Become a HeroLab Professional

23. October 2018

usd Launches Student Training Program for Security Analysis & Pentests

Two student classes completed the five-day “Summer School” training program in September. The program has been specifically designed for students working at usd by experienced usd security experts. It was held at the CST Academy.

The program is based on a basic IT security training with a focus on security analysis & pentests, practical exercises and a final exam. The basic training covers the requirements for a pentest, the procedures and processes. In numerous practical exercises, the participating students also gained sound insights into professional pentesting and were familiarized with usd internal tools and processes. This training block focused on vulnerabilities at the system level, e.g. in connection with common protocols such as TLS, HTTP, SNMP, etc.

During the final exam, the students were able to prove their acquired knowledge in teams. The examination result was a final pentest report according to usd quality standards. All participants were issued a certificate attesting to successful participation in the Summer School.

The two weeks ended with a two-day joint team workshop with all students and usd pentest professionals. Lectures and best practices as well as joint practical exercises were part of the workshop.

We are excited about the newest additions to our usd HeroLab Team.

Also interesting:

usd AG Partner to PCI SSC GEAR 2022-2024

usd AG Partner to PCI SSC GEAR 2022-2024

The PCI Security Standards Council (PCI SSC) has reappointed usd AG to the Global Executive Assessor Roundtable (GEAR). Since 2018, the GEAR has enabled a direct exchange between PCI assessors and the PCI Security Standards Council (PCI SSC). Every two years, leading...

Security Advisory for CleverReach

Security Advisory for CleverReach

The analysts at usd HeroLab examined CleverReach as part of their security analyses. This revealed a vulnerability in the  Authentication Bypass Using an Alternate Path or Channel, which was reported to the manufacturer as part of the Responsible Disclosure...

Categories

Categories