Training Courses

Crypto Risk

We regularly run training courses on identifying and assessing crypto flaws in applications and infrastructure.

Our next training session is on 26 & 27 October 2017 in Venice, Italy. You can attend one or both days of the course. See ticket types for multi-day pricing.

We have had requests to run our training courses in North America. If this would be of interest to you, please let us know so that we can arrange an appropriate time and place.

Our training courses are also available for private groups. Contact us for a quote.

 

26-27 October 2017 – Venice

This course will teach you how to identify and assess crypto flaws in applications and infrastructure. You can attend one or both days of the course. See ticket types for multi-day pricing.

Cryptosense maintains strong links with the University of Venice Ca’ Foscari. Teaching the course will be Cryptosense CEO Dr. Graham Steel and Prof. Riccardo Focardi of Ca’ Foscari.

Day 1 – Crypto Risk

The course is for professionals working in application security. Some basic familiarity with cryptography is required to get the most out of the training. There is no practical exercise, so up to date coding skills are not required. Examples will be given in Java.

You will learn:

  • When (not) to use crypto and why
  • Mistakes to avoid in common operations and protocols
  • Best practices for key-management
  • Real-world examples of attacks exploiting crypto flaws to obtain secret data, achieve remote code execution, reset passwords to known values, etc.

Day 2 – Crypto Exploits

The course is for professionals working in application security. Some basic familiarity with cryptography is required to get the most out of the training. This part of the training includes practical exercises, so some coding skills are required, and familiarity with crypto APIs will help. The training examples will be given in Java, but developers with good experience of another widely-used high-level language like Python may prefer to use that. Cryptosense trainers will support Java and Python, but can’t guarantee support for more exotic languages.

You will learn:

  • How to write exploits for vulnerabilities resulting from common crypto errors

 

 

 

 

Download Crypto Security Whitepapers

Find out how to find and fix crypto vulnerabilities in Java and PKCS#11 deployments