09:00 – 09:15
Gathering
The course takes place at Clarified Security office (Lõõtsa 12 Tallinn; 8th floor)
Car parking: https://www.ulemistecity.ee/en/getting-here/
Kestus:
21 akadeemilist tundi
Toimumiskoht:
Clarified Security office
Training location: Lõõtsa 12, Tallinn (Training is held in English)
Goals: to clarify various configuration security issues and practical aspects on hardening services.
Training in a nutshell: Service Hardening is about configuring services to reduce their attack surface. By combining various low priority configuration issues, an attacker may be able to gain access and even elevate in a system without leaving much traces behind. Training focuses on practices that can be applied to almost any service – without modifying the program code.
Keep in mind that hardening reduces attack surface, it does not make a system secure!
Target audience: developers, administrators, testers, security incident handlers and
anyone else who has to deal with creating or maintaining services.
The main topics covered are:
For each topic, first the theory is explained, based on this, the student will attack a service in a lab environment and finally, the student will harden that service to withstand such attack.
The results of the training:
Length: 21 academic hours
Täienduskoolituse õppekavarühm: 0688 Informatsiooni- ja kommunikatsioonitehnoloogia interdistsiplinaarne õppekavarühm
The prerequisite for issuing the certificate is full participation in training.
Each training participant must bring his own laptop with a charger and, if necessary, other work-related equipment (mouse, etc.). The laptop must have a network cable slot or the ability to connect to a Wi-Fi network and a screen resolution of at least 1920x1080. All operating systems are suitable, the main thing is to have a remote desktop client (RDP).
The training price includes:
As added value, we offer:
You can take part in the training with the Unemployment Insurance Fund training card.
We also recommend that you get acquainted with the in-service training grants offered by the Unemployment Insurance Fund to employers: the training allowance for employers and the reimbursement of the employee's training expenses to the employer.
Trainer: Mait Peekma
Pentester (networks, devices/hardware), trainer
Mait is a versatile pentester with extensive pentesting and stress-testing background in the banking sector. Mait joined the team in March 2012 and came from Swedbank security team where he was mostly involved with WebApps and network pentesting.
Mait is the author and trainer of our Service Hardening course.
Mait has a M.Sc (cum laude) in IT from Tallinn University of Technology. He wrote his Masters thesis about ZigBee wireless protocol security.
Pentester (networks, devices/hardware), trainer
Certifications: GIAC Web Application Penetration Tester (GWAPT)
Mait is a versatile pentester with extensive pentesting and stress-testing background in the banking sector. Mait joined the team in March 2012 and came from Swedbank security team where he was mostly involved with WebApps and network pentesting.
Mait is the author and trainer of our Service Hardening course.
Mait has a M.Sc (cum laude) in IT from Tallinn University of Technology. He wrote his Masters thesis about ZigBee wireless protocol security.
Pentester (networks, devices/hardware), trainer
Certifications: GIAC Web Application Penetration Tester (GWAPT)
Mait is a versatile pentester with extensive pentesting and stress-testing background in the banking sector. Mait joined the team in March 2012 and came from Swedbank security team where he was mostly involved with WebApps and network pentesting.
Mait is the author and trainer of our Service Hardening course.
Mait has a M.Sc (cum laude) in IT from Tallinn University of Technology. He wrote his Masters thesis about ZigBee wireless protocol security.
09:00 – 09:15
Gathering
The course takes place at Clarified Security office (Lõõtsa 12 Tallinn; 8th floor)
Car parking: https://www.ulemistecity.ee/en/getting-here/
09:30 – 11:00
1. Public Key Certificates
• chain verification
• wildcard
Methods: lecture; labs
11:00 – 11:15
Coffee break
11:15 – 12:45
2. Public Key Certificates
• status
• transparency
Methods: lecture; labs
12:45 – 13:30
Lunch
13:30 – 15:00
3. HTTP
• reverse proxy
Methods: lecture; labs
15:00 – 15:15
Coffee break
15:15 – 17:00
4.TLS
• Protocol
• cipher suites
• FS
• CCA
Methods: lecture; labs
Kestus:
21 akadeemilist tundi
Toimumiskoht:
Clarified Security office
Training location: Lõõtsa 12, Tallinn (Training is held in English)
Goals: to clarify various configuration security issues and practical aspects on hardening services.
Training in a nutshell: Service Hardening is about configuring services to reduce their attack surface. By combining various low priority configuration issues, an attacker may be able to gain access and even elevate in a system without leaving much traces behind. Training focuses on practices that can be applied to almost any service – without modifying the program code.
Keep in mind that hardening reduces attack surface, it does not make a system secure!
Target audience: developers, administrators, testers, security incident handlers and
anyone else who has to deal with creating or maintaining services.
The main topics covered are:
For each topic, first the theory is explained, based on this, the student will attack a service in a lab environment and finally, the student will harden that service to withstand such attack.
The results of the training:
Length: 21 academic hours
Täienduskoolituse õppekavarühm: 0688 Informatsiooni- ja kommunikatsioonitehnoloogia interdistsiplinaarne õppekavarühm
The prerequisite for issuing the certificate is full participation in training.
Each training participant must bring his own laptop with a charger and, if necessary, other work-related equipment (mouse, etc.). The laptop must have a network cable slot or the ability to connect to a Wi-Fi network and a screen resolution of at least 1920x1080. All operating systems are suitable, the main thing is to have a remote desktop client (RDP).
The training price includes:
As added value, we offer:
You can take part in the training with the Unemployment Insurance Fund training card.
We also recommend that you get acquainted with the in-service training grants offered by the Unemployment Insurance Fund to employers: the training allowance for employers and the reimbursement of the employee's training expenses to the employer.
Trainer: Mait Peekma
Pentester (networks, devices/hardware), trainer
Mait is a versatile pentester with extensive pentesting and stress-testing background in the banking sector. Mait joined the team in March 2012 and came from Swedbank security team where he was mostly involved with WebApps and network pentesting.
Mait is the author and trainer of our Service Hardening course.
Mait has a M.Sc (cum laude) in IT from Tallinn University of Technology. He wrote his Masters thesis about ZigBee wireless protocol security.
Pentester (networks, devices/hardware), trainer
Certifications: GIAC Web Application Penetration Tester (GWAPT)
Mait is a versatile pentester with extensive pentesting and stress-testing background in the banking sector. Mait joined the team in March 2012 and came from Swedbank security team where he was mostly involved with WebApps and network pentesting.
Mait is the author and trainer of our Service Hardening course.
Mait has a M.Sc (cum laude) in IT from Tallinn University of Technology. He wrote his Masters thesis about ZigBee wireless protocol security.
Pentester (networks, devices/hardware), trainer
Certifications: GIAC Web Application Penetration Tester (GWAPT)
Mait is a versatile pentester with extensive pentesting and stress-testing background in the banking sector. Mait joined the team in March 2012 and came from Swedbank security team where he was mostly involved with WebApps and network pentesting.
Mait is the author and trainer of our Service Hardening course.
Mait has a M.Sc (cum laude) in IT from Tallinn University of Technology. He wrote his Masters thesis about ZigBee wireless protocol security.
09:00 – 09:15
Gathering
The course takes place at Clarified Security office (Lõõtsa 12 Tallinn; 8th floor)
Car parking: https://www.ulemistecity.ee/en/getting-here/
09:30 – 11:00
1. Public Key Certificates
• chain verification
• wildcard
Methods: lecture; labs
11:00 – 11:15
Coffee break
11:15 – 12:45
2. Public Key Certificates
• status
• transparency
Methods: lecture; labs
12:45 – 13:30
Lunch
13:30 – 15:00
3. HTTP
• reverse proxy
Methods: lecture; labs
15:00 – 15:15
Coffee break
15:15 – 17:00
4.TLS
• Protocol
• cipher suites
• FS
• CCA
Methods: lecture; labs
Registreerudes e-poe, e-kirja või telefoni teel, saadame Teile arve ja täpsema info osalemise kohta.
Üksteist päeva enne koolitust saadame Teile e-kirjaga meenutuse osalemise infoga.
Koolitusel osalemine on nimeline, kuid saate osalejat tasuta muuta kuni koolituse alguseni.
Koolituse eest tasumine toimub arvel viidatud arveldusarvele. Arve saadetakse maksja aadressile e-postiga. Arve tuleb tasuda enne koolituse algust arvel märgitud maksetähtajaks.
IT Koolitus on Eesti Töötukassa koolituskaardi koostööpartner. Tutvuge koolituskaardi infoga SIIN.
Täpsema info saamiseks võtke meiega ühendust telefonil 618 1727 või [email protected].
Kui te ei saa mingil põhjusel koolitusel osaleda, palun andke sellest teada e-posti aadressil [email protected]. Kui teatate mitteosalemisest vähemalt 10 tööpäeva ette, lepime Teiega kokku uue aja või tagastame 100% koolituse maksumusest. Tagastame koolituse osalustasu täismahus juhul, kui pole tehtud koolituse korraldamisega seotud kulutusi (ostetud õppematerjale jms).
Kui teatate mitteosalemisest 5-9 tööpäeva enne koolitust, kuulub tasumisele 50% arvest.
Hilisemal teavitamisel, koolitusele mitteilmumisel, sellest mitteteatamisel või koolituse poolelijätmisel õppetasu ei tagastata.
Aadress
Lõõtsa 12, Tallinn (8.korrus)IT Koolitus | Vana-Lõuna 39/1, Tallinn | 6181727 | [email protected]