The content and overall structure and organization were really very good. [...] The VM and the exercises are really very well done ...

Review of a participant

As a technical training one of the best if not the best in my career so far (10 years) ...

Review of a participant

The VM is awesome because of your own developments [...] I have taken much more with me than, for example, from training courses for certifications ...”

Review of a participant

Single Sign-On Security: SAML

Your Benefits

In this interactive training, you will learn the security best practices for SAML-based single sign-on systems.

  • Understand how attackers steal SAML tokens and the resulting risks.
  • Take the right actions to protect your service and identity providers against cyber attacks.
  • Protect your SAML systems from attackers unauthorized access and data theft.
  • Convince your customers with state-of-the-art security technologies such as Holder-of-Key (HoK).
hackmanit it security schulung tage

2 Days

hackmanit it security schulung hands-on


hackmanit it security schulung team teilnahme zertifikat

Certificate of Attendance

hackmanit it security schulung preis

1.290 €*

Possible Training Contents

  • Introduction
    • XML Parsing (DOM vs. SAX)
    • XML Schema
    • Extensible Stylesheet Language (XSLT)

  • Document Type Definition
    • XML (External) Entity Attacks
    • XML-specific Denial-of-Service Attacks

  • SAML-based Single Sign-On
    • XML Signature
    • Web Browser SSO Profile

  • Attacks on SAML Service Providern
    • Replay Attacks
    • Signature Exclusion
    • XML Signature Wrapping (XSW)
    • Certificate Faking and Injection Angriffe
    • Covert Redirect Attacks

  • Anttacks on SAML Identity Provider SAML

  • SAML Secure Bindings

  • Apply the knowledge you have acquired to your own applications

Target Audience

This training is intended for people who want to build and maintain secure SAML systems.

This course is helpful for, among others:

  • Identity management administrators
  • Identity provider and client developers
  • Penetration testers and security researchers

To participate, you will need a computer, as well as virtualization software for working on the interactive exercises. We recommend VirtualBox.

Booking Options

Customized training options for you or your team.

hackmanit it security schulung online

Fixed Date

hackmanit it security schulung team online

Team online training
(at least 5 participants)

hackmanit it security schulung präsenzschulung bei ihnen

On-site training at your company

hackmanit it security schulung präsenzschulung bei Hackmanit

On-site training at Hackmanit

Whether a fixed date, team online training or on-site training, we adapt to your wishes. Contact the person responsible for the desired training to receive an individual and non-binding offer. Send the registration form or the individual booking request by email to Dr. Christian Mainka:

Next Online Training CourseRegistration Deadline
--- ---

Next Online Training Course

25.01. - 26.01.2022 (Tue.-Wed.)  |  9:00 to 17:00 o’clock  |  1.290€ plus VAT (per person)  |  German  |  Registration Deadline: Tuesday, 11.01.2022

Note: We reserve the right to cancel the training if there are less than 5 participants. A possible cancellation will be communicated at least one week before the training date.



Dr. Christian Mainka

Your Contact for This Training

Dr. Christian Mainka

* All prices excl. VAT