Trainings
The best security strategy is to train and develop your team to be ready for an ever-changing security world. In order to defend an environment one must understand how attackers work, think and operate, what to look for and how to turn that knowledge into resilience. To help grow and develop experts we are offering insights and guidance about various topics and aspects of IT security in three different training formats.
Three different formats
Containers and Kubernetes have become cornerstones of modern software development. The workshop dives into common attack vectors and practical mitigations to secure containerized applications in Kubernetes clusters.
Cryptography for Software Engineers is for IT professionals whose needs for dealing with cryptography exceeds using https for their webserver. The talk will focus mainly on symmetric cryptography and highlight common pitfalls along a practical example project.
The workshop begins with an introduction to the Domain Name System (DNS) which is used in the Internet to map domain names onto IP addresses and other data. Participants will learn about the basic concepts and the limitations of DNS, in particular with respect to integrity guarantees. We will then explore how these issues can be addressed using DNS Security Extensions (DNSSEC), and show with practical examples how to properly configure a modern DNSSEC deployment.
How does IT security actually work? What are the economics of it? How are cyber attacks executed and by whom? And what is the big deal of a small phishing email anyways? An awareness talk to better embrace IT security and understand that all of us are responsible for it.
A programming language agnostic workshop on best practices to develop secure web applications and APIs. Some common attacks are shown and it is possible to get your hands dirty by following along on your own machine.