Wednesday, January 8, 2014

ShmooCon Training Replacement

Unfortunately one or trainers had to cancel their training at ShmooCon Epilogue. All tickets have been refunded for that class and I would like to introduce the new training option for ShmooCon Epilogue.

Ticket sales options have already been updated on the ticket sales site so please head over and pick one up!

Hands On Security for Sysadmins

by: Branson Matheson


System administrators often run into interesting conflicts between sysadmin, customer, and IT security needs. These conflicts generally lead to difficulty in achieving a balance between administrative convenience, good customer service, and minimal risk. There are processes or services available that can significantly improve any of these areas; however, many times they are costly or resource intensive. This course is designed for system administrators who want to improve the security posture of their organizations, using IT security standards paired with good system administration practices, resulting in better service, lower risk, and minimal impact to time and budget.
We will walk a path, covering many domains of IT security and enterprise system administration in ways that utilize the interconnection between good system administration practices and security fundamentals. We will discuss recent risks and threats, analyze them with respect to your environment, review possible impacts and develop mitigations that you can apply immediately. Training includes instruction, discussion, many hands-on labs, and a strong dose of common sense.

Attendees should bring a laptop capable of running a Virtual Guest and will be provided a VM in which to work. The class will have access to a test network of systems for training and lab exercises. You will return to your organization with a toolbox of documentation, (mostly) free software, and a good starting point for developing better practices to improve security and system administration.

Who should attend:
Beginning to mid-level system administrators of any stripe with an interest in IT security and a desire to improve their security. It is suggested that participants have experience with the  *nix command line.

Take back to work:  Documentation, tips, tricks, and tools tailored to your environment that can be implemented to improve security posture, processes, and operations in your organization.

Topics include:
 - The relationship between system administration and IT security
 - Security theories, standards and risk mitigation as applied by SA's
 - Information management using Trac and Subversion
 - Good system administration practices that directly improve IT security
 - Basic configuration driven system management using Puppet
 - Host and network auditing, hardening, and monitoring
 - Developing an effective security awareness program

No comments: