Service Hardening

Service Hardening is a course about configuring services to reduce their attack surface.

Training duration : 2 days of instructions with hands-on labs

Group size : 12 participants maximum

Target audience : this course is for people with technical background. Person willing to take the course must know what are: base64, sha256, 127.0.0.1

Price : 2 days, 1200 EUR + VAT

Information and registration:  info@clarifiedsecurity.com

Next public training courses

Trainer

Trainer is Mait Peekma .

Mait Peekma Mait Peekma

Mait is a versatile pentester with extensive pentesting and stress-testing background in the banking sector. Mait joined the team in March 2012 and came from Swedbank security team where he was mostly involved with WebApps and network pentesting. Mait is the author and trainer of our Service Hardening course.

Contents of the training

This course is based on the most frequently occurring configuration security issues that our team has encountered over years of penetration testing.

The main topics covered are:

  • Public Key Certificates - chain verification, status, transparency
  • Reverse proxy - IP-address and certificate info forwarding
  • TLS - protocol, cipher suites, forward secrecy, CCA
  • SSH - host keys and SSHFP, agent forwarding
  • DNS - DoT/DoH, DNSSEC
  • E-mail - DKIM, SPF, DMARC
  • Logging - log tampering, creating meaningful logs

For each topic, first the theory is explained, based on this, the student will attack a service in a lab environment and finally, for selected topics, the student will harden that service to withstand such attack.

Course methods

Trainer will engage participants with lectures, live attack demonstrations and practical examples followed by individual hands-on exercise scenarios. The course is interactive, practical, and besides active participation also full of attack stories that help to change the perspective and understanding of real life security threats.

Intended outcome

The goal of hardening services is to reduce the attack surface. The main outcome of the training is to help trainees understand different possible attacks that can be conducted towards services with default configuration. How to defend themselves against such threats and also the importance of logging certain data, so that resulting logs would be beneficial when solving possible security incidents.

Delivery

We can deliver on-site or remotely at group pricing anywhere in the World where decent broadband connection is available. Ask us for the group pricing or for times and locations of our public courses. Public groups are currently available directly or via partners in Estonia.