Training: Unique Masterclass Winter Q1 2025

Active Enterprise Defense

Focus on what really matters in enterprise defense with 30+ labs dedicated to protection against 0-day and 1-day vulnerabilities, and containing threats through threat modeling, secure architecture, deception, sandboxing, and egress filtering in Windows, Linux, and cloud environments.

This is the ideal next step after mastering the basics in our Cybersecurity Workshop.
30+
labs
32+ hours
of content
AED
Get notified of release
Masterclass in Cybersecurity

What You Will Learn

Master critical security concepts such as isolation, segmentation, and the principle of least privilege to effectively combat 0-day and 1-day cyber attacks. Our Cybersecurity Masterclass prepares interdisciplinary professionals to integrate robust security practices into every aspect of their roles.
Implement Isolation and Segmentation
Learn the significance of isolation and segmentation in preventing cyber attacks, and how these strategies can be implemented within your organization.
Applied Threat Modeling
Learn to identify potential threats and vulnerabilities through comprehensive modeling, enabling proactive security measures.
Cross-platform System Hardening
Use powerful hardening technologies of modern systems: Linux LSMs, WDAC and AppContainer
Reverse Attack Graph Methodology
Employ a reverse graph-walking approach to protect crown jewels by visualizing and fortifying potential breach paths, anticipating attacker strategies.
Architecture Best Practices
Explore best practices in security architecture to strengthen your cybersecurity framework.
Anti-Patterns
Recognize and avoid common cybersecurity anti-patterns that could undermine your security efforts.
Active Defense
Engage in active defense strategies to detect, deter, decept, and mitigate cyber threats in real-time.
Apply the Principle of Least Privilege
Explore the principle of least privilege and its crucial role in maintaining tight security controls and minimizing the potential impact of a breach.
Strategic Enterprise Protection

Business Takeaways

Equip your organization with the knowledge to fend off 0-day and 1-day attacks and comply with GDPR and NIS2 regulations.
Comply with GDPR
Understand the General Data Protection Regulation (GDPR) requirements to safeguard personal data. Learn strategies for data protection impact assessments, consent management, data subject rights fulfillment, and breach notifications to maintain compliance and avoid substantial fines.
Comply with NIS2 Directive
Explore the requirements of the NIS2 Directive aimed at boosting the overall level of cybersecurity across vital sectors like energy, transport, banking, and health. Learn to identify essential and important entities, conduct risk assessments, and establish incident response capabilities.
Protect against 0-day and 1-day attacks
Gain insight into how 0-day and 1-day attacks, among other high-profile breaches, were orchestrated and the crucial steps that could have prevented them.
Mitigate impact of breaches
Learn to implement rigorous security controls across different stages of the Cyber Kill Chain and the MITRE ATT&CK framework, enhancing your ability to prevent, detect, and respond to advanced threats effectively.
Strategic Enterprise Protection

30+ Labs and Case Studies

With a curriculum that includes up to 50% practical experience through labs and exercises, our course delves into essential and advanced security concepts. Each topic is carefully selected to equip participants with both the knowledge and practical skills needed for immediate application in their work.
Egress Security - TLS-Peeking/Splicing/Bumping
Comprehensive coverage on egress security measures, enhancing skills in TLS-Peeking, TLS-Splicing, and TLS-Bumping, with practical sessions to apply these techniques.
Ingress Security - Port Knocking / Deception, Custom Ratelimiting
In-depth learning on ingress security strategies such as Port Knocking and Port Deception, aimed at fortifying network defenses.
Custom Sandboxing with exclusive Apparmor Tooling
Hands-on training in implementing custom sandbox environments using SeLinux, applicable to native processes, containers, or even specific applications.
Deception
Mastering deception techniques to generate high-value alerts with no false positives within 10 minutes.
From the Expert

Author and Trainer

"My courses are designed not just to teach, but to transform your approach to cybersecurity," states Oliver Ripka.
Real-World Impact
Oliver emphasizes the application of knowledge in real-world settings, preparing you to face modern cybersecurity challenges.
Low Cost / Open Source Solutions
All our training sessions avoid using commercial software and leverage well-supported open-source or built-in technologies that are mostly free. If you have existing commercial software or appliances, you can adapt the foundational concepts by leveraging them.
Experience
Oliver-Tobias Ripka brings over 20 years of practical experience in various IT environments - from small and medium-sized businesses to large corporations and government agencies. He stands out from other trainers through his holistic experience in all areas of IT security.
Practical
His expertise includes hardening Linux systems in airplanes, courthouses, and banks, as well as securing cloud infrastructures for SMEs. Additionally, he has designed and implemented Security Operation Centers for military clients, conducted risk analyses for government operations centers, and performed audits for critical infrastructures. And of course, he is also well-versed in defending and attacking Active Directory in SMEs and international DAX companies.
Not only Ransomware
With his deep knowledge of the current IT security landscape, he offers a broad combination of technical expertise and practical experience. He has worked on the front lines defending against state-sponsored attacks, Advanced Persistent Threats (APTs), and ransomware.
Lectures
Over the years, our trainer has given lectures at various relevant public and invite-only conferences and developed his own forensic software. He has 15 years of experience in the training business and creates high-quality course content with slides, speaker notes, and lab guides. He professionally illustrates concepts with diagrams that make the topics clearer and more understandable. Furthermore, he addresses participant questions in detail and doesn't shy away from any topic. His certifications include the prestigious OSCP and OSCE, as well as CEH, CEI, and AAI.
Content

Syllabus

  • Compliance and Certifications
  • Commodity Defenses
  • Agility and Expenditures
  • Products and Technologies
  • First principles
  • Threat Modelling
  • Thinking in Graphs like the attackers
  • Architecture Best Practices
  • Anti-Patterns
  • Active Defense
  • Practical
  • Architecture
  • see blow
Labs

Exercises

  • Securing Enterprise Software at the Edge
  • Baseline security with BSI Basic Protection Compendium and CIS Benchmarks
  • Deep Dive AppArmor for VMs and Containers
  • Profiling with an exclusive script developed by the trainer
  • Optimizing Fail2ban on operating system and application level for pre-attack, enumeration, password-spraying
  • Implementing Portknocking
  • Monitoring with Auditd
  • Defending against 0-day and 1-day attacks at the Edge with nftables
  • Powerful egress restrictions with HTTPS Connect Proxy using Envoy
  • Detecting malware beaconing
  • Ingress deception
  • Defending against 0-day and 1-day attacks at the Edge
  • Egress restrictions
  • Beacon detection
  • Custom rate-limiting solutions
  • Detecting Socks Pivoting with Osquery
  • WMI monitoring with Sysmon
  • Hardening and bypassing Applocker
  • Hardening and Honeypotting ADCS
  • AD audit example with Ping Castle / Purple Knight
  • Complex Cypher queries with Bloodhound
  • Monitoring RDP via Scheduled Task and WMI
  • Implementing PAW and Enterprise Access Model
  • Securing the Windows Host Firewall against Living-off-the-Land attacks
  • VDI-PAW bypass with exclusive Metasploit key-injection module
  • Honeypots and deception in the enterprise using cached credentials, domains, documents
  • Automatically locking smartphones upon theft via custom automation
  • Defending against roasting
  • Privileged Access Workstations for Windows
  • Privileged Access Workstations for Linux
  • Implementing PSPs like LittleSnitch and Netlimiter
  • Jump Hosts and Bastion Hosts
  • Password managers
  • CI/CD according to SLSA Framework
  • Forensics with Zimmerman tools
  • Rapid Eventlog analysis with Hayabusa
  • DFIR with Elastic Search
  • Big Data Enterprise investigation with Velociraptor
  • Triage with Thor scanner and Sysinternals

Tools

PingCastle
Purple Knight
Thor Scanner
Velociraptor
Sysinternals
Elastic Search
osquery
Apparmor
Applocker
Fail2ban
Envoy
RITA
Bloodhound
STIGs
Netlimiter
Sysmon
Hayabusa
Atomic Red Teaming
Yara
Sigma
DiY
Early Bird Discount

Booking

Target audience

This course is designed for IT and security professionals seeking to deepen their knowledge and skills in hardening systems against 0-/1-day vulnerabilities across Linux, Windows, Enterprise, Cloud and web applications.
Prerequisite: Cybersecurity Basics
You have already completed relevant courses: Cybersecurity Workshop, CompTIA, EC-Council, ISC2, SANS, Isaca
Prerequisite: Programming Experience
You have a good knowledge of essential programming and scripting languages such as PowerShell, Python, Bash, and JavaScript.
Prerequisite: Several Years of Experience
You have a good knowledge of operating IT systems.
Prerequisite: Good English
Course material only in English
Administrators, Security Officers, CISOs, Network Admins
Responsible for Windows, Linux, Container Orchestration, Cloud, or virtualization

Technical requirements

Online training takes place via Zoom. Other conference systems can be used upon request.
Web Access to Remote Lab.
For on-site courses, an Ethernet connection and a projector are necessary.
Frequently Asked Questions

FAQs

The course focuses on hardening techniques against 1-day vulnerabilities across Linux, Windows, firewalls, and web applications, covering practical exercises in a lab on scenarios including advanced hardening strategies and defenses against known exploits.
The main goal of the course is to provide participants with a thorough understanding of the design and implementation of secure cyber architecture. Through detailed case studies, participants learn how to plan, implement, and manage effective security measures to protect their networks from advanced threats.
The workshop is designed for IT professionals, system administrators, and security specialists interested in deepening their knowledge and skills in system and application hardening to enhance their IT security awareness.
Participants will receive a certificate of participation, a student guide, and a lab guide in PDF format, as well as access to the lab environment for hands-on practice.
Online training sessions are conducted via Zoom. An access client is required to connect to the lab environment. Other conference systems can be used upon request.
Yes, for in-person courses at your company, an Ethernet connection and a projector are needed.
The course is conducted virtually with an instructor and includes presentations, practical demos, and lab exercises focusing on real-world application and defense strategies.
In the course, "Active Defense" is taught as a strategic approach to proactive defense against cyber attacks. Participants learn how to implement deception strategies, detection mechanisms, and targeted countermeasures to not only detect but also mislead and neutralize attackers.
Deception techniques play a central role in the course and are considered an effective means of increasing security posture. Participants learn how to use deception elements like honeypots, fake network services, and misleading information to detect attackers and understand their strategies.
Yes, the course offers extensive practical exercises, where participants have the opportunity to design their own cyber architectures and implement Active Defense strategies in a simulated environment. This hands-on experience is aimed at deepening the learning and developing directly applicable skills.
Yes, the course is specifically designed for advanced IT professionals who already have basic knowledge in network and system security. It builds on these foundations to develop deeper skills in cyber architecture, Active Defense, and deception techniques. Participants should be familiar with the basic concepts of IT security and interested in deepening their skills in defending against advanced cyber threats.
Online trainings are conducted via Zoom. An access client must be installed for access to the lab environment. Other conferencing systems can be used upon request.
Yes, for onsite courses at your company, Ethernet and a projector are needed.
Goal: 4.7/5

Customer Reviews

The trainer had very good technical knowledge, practical experience, and knew what he was talking about.
LM

Lena M. (Network Administrator)

July 16, 2021

Very professional, absolutely confident in every topic discussed. You can tell that there is a lot of practical experience involved.
JS

Johannes S. (System Administrator)

July 12, 2021

Best course I have ever attended. Thank you very much.
AS

Anna S. (SOC Operator)

July 14, 2021

I would highly recommend the speaker, Mr. Ripka. He is extremely competent and experienced, and always responds immediately and in detail to questions.
MW

Max W. (Security Officer)

July 13, 2021

Particularly impressive was how current and realistic cyber attack scenarios were addressed.
SW

Sophie W.

July 15, 2021

The trainer didn't dodge any question and was able to explain and answer all the topics addressed with a lot of background knowledge.
AM

Anna M. (Cybersecurity Specialist)

March 5, 2023

Trainer very competent. Could answer everything ad hoc.
TS

Tobias S. (IT Security Analyst)

June 12, 2024

Mr. Ripka is one of the best trainers I have met in my professional life. He has very broad and deep knowledge. All questions, no matter how difficult, were answered. Top, excellent.
LB

Lisa B. (Network Security Engineer)

September 23, 2023

Extreme knowledge from Oliver! An answer to every single question and always with examples.
MF

Michael F. (Penetration Tester)

November 15, 2024

Mr. Ripka is an absolute expert who is very good at conveying his knowledge.
JW

Julia W. (Security Consultant)

April 7, 2023

Top specialized trainer. It was a pleasure to participate.
SK

Stefan K. (Cyber Defense Specialist)

August 20, 2024

Oliver was very personable and was able to clearly demonstrate his knowledge of the subject. It never happened that he seemed unprepared or similar.
KN

Katharina N. (IT Security Manager)

December 1, 2023

Very good, especially the practical examples of real incidents.
ML

Markus L. (Information Security Officer)

February 14, 2024

It was explained very practically and many practices were shown so that a lot can be implemented in the company and thus greatly increase its security. Best course ever!
LK

Laura K. (Cybersecurity Trainer)

October 5, 2023

Very competent trainer, explanations and references to current topics were excellent. I asked a lot of questions and always received very good answers. Thank you very much.
PH

Paul H. (Information Security Consultant)

July 23, 2024