Project Description

Let The Tigers Roam!

Practical application of INFOSEC with an emphasis on tiger teaming

  • July 13–24, 2020

  • 5 ECTS

  • David Modic

Prerequisites

  • Bachelor’s or Master’s degree

  • Some technical foundation knowledge preferred

  • *nix skills recommended, but not required

  • Willingness to learn and quickly absorb technical skills

  • B2 English level

About the course

Where there is money, so are businessmen and “businessmen.” How do you distinguish those who offer you services or products that will help you from those who sell you air in nice packaging? One way is to check if they are dealing with information security from a human standpoint as well. The University of Cambridge’s intrusion detection system records approximately 200,000 trials per month. When you look at these, it quickly becomes apparent that virtually all of them contain elements of the use of human resources (manipulation, seduction, identity theft …). This is why staff training in security is crucial and also presents challenges. The vast majority of training about security is generic or even actively teaches wrong practices which causes a big drop in the security of the organization. One approach to schooling that has repeatedly proven successful abroad is to teach individuals how to practice attacks. When someone understands how hackers are hacking and looking for weaknesses, they can put these principles into practice to better protect themselves and their organization. At this course, we will learn the basic principles of penetration testing (i.e., system security checks through simulated attacks), with a focus on utilizing human resources and passively collecting data on a system and individual deficiencies. The program contains theoretical and practical elements. You will work as a team, therefore a wide range of profiles is welcome. From social and cognitive scientists to criminologists and computer scientists.

Aims of the course

  • Familiarise the participants with security topics and ethical hacking.
  • Offering basic skillsets to the participants for security roles in the industry.
  • Giving the participants a foundation, which will serve to inform their research in the field of computer security.
  • Teach the participants how to discover vulnerabilities in existing infrastructure and how to ethically disclose them.

Why should you attend this course?

You should attend this course if you are interested in how to identify the weaknesses of the targets and how those are used. Not to become an Ethical Hacker but to have the knowledge which would make official certification a lot easier, if you are so inclined.

After the course, you will:

  • independently and responsibly conduct limited scope PEN testing (using tools introduced in the lectures),
  • assess threat models and severity of vulnerability from a technical, legal and ethical viewpoint,
  • respond to an incident in a way that will offer maximum protection to those involved, the public and themselves.

All courses: