Secure administration / secure Coding online training with LAB

Successful cyber security attacks usually come from banal roots: IT professionals who do not adequately secure their systems due to a lack of knowledge or a certain " carelessness ". Be it administrators who do not harden or regularly patch their systems before they go live, use the same accounts for different tasks and systems, often even with the same passwords. Or developers who do not validate user input properly, use vulnerable session management or do not have their code analyzed for security vulnerabilities before production release.

Most IT professionals have heard advice and instructions on "Secure Administration" and "Secure Coding" many times... and still don't follow them, because the measures make their daily work more complicated and simply lack insight. The only way to change this is to let your administrators and developers take a look out of the dark side of force.

Top Trainer

Top Trainer

Two virtual coaches convey all content in a kind of "Capture the Flag" game. As a cloud service or in your LMS. Worldwide.

Hacking LAB

Hacking LAB

The participants hack operating systems and applications in the LAB with the most modern attack tools. Up to level Domain Admin.

Best learning success

Best learning success

Anyone who has personally tried out how easy it is to hack systems and applications will no longer question security measures.

Courses secure administration and secure development

The secure administration content was created by incident response experts and successfully implemented and optimized in classroom training courses over many years. All scenarios are based on real APT attacks by current hacker groups and are therefore highly relevant.

n the e-learning, the participants receive the knowledge of how professional attackers act (duration approx. 2.5 hours). Each chapter allows them to execute the learned knowledge themselves in a LAB environment (several Windows and Linux systems), taking on the role of the attacker and following a typical "kill chain". The exercises in the LAB environment last depending upon speed of the participant altogether approx. 2 - 3 hours.

  • Scan of the environment with nmap and development of the infrastructure map of the LAB.
  • Detection of vulnerabilities using Nessus Report.
  • Exploitation of Linux vulnerabilities (SSH Bruteforce) with Hydra.
  • Exploitation of Windows vulnerabilities (SMB Port 445) with Eternalblue (NSA Tool) in Metasploit.
  • Lateral Movement by "Pass the Hash" with Mimikatz and psexec
  • Understanding RDP Hopping and Shellshock with Meterpreter

In each chapter the participants have to achieve goals and document them in the e-learning module ("Capture the Flag"). The subsequent chapters explain the reasons why the attack was so successful:

  • insufficient hardening,
  • missing patching,
  • use of weak passwords,
  • use of the same passwords on different systems,
  • one account can be used for many systems,
  • use of accounts with far too many rights,
  • etc.

This combination of personal involvement and concrete practical tips results in a high level of acceptance and thus a high learning success.

The secure coding content for developers has been created and optimized by penetration testers and secure coding trainers. They reflect the typical weaknesses of the OWASP Top 10 and are therefore highly relevant for secure development.

The participants discover in e-learning which methods attackers use to hack into applications (duration approx. 1.5 hours). For each vulnerability they can carry out the attacks in their LAB environment themselves, from online bruteforcing and SQL injection to cross-site scripting and remote code execution. These exercises in the LAB environment take about 1 hour depending on the speed of the participant.

  • Online bruteforcing of a password with Hydra.
  • Exploitation of weak authorization through direct object reference.
  • Take over of sessions by session fixation.
  • Data manipulation due to missing input validation by SQL injection.
  • Execution of a persistent cross-site scripting attack.
  • Reading of secrets with the help of file inclusion.
  • Remote code execution by webshell upload or outdated libraries.

After each successful attack in the LAB, the reasons for the success are explained:

  • weak authentication and lack of authorization checks (access control),
  • insufficient implementation of input validation and output sanitisation,
  • session management vulnerable to attacks,
  • insecure secret management, e.g. encoding instead of encryption,
  • risky exception and error handling,
  • missing patching of third party components,
  • and many more.

This combination of personal involvement and concrete practical tips results in a high level of acceptance and thus a high learning success.

Many good reasons for security tranings

 

Highly efficient training around the world at the same cost

The combination of e-learning and LAB enables you to train your administrators and developers all over the world at the same cost, especially in the regions:

  • In most cases, modern cyber spies do not attack the head office first, where they suspect strong security measures and trained staff. They attack the branch offices and external locations, since the security level is usually lower there and a "flat network" without segmentation promises fast access to the core systems. Until now, these locations could only be sensitized and trained at extremely high costs.
  • Developers are often located at different sites around the globe or in near-shoring or off-shoring centers and were previously hardly accessible for training at this quality level.

 

Learning success guaranteed

The main problem of the security awareness of IT professionals lies in the lack of insight and personal involvement. Security measures make everyday work more complicated and nobody knows why. For this reason, policies and rules of conduct are usually inadequately implemented.

The Cyber Security LAB E-Learning offers the participants the opportunity to take the view of an attacker. The intensive exploration of current attack tools and the practical implementation in the LAB results in a very high level of personal involvement and understanding for the required security measures. This is the basis for behaviour change.

Through the combination of multimedia e-Learning and LAB environment, the Cyber Security LAB E-Learning works on the two most successful levels of the classical learning pyramid, because people remember:

  • 10 percent of what they read,
  • 20 percent of what they hear,
  • 30 percent of what they see,
  • 50 percent of what they see and hear,
  • 90 percent of what they do themselves.

 

Internationally usable security online trainings

The e-learning module is available in English and German. We can add further languages by subtitling the English version on request. The LAB Portal and the LAB Environment are available in English only.

 

Replaces a "Hands-On" classroom training

The Cyber Security LAB E-Learning consists of three components:

  1. A LAB portal that gives participants access to the LAB (and in case of a cloud service to the E-Learning).
  2. A fully multimedia E-Learning module with virtual coaches. The E-Learning module is SCORM compatible and can either be integrated into your own learning management system (LMS) or provided as a cloud service.
  3. A professional LAB environment, in which the participants can put the acquired knowledge into practice.

The LAB for administrators simulates a company network with several prepared Windows and Linux systems and contains current attack tools. Each customer receives an individual LAB environment for his participants

The LAB for developers contains a web application with numerous vulnerabilities and attack tools. Each participant receives his individual LAB and a time quota of 15 hours for usage.

 

Option to integrate your policies

The training courses are structured in such a way that basically no individual modifications are necessary.

However, for both training courses we have provided spots where you can integrate your relevant documents and guidelines on request (hardening guides, incident response procedures, secure development guides, etc.). This makes the generally applicable tips even more specific through your concrete instructions ("this is how we do it at our company").

As part of this customizing, we will of course also integrate your company logo and name your security contacts (SOC, CERT, Defense Center, ISO, etc.).

 

Fair pricing model

The Cyber Security LAB E-Learning is licensed according to the number of participants. The price for a training participant (all inclusive: e-learning license, LAB infrastructure, hosting, licenses, etc.) is between 80,- and 250,- EUR net plus VAT, depending on the number of participants, and thus costs a fraction of a comparable classroom training... but delivers effectively the same learning success.

 

Further questions? Request a demo?

Then call us on (+49 89 890 63 62-0) or send us a message.

Data protection note: how do we handle your data