Hackmanit IT security training courses offer you a high-quality mix of scientifically based content and practical, proven know-how. Our IT security training courses are appreciated by participants and companies from various industries, be it in the automotive industry, finance, critical infrastructures, public institutions, software development and many more.

Deep Dive Into TLS Attacks

There is a variety of attacks you need to address when securing your communication with TLS. Some attacks benefit from minor flaws in cryptographic or implementation details. This makes the attacks be complex to understand and hard to mitigate.

This training focuses on TLS attacks and aims to provide you specific tools for their detailed analyses. You will learn how to exploit specific attacks and prevent weaknesses in your TLS configuration. The training will address, among others, the following questions:

  • How does the TLS protocol work?
  • What are the known TLS attacks? How do they work? How can I write exploits for them?
  • How can I properly secure my systems? How can I defend against known attacks?
  • Does TLS 1.3 prevent all the attacks?


Possible Training Contents

We work with you to select the specific topics in advance in order to provide your team with the greatest possible benefit.

  • Short introduction
    • Cryptography
    • TLS protocol flow
    • Certificates

  • Defending against known TLS attacks

  • Review of your own server configuration with common tools

  • TLS attack analysis in detail (with TLS-Attacker):
    • Padding oracle attacks
    • Bleichenbacher's attack, ROBOT, DROWN
    • CRIME, BREACH
    • Heartbleed
    • Raccoon
    • and more...

 

Target Audience

This course is designed for two groups:

  • First, for penetration testers, who want to learn how to exploit known TLS attacks.
  • Second, for system administrators and developers, who want to learn how known TLS attacks affect their servers. You will learn how to securely configure your servers and how to check the server configuration with common tools

We assume that you have basic knowledge of cryptography and TLS

Training Days

The training is designed for 2 days, from 9:00 - 17:00, 8 hours each (including breaks).

 

Hands-On

Learn important approaches with our practical component that will give you a deep understanding of the methods used by hackers and defenders.

 

Certificate of Attendance

After completing the training, you will receive a personalized digital certificate from us.

 

Your Investment

1.290€ excl. VAT per person.

 


Booking Options

Customized training options for you or your team.

Whether team online training or classroom training, we adapt to your wishes.
Contact us for the training you require to receive an individual and non-binding offer.

Send the registration form or your individual booking request directly to Prof Dr. Juraj Somorovsky:

 

Team Online Training

Book an online IT security training course on an individual date.
(at least 5 participants)

 

On-Site Training at Your Company

We will come to you on request and find an individual appointment for you and your team.

 

On-Site Training at Hackmanit

We take care of the training facilities on site in Bochum with individual desired dates. 

 

Prof. Dr. Juraj Somorovsky

Your Contact for This IT Security Training

Prof. Dr. Juraj Somorovsky | Department Cryptography
juraj.somorovsky@hackmanit.de

* All prices excl. VAT