$300 – $700

Linux Security Hardening For Developers

Event Information

Share this event

Date and Time

Location

Location

Devhub

46 Spadina Avenue

Suite 400

Toronto, ON M5V 2H8

Canada

View Map

Refund Policy

Refund Policy

Refunds up to 7 days before event

Event description

Description

This one day workshop will focus on practical security measures you can start applying to your servers right away. After a brief introduction to the various types of vulnerabilities and exploits in the wild, we'll focus on a real-world example of a software stack running on Amazon's AWS.

We will split our efforts into three major areas of focus:

1. How do we secure a group of servers talking to each other

2. Security at the individual server layer

3. How do we keep our custom applications secure

We'll help you get set-up on Amazon's AWS and provide access for the duration of the workshop.

Course Overview:

1) How to create security boundaries in your applications using Amazon's Virtual Private Cloud, Security Groups and Subnets. We will get to the bottom of how the data flows between each components of our application stack and also gain hands-on experience with Amazon's VPC.

You'll learn:

- Private / Public Subnets

- NAT Gateways

- Security Groups

- SSH Bastion servers

2) Next we will turn our attention to each individual server. We will learn about automatic security updates, SSH server configuration, security audits using Lynis, AuditD (Kernel auditing framework), secure Kernel flags etc. In this section we will also look at hardening Nginx web/reverse proxy since it's such a common component of a typical web app stack.

You'll learn:

- How to pick a Linux distribution

- Intrusion Detection

- File Integrity Checks

- Rootkit scanners

- AuditD

- AppArmor

3) Application specific vulnerabilities are very hard to protect with automated off-the-shelf tools. In this section we will look at setting up a Web Application Firewall using Nginx and see how that can protect a badly / vulnerable application from a hack.

You'll learn:

- CSP Headers

- ModSecurity w/ OWASP

- Kali Linux and Metasploit

- Buffer/Heap/Stack Overflow Exploits

Coffee, tea and lunch will be included.

Requirements / Prerequisites

  • Working knowledge of the of the Linux command line.

  • Basic knowledge of the TCP/IP Stack

  • Basic knowledge of Software architecture. You should be able to reason about databases, web / application servers and how they all fit together.

Don't have the pre-requisites? Here is how you can get them!

For a basic understanding of TCP / IP read this article http://bit.ly/2I8JI2z

For Linux console commands check out this Github page: https://gist.github.com/alkavan/746547

Or for a tutorial on Linux, check out a tutorial https://ryanstutorials.net/linuxtutorial/

To learn the basics about software architecture, to go Wikipedia




Taught By:

Razvan Draghici is a seasoned full stack / devops developer who currently runs a boutique cloud hosting company, Cosmo Cloud. If he's not in front of a computer you'll most likely find him dirt biking through the forests and swamps of Southern Ontario.


This workshop is presented by Devhub, Canada's only co-working space for software developers and programmers. In this new series of workshops, Devhub is stepping into the educational space with a set of events aimed at expanding the skill sets of developers, both experienced and beginner.

Share with friends

Date and Time

Location

Devhub

46 Spadina Avenue

Suite 400

Toronto, ON M5V 2H8

Canada

View Map

Refund Policy

Refunds up to 7 days before event

Save This Event

Event Saved