore, Saudi Arabia, Japan, Australia, and other locations.

For on-site engagements, 8kSec provides the instructor and the full lab infrastructure. Participants do not need to set up or manage any technical environment — the lab setup, tool installations, and virtual machines are handled by the 8kSec instructor team before the training begins.

On-site training is particularly suited to enterprise security teams, government organisations, and managed security service providers who want to train a group together in a controlled environment, or who have requirements around data sovereignty and keeping training internal.

For instructor-led training, 8kSec recommends initiating the engagement at least 4–6 weeks in advance to allow time for scheduling, logistics coordination, and lab environment provisioning.

The standard pre-training workflow includes: a dedicated Slack channel set up for enrolled students, detailed technical setup instructions distributed 2 weeks before the course starts, cloud lab environments provisioned in advance, and a pre-course readiness check by the instructor team to ensure all participants can access the lab environment before day one.

Contact 8kSec at trainings@8ksec.io to discuss availability and scheduling.

Yes, all 8kSec courses are customisable along multiple dimensions:

• Scope: Modules can be added, removed, or resequenced to match your team's priorities.
• Depth: Content can be adjusted to suit the group's skill level, ranging from security-aware developers to senior penetration testers.
• Environment: Lab exercises can be adapted to your organisation's specific platforms, technologies, or target applications.
• Duration: Courses can be extended to accommodate larger groups or participants with limited offensive security background.
• Combination: Modules from multiple courses can be merged into a custom multi-day training programme.

Custom programmes are designed collaboratively — 8kSec works with the customer to define learning objectives before building the final agenda.

Post-training support is built into every 8kSec engagement. After the course ends, students retain access to the dedicated Slack channel where they can continue asking technical questions and discussing course topics with the instructor and the broader 8kSec community.

Students receive a complete package of course materials: slides, custom scripts, tool configurations, and exploit proof-of-concept files developed for the course. These are provided for ongoing reference during real-world engagements.

Where applicable, students also receive access to the certification exam.

8kSec provisions and manages the full lab infrastructure for every live training engagement.

Lab environments are cloud-hosted and accessible from any laptop with a modern browser and a stable internet connection. For courses involving iOS and Android device interaction, 8kSec uses Corellium — a professional-grade iOS and Android virtualisation platform — so participants do not need to bring a physical jailbroken device.

For on-site delivery, the 8kSec instructor team completes a pre-training readiness check before the course begins, verifying that all participants can connect to the lab environment and have the required tools installed. This eliminates first-day setup delays that commonly reduce effective learning time in technical training.

Prerequisites vary by course, but 8kSec courses are generally designed for working security professionals rather than beginners. Common baseline expectations:

• All courses: Comfort with the Linux/macOS command line, basic networking knowledge, familiarity with at least one scripting language (Python preferred).
• Mobile courses (iOS/Android): Some prior exposure to mobile application testing or development; familiarity with tools like Frida, Burp Suite, or jadx is helpful but not always required.
• Exploit development / ARM64 courses: Understanding of assembly language, memory management, and binary exploitation concepts.
• Malware analysis courses: Experience with static and dynamic analysis techniques; familiarity with disassemblers like IDA Pro or Ghidra.

For teams with mixed experience levels, 8kSec can adjust course depth or recommend a sequenced curriculum that builds skills progressively.

Yes. A selection of 8kSec's most popular courses are available as on-demand, self-paced training via the 8kSec Academy at academy.8ksec.io. These courses include the same technical depth as the instructor-led versions and can be completed at your own pace.

On-demand courses are a good fit for individuals who cannot attend a scheduled live session, or for teams who want to use the on-demand content as a foundation before attending a live advanced course.

8kSec has delivered instructor-led training at some of the most competitive and well-known security conferences in the world, including:

• Black Hat (USA, MEA, Europe)
• DEF CON
• Hack in Paris
• TyphoonCon
• Power of Community (POC)
• AppSec USA
• Nullcon

Conference training slots at these events are highly competitive, and courses typically sell out. Training delivered at these conferences uses the same curriculum as private corporate engagements, adapted for the public audience format.

8kSec offers a comprehensive range of cybersecurity services for organisations:

• Penetration Testing: Mobile application security testing, web application security testing, infrastructure penetration testing, source code review, API security testing, and IoT/embedded security assessments.
• Cybersecurity Consulting: Security gap analysis, M&A security advisory, virtual CISO services, secure SDLC lifecycle consulting, and Web3 security auditing.
• Security Compliance: Risk assessments, gap assessments, vendor risk management, SOC 2, PCI, and CMMC compliance audits.
• SSDLC: Security champions programmes, product architecture reviews, DevSecOps implementation, threat modelling, and vulnerability management.

Contact us at info@8ksec.io to discuss your organisation's specific requirements.

8kSec is a global cybersecurity company headquartered in the USA, with a team of researchers and instructors operating across multiple regions. Training and services have been delivered in the US, UK, Singapore, Saudi Arabia, Japan, Australia, and beyond.

For corporate and government clients, 8kSec can deliver on-site anywhere in the world. Remote and virtual delivery is available for all services and training engagements.

You can reach 8kSec through the following channels:

• General enquiries: info@8ksec.io
• Training enquiries: trainings@8ksec.io
• Partnerships: via the Partner With Us page
• Services: via the Contact Us page on the website

We typically respond within one business day.

Yes. 8kSec offers a range of industry-recognised certifications across mobile security, AI security, and exploit development, including:

• OMSE – Offensive Mobile Security Expert
• CMSE – Certified Mobile Security Expert
• CISE – Certified iOS Security Expert
• CASE – Certified Android Security Expert
• CAISR – Certified AI Security Researcher
• CASR – Certified ARM Security Researcher
• And more

Certifications are earned by passing a practical exam. Access to the exam is included when you attend the corresponding 8kSec live training course. Full details for each certification are available on the Certifications page.

8kSec Battlegrounds is 8kSec's hands-on lab platform for practising real-world security skills. It features challenges across mobile platforms (iOS and Android), ARM64 architecture, and AI security.

Battlegrounds is designed for security professionals who want to sharpen their offensive skills in a structured, guided environment outside of a formal training course. Completing Battlegrounds challenges can also contribute toward certification preparation.

For all invoice and billing-related queries, please contact our support team at support@8ksec.io. Include your invoice number or order reference in the subject line and we'll get back to you as soon as possible.