We offer web security training courses for primarily two target audiences: First, developers who want to learn about web application security, single sign-on, TLS, XML, and web service technologies. Second, penetration testers who want to get an in-depth knowledge about web security. Our discussed topics are both known, and also usually unknown attacks, along with their countermeasures. Furthermore, we go into detail regarding solutions to automate security tests.

Deep Dive Into TLS Attacks

There is a variety of attacks you need to address when securing your communication with TLS. Some attacks benefit from minor flaws in cryptographic or implementation details. This makes the attacks be complex to understand and hard to mitigate.

This training focuses on TLS attacks and aims to provide you specific tools for their detailed analyses. You will learn how to exploit specific attacks and prevent weaknesses in your TLS configuration. The training will address, among others, the following questions:

  • How does the TLS protocol work?
  • What are the known TLS attacks? How do they work? How can I write exploits for them?
  • How can I properly secure my systems? How can I defend against known attacks?
  • Does TLS 1.3 prevent all the attacks?

hackmanit it security schulung tage

2 Days

hackmanit it security schulung hands-on

Hands-On

hackmanit it security schulung team teilnahme zertifikat

Certificate of Attendance

hackmanit it security schulung preis

1.290 €*

Training Contents

  • Short introduction
    • Cryptography
    • TLS protocol flow
    • Certificates

  • Defending against known TLS attacks

  • Review of your own server configuration with common tools

  • TLS attack analysis in detail (with TLS-Attacker):
    • Padding oracle attacks
    • Bleichenbacher's attack, ROBOT, DROWN
    • CRIME, BREACH
    • Heartbleed
    • Raccoon
    • and more...

 

Target Audience

This course is designed for two groups. First, for penetration testers, who want to learn how to exploit known TLS attacks. Second, for system administrators and developers, who want to learn how known TLS attacks affect their servers. You will learn how to securely configure your servers and how to check the server configuration with common tools. We assume that you have basic knowledge of cryptography and TLS.

 

Booking Options

Customized training options for you or your team.

hackmanit it security schulung team online

Team online training
(at least 5 participants)

hackmanit it security schulung präsenzschulung bei ihnen

On-site training at your company

hackmanit it security schulung präsenzschulung bei Hackmanit

On-site training at Hackmanit

Whether a team online training or on-site training, we adapt to your wishes. Contact the person responsible for the desired training to receive an individual and non-binding offer. Send the individual booking request by email to Prof. Dr. Juraj Somorovsky:

 

Short Overview

Duration  |  2 days, 8 hrs. per day (incl. breaks)
Time  |  from 9:00 to 17:00 o’clock
Total Price  |  1.290€ plus VAT (per person)
Registration  |  by email to Prof. Dr. Juraj Somorovsky

 

Prof. Dr. Juraj Somorovsky

Your Contact and Trainer for This Training

Prof. Dr. Juraj Somorovsky
juraj.somorovsky@hackmanit.de

* All prices excl. VAT