“Vulnerability Management” training programme – new for 2021 – virtual learning with experts

Vulnerability management – programme overview

Vulnerabilities, in software and sometimes even in hardware, are open gates attackers can utilize to gain access to private systems and networks. In fact, the situation has become worse: in addition to everything else IT managers and administrators have to deal with, there is a growing concern that a single critical vulnerability if overlooked – it could be exploited later on and create further issues. Vulnerability Management addresses this problem with a systematic approach to make this a reliable and reoccurring process. This module gives an overview of standards, details how to distribute security advisories among your constituency and how to plan an roll out patches in your organisation.

The programme consists of 3 modules:

  • Module 1 “Vulnerability management – overview” – 3 live online sessions took place from 27 May to 10 June 2021. For links to recorded sessions and copies of presentations – see below.
  • Module 2 ” Finding vulnerabilities I – looking into the networks” – 3 live online sessions taking place from 28 June to 05 July 2021. Sessions schedule including short description of each session is available below. Please note that we have to re-schedule the third session of this module -it will now take place on 13 September: we will send a session reminder and a zoom link close to the date.
  • Module 3 “Finding vulnerabilities II – Looking into code” – live online sessions taking place from 14 to 15 September 2021. Please see the sessions schedule below.

Eligibility

The training is open to all GÉANT members and their member organisations.

Who will benefit from attending this training programme?

  • System/network administrators at NRENs or NREN member organisations
  • System administrators at computing centres or NOCs
  • Management personnel tasked with security configuration and maintenance
  • Broader categories of professionals with the interest in these subjects

Pre-requisites

Basic administration knowledge about operating systems and networking should be present.

To register to attend all or selected sessions in this module please click here.

Module 1: Vulnerability Management (overview)- sessions (live online) schedule, links to recorded sessions and copies of presentations.

All sessions are recorded and added to the existing playlist; to access the playlist please click here.

Session titleDate/timePresenter
Vulnerability Management Process & Standards

Session recording is available here.
To access the copy of the presentation – please click here.

Duration – 1 hour and 10 minutes

The task of dealing with vulnerabilities in software, and sometimes even in hardware, has gone from an ad hoc, emergency activity to a continuous, planned task that has become one of the building blocks of reliable, secure systems and networks. This webinar will give an overview of the existing standards and will cover some of the key elements, like CVE and CVSS, in depth, that will be referenced throughout the coming webinars on vulnerability management
27/05/2021
2 pm CEST
Klaus Möller, DFN-CERT
Vulnerability Information – How to gather and distribute security advisories to your constituency

Duration – 1 hour

Session recording is available here
To access the copy of the presentation – please click here


Before one can address with vulnerabilities, one needs to be aware of them: their existence, their consequences, and what to do about them. While CSIRTs and PSIRTs take care of the initial steps in researching and publishing information, the task of actually forwarding this information to the administrators responsible for vulnerable systems, is something that every organisation has to deal with themselves. This webinar will show how this task can be dealt with and what information should be included in a security advisory.
08/06/2021
2 pm CEST
Klaus Möller, DFN-CERT
Patch Management – How to roll out and track security fixes to your systems

Duration – 1 hour

Session recording is available here
To access the copy of the presentation – please click here

‘Patching’ is the name given to the process of replacing vulnerable software with a corrected version. However, the sheer number of patches that has to be applied constantly has led to the requirement to automate and track the application of patches. This webinar will give an overview of the process of applying patches and what tools can be used to automate the task.
10/06/2021
2 pm CEST
Klaus Möller, DFN-CERT

Module 2: “Finding vulnerabilities I – looking into the networks”

Module overview

Scanning for vulnerabilities in your organisations network is considered one of the key aspects of vulnerability management. Different scanning and testing approaches will be covered in this module (3 live online sessions). From scanning the system inside-out or from the outside to simulating actual attacks (pentesting), the attendees will be taken through the introductory steps of conducting and supervising scans and pentests.

Sessions (live online) schedule

All sessions will be recorded and added to the existing playlist, to access the playlist please click here.

Session titleDate/TimePresenter
“Looking into the network – how to scan local systems for
vulnerabilities and misconfigurations”


To access the session recording please click here.
Copy of the presentation is available here.

Duration 1 hour

Today’s systems are so complex that it is almost impossible to run a system without vulnerabilities and misconfigurations. And although there are plenty of benchmarks, baselines and guides available, it is difficult to apply them to the local environment. This webinar will introduce some of the most useful frameworks and tools for local vulnerability scanning.
28/06/21
2 pm CEST
Stefan Kelm, DFN-CERT
Network Vulnerability Scanning – Looking from Afar

To access session recording click here.
To access the copy of the presentation please click here.

Duration 1 hour

In order to stay ahead of the threats to a large infrastructure, it is crucial to maintain a clear picture of whether there are vulnerabilities in the components deployed and, if so, what the vulnerabilities are. Scanning systems through the network is one way of gaining insight into this issue. This webinar will provide an introduction to the concepts of network scanning, its benefits, and its drawbacks, as well as offer some practical examples.
30/06/21
2 pm CEST
Tobias Dussa, DFN-CERT
“Penetration tests – how does your network stand up against real attacks?
Please note revised date – 13/09/21

To access session recording click here
To access the copy of the presentation please click here

Duration 1 hour

No matter how much scanning for vulnerabilities and security process evaluating is done, one question remains: is this really enough against real attacks? Short of experiencing an attack in real life, penetration tests try to answer this question by conducting attacks in a controlled manner. This webinar will give managers and administrators an introduction to the standards and workflow of penetration tests to help in planning and supervising penetration tests carried out on their networks.
13/09/21
2 pm CEST
Klaus Möller, DFN-CERT

Module 3 “Finding vulnerabilities II – looking into the code” from 14 to 19 July 2021. Sessions schedule is outlined below:

Code Audits

To access session recording click here
To access the copy of the presentation please click here

Software without bugs or vulnerabilities doesn’t exist. If your organisation runs software development teams they would be aware of the importance of the secure software development lifecycles and relating subjects. This webinar will introduce some basic concepts as well as tools that help developers to identify bugs before the software goes into production.
14/07/21
2 pm CEST
Stefan Kelm, DFN-CERT
Vulnerability disclosure

To access session recording click here
To access the copy of the presentation please click here

So you have found vulnerabilities in other people’s code. Or other people have found vulnerabilities in your own code. Either way: How to handle the situation? In the long run, trying to keep information about the vulnerability under wraps is unlikely to work, so in this module, we will cover some aspects and strategies of how to approach this issue.
16/07/21
2 pm CEST
Tobias Dussa,
DFN-CERT
Breach and attack simulation – matching attacker behaviour with vulnerabilities
Please note the revised date of this session: 15/09/21

To access session recording click here
To access the copy of the presentation please click here

Breach and Attack Simulation (BAS) is a relatively new approach to vulnerability assessment that goes beyond simple scoring of vulnerabilities by also taking the modus operandi of adversaries into account. This webinar will give an introduction into the topic and present some open source tools to do BAS.
15/09/21
2 pm CEST
Klaus Möller, DFN-CERT

Meet the experts

The training programme is delivered by a team of experts in the field:

Klaus Möller, DFN-CERT – Klaus has been working with DFN-CERT since 1999 as an incident responder, advisory writer, and security consultant. He has developed and carried out numerous trainings in  network security.

Stefan Kelm, DFN-CERT – Stefan has been working in the field of computer security all his professional life, starting back in the early 1990s. He currently is involved in forensics, malware analysis, threat intelligence, and log file analysis.

Tobias (Toby) Dussa, DFN-CERT – Toby has been involved with IT security during his whole entire career.  After fifteen years at KIT, managing KIT-CERT and taking on IT security issues of all kinds, he has joined DFN-CERT in 2020.

The DFN-CERT is the security provider for the German National Research and Education Network, DFN

In the meantime if you have any queries about the programme and/or registration please get in touch with glad@geant.org

Look forward to seeing you soon!