Service Hardening NEW! (inglise keeles)

Training duration: 2 days of instructions with hands-on labs (16 hours). Duration may depend on audience

Group size: 12 participants maximum

Target audience: developers, administrators, testers, security incident handlers and anyone else who has to deal with creating or maintaining services.

The training is held by our partner Clarified Security.

Contents of the training:This course is based on the most frequently occurring configuration security issues that our team has encountered over years of penetration testing.

The main topics covered are:

Public Key Certificates – chain verification, status, transparency
Reverse proxy – IP-address and certificate info forwarding
TLS – protocol, cipher suites, forward secrecy, CCA
SSH – host keys and SSHFP, agent forwarding
DNS – DoT/DoH, DNSSEC
E-mail – DKIM, SPF, DMARC
Logging – log tampering, creating meaningful logs
For each topic, first the theory is explained, based on this, the student will attack a service in a lab environment and finally, for selected topics, the student will harden that service to withstand such attack.

Course methods
Trainer will engage participants with lectures, live attack demonstrations and practical examples followed by individual hands-on exercise scenarios. The course is interactive, practical, and besides active participation also full of attack stories that help to change the perspective and understanding of real life security threats.

Intended outcome
The goal of hardening services is to reduce the attack surface. The main outcome of the training is to help trainees understand different possible attacks that can be conducted towards services with default configuration. How to defend themselves against such threats and also the importance of logging certain data, so that resulting logs would be beneficial when solving possible security incidents.

Delivery
We can deliver on-site or remotely at group pricing anywhere in the World where decent broadband connection is available. Ask us for the group pricing or for times and locations of our public courses. Public groups are currently available directly or via partners in Estonia.

Täienduskoolituse õppekavarühm: Informatsiooni- ja kommunikatsioonitehnoloogia interdistsiplinaarne õppekavarühm