Training: Unique Masterclass Winter Q1 2025

Active Enterprise Defense

Focus on what really matters in enterprise defense with 30+ labs dedicated to protection against 0-day and 1-day vulnerabilities, and containing threats through threat modeling, secure architecture, deception, sandboxing, and egress filtering in Windows, Linux, and cloud environments.

This is the ideal next step after mastering the basics in our Cybersecurity Workshop.
30+
labs
32+ hours
of content
AED
Masterclass in Cybersecurity

What You Will Learn

Master critical security concepts such as isolation, segmentation, and the principle of least privilege to effectively combat 0-day and 1-day cyber attacks. Our Cybersecurity Masterclass prepares interdisciplinary professionals to integrate robust security practices into every aspect of their roles.
  • Learn the significance of isolation and segmentation in preventing cyber attacks, and how these strategies can be implemented within your organization.
  • Learn to identify potential threats and vulnerabilities through comprehensive modeling, enabling proactive security measures.
  • Use powerful hardening technologies of modern systems: Linux LSMs, WDAC and AppContainer
  • Employ a reverse graph-walking approach to protect crown jewels by visualizing and fortifying potential breach paths, anticipating attacker strategies.
  • Explore best practices in security architecture to strengthen your cybersecurity framework.
  • Recognize and avoid common cybersecurity anti-patterns that could undermine your security efforts.
  • Engage in active defense strategies to detect, deter, decept, and mitigate cyber threats in real-time.
  • Explore the principle of least privilege and its crucial role in maintaining tight security controls and minimizing the potential impact of a breach.
Strategic Enterprise Protection

Business Takeaways

Equip your organization with the knowledge to fend off 0-day and 1-day attacks and comply with GDPR and NIS2 regulations.
  • Understand the General Data Protection Regulation (GDPR) requirements to safeguard personal data. Learn strategies for data protection impact assessments, consent management, data subject rights fulfillment, and breach notifications to maintain compliance and avoid substantial fines.
  • Explore the requirements of the NIS2 Directive aimed at boosting the overall level of cybersecurity across vital sectors like energy, transport, banking, and health. Learn to identify essential and important entities, conduct risk assessments, and establish incident response capabilities.
  • Gain insight into how 0-day and 1-day attacks, among other high-profile breaches, were orchestrated and the crucial steps that could have prevented them.
  • Learn to implement rigorous security controls across different stages of the Cyber Kill Chain and the MITRE ATT&CK framework, enhancing your ability to prevent, detect, and respond to advanced threats effectively.
Strategic Enterprise Protection

30+ Labs and Case Studies

With a curriculum that includes up to 50% practical experience through labs and exercises, our course delves into essential and advanced security concepts. Each topic is carefully selected to equip participants with both the knowledge and practical skills needed for immediate application in their work.
  • Comprehensive coverage on egress security measures, enhancing skills in TLS-Peeking, TLS-Splicing, and TLS-Bumping, with practical sessions to apply these techniques.
  • In-depth learning on ingress security strategies such as Port Knocking and Port Deception, aimed at fortifying network defenses.
  • Hands-on training in implementing custom sandbox environments using SeLinux, applicable to native processes, containers, or even specific applications.
  • Mastering deception techniques to generate high-value alerts with no false positives within 10 minutes.
From the Expert

Author and Trainer

"My courses are designed not just to teach, but to transform your approach to cybersecurity," states Oliver Ripka.
  • Oliver emphasizes the application of knowledge in real-world settings, preparing you to face modern cybersecurity challenges.
  • All our training sessions avoid using commercial software and leverage well-supported open-source or built-in technologies that are mostly free. If you have existing commercial software or appliances, you can adapt the foundational concepts by leveraging them.
  • Oliver-Tobias Ripka brings over 20 years of practical experience in various IT environments - from small and medium-sized businesses to large corporations and government agencies. He stands out from other trainers through his holistic experience in all areas of IT security.
  • His expertise includes hardening Linux systems in airplanes, courthouses, and banks, as well as securing cloud infrastructures for SMEs. Additionally, he has designed and implemented Security Operation Centers for military clients, conducted risk analyses for government operations centers, and performed audits for critical infrastructures. And of course, he is also well-versed in defending and attacking Active Directory in SMEs and international DAX companies.
  • With his deep knowledge of the current IT security landscape, he offers a broad combination of technical expertise and practical experience. He has worked on the front lines defending against state-sponsored attacks, Advanced Persistent Threats (APTs), and ransomware.
  • Over the years, our trainer has given lectures at various relevant public and invite-only conferences and developed his own forensic software. He has 15 years of experience in the training business and creates high-quality course content with slides, speaker notes, and lab guides. He professionally illustrates concepts with diagrams that make the topics clearer and more understandable. Furthermore, he addresses participant questions in detail and doesn't shy away from any topic. His certifications include the prestigious OSCP and OSCE, as well as CEH, CEI, and AAI.
Content

Syllabus

Labs

Exercises

PingCastle
Purple Knight
Thor Scanner
Velociraptor
Sysinternals
Elastic Search
osquery
Apparmor
Applocker
Fail2ban
Envoy
RITA
Bloodhound
STIGs
Netlimiter
Sysmon
Hayabusa
Atomic Red Teaming
Yara
Sigma
DiY
Early Bird Discount

Booking

Target audience

This course is designed for IT and security professionals seeking to deepen their knowledge and skills in hardening systems against 0-/1-day vulnerabilities across Linux, Windows, Enterprise, Cloud and web applications.
  • Prerequisite: Cybersecurity Basics
    You have already completed relevant courses: Cybersecurity Workshop, CompTIA, EC-Council, ISC2, SANS, Isaca
  • Prerequisite: Programming Experience
    You have a good knowledge of essential programming and scripting languages such as PowerShell, Python, Bash, and JavaScript.
  • Prerequisite: Several Years of Experience
    You have a good knowledge of operating IT systems.
  • Prerequisite: Good English
    Course material only in English
  • Administrators, Security Officers, CISOs, Network Admins
    Responsible for Windows, Linux, Container Orchestration, Cloud, or virtualization

Technical requirements

  • Online training takes place via Zoom. Other conference systems can be used upon request.
  • Web Access to Remote Lab.
  • For on-site courses, an Ethernet connection and a projector are necessary.
Frequently Asked Questions

FAQs

Goal: 4.7/5

Customer Reviews

The trainer had very good technical knowledge, practical experience, and knew what he was talking about.
LM

Lena M. (Network Administrator)

July 16, 2021

Very professional, absolutely confident in every topic discussed. You can tell that there is a lot of practical experience involved.
JS

Johannes S. (System Administrator)

July 12, 2021

Best course I have ever attended. Thank you very much.
AS

Anna S. (SOC Operator)

July 14, 2021

I would highly recommend the speaker, Mr. Ripka. He is extremely competent and experienced, and always responds immediately and in detail to questions.
MW

Max W. (Security Officer)

July 13, 2021

Particularly impressive was how current and realistic cyber attack scenarios were addressed.
SW

Sophie W.

July 15, 2021

The trainer didn't dodge any question and was able to explain and answer all the topics addressed with a lot of background knowledge.
AM

Anna M. (Cybersecurity Specialist)

March 5, 2023

Trainer very competent. Could answer everything ad hoc.
TS

Tobias S. (IT Security Analyst)

June 12, 2024

Mr. Ripka is one of the best trainers I have met in my professional life. He has very broad and deep knowledge. All questions, no matter how difficult, were answered. Top, excellent.
LB

Lisa B. (Network Security Engineer)

September 23, 2023

Extreme knowledge from Oliver! An answer to every single question and always with examples.
MF

Michael F. (Penetration Tester)

November 15, 2024

Mr. Ripka is an absolute expert who is very good at conveying his knowledge.
JW

Julia W. (Security Consultant)

April 7, 2023

Top specialized trainer. It was a pleasure to participate.
SK

Stefan K. (Cyber Defense Specialist)

August 20, 2024

Oliver was very personable and was able to clearly demonstrate his knowledge of the subject. It never happened that he seemed unprepared or similar.
KN

Katharina N. (IT Security Manager)

December 1, 2023

Very good, especially the practical examples of real incidents.
ML

Markus L. (Information Security Officer)

February 14, 2024

It was explained very practically and many practices were shown so that a lot can be implemented in the company and thus greatly increase its security. Best course ever!
LK

Laura K. (Cybersecurity Trainer)

October 5, 2023

Very competent trainer, explanations and references to current topics were excellent. I asked a lot of questions and always received very good answers. Thank you very much.
PH

Paul H. (Information Security Consultant)

July 23, 2024