Thematic CERN School of Computing on Security 2022
from
Sunday, June 19, 2022 (11:00 AM)
to
Saturday, June 25, 2022 (12:00 PM)
Sunday, June 19, 2022
11:00 AM
Registration
Registration
11:00 AM - 12:30 PM
12:45 PM
Lunch
Lunch
12:45 PM - 1:30 PM
2:00 PM
Registration
Registration
2:00 PM - 4:00 PM
4:00 PM
Welcome to the CERN School of Computing
-
Sebastian Lopienski
(
CERN
)
Welcome to the CERN School of Computing
Sebastian Lopienski
(
CERN
)
4:00 PM - 4:20 PM
4:20 PM
Self-presentation: 1 minute per person
Self-presentation: 1 minute per person
4:20 PM - 5:00 PM
5:15 PM
Visit of Split old town
Visit of Split old town
5:15 PM - 7:00 PM
7:15 PM
Outside Welcome Dinner
Outside Welcome Dinner
7:15 PM - 8:00 PM
Monday, June 20, 2022
8:45 AM
Opening Session
-
Sebastian Lopienski
(
CERN
)
Opening Session
Sebastian Lopienski
(
CERN
)
8:45 AM - 9:45 AM
9:45 AM
Security in research and scientific computing
-
Stefan Lueders
(
CERN
)
Security in research and scientific computing
(Introduction)
Stefan Lueders
(
CERN
)
9:45 AM - 10:45 AM
* computer security: past, present and future * current risk landscape * most common threats and attack vectors * "why are we here?"
10:45 AM
Coffee break
Coffee break
10:45 AM - 11:15 AM
11:15 AM
Announcements
Announcements
11:15 AM - 11:30 AM
11:30 AM
Security operations - lecture 1
-
Sven Gabriel
(
Nikhef
)
Security operations - lecture 1
(Introduction)
Sven Gabriel
(
Nikhef
)
11:30 AM - 12:30 PM
* security operations: history, CERT vs. CSIRT * CSIRT organisation and provided services * preparations: asset management, security monitoring etc. * incident response readiness * lessons learned from past incidents
12:45 PM
Lunch
Lunch
12:45 PM - 1:30 PM
1:30 PM
Study time and/or daily sports
Study time and/or daily sports
1:30 PM - 2:45 PM
2:45 PM
Security operations - lecture 2
-
Sven Gabriel
(
Nikhef
)
Security operations - lecture 2
(Introduction)
Sven Gabriel
(
Nikhef
)
2:45 PM - 3:45 PM
* security operations: history, CERT vs. CSIRT * CSIRT organisation and provided services * preparations: asset management, security monitoring etc. * incident response readiness * lessons learned from past incidents
3:45 PM
Coffee break
Coffee break
3:45 PM - 4:00 PM
4:00 PM
Identity, authentication, authorisation
-
Hannah Short
(
CERN
)
Identity, authentication, authorisation
(Track 1: Protection and prevention)
Hannah Short
(
CERN
)
4:00 PM - 5:00 PM
* authentication and authorisation for distributed research * federated identities, identity assurance, trust * SSO, OpenID, multifactor authentication, certificates, SAML, OAuth2 authentication tokens etc. * dealing with compromised identities
5:00 PM
Security architecture
-
Barbara Krašovec
(
ISJ
)
Security architecture
(Track 1: Protection and prevention)
Barbara Krašovec
(
ISJ
)
5:00 PM - 6:00 PM
* how to design and provide secure computing infrastructure * hardware and OS security, system hardening * configuration management, DevSecOps, monitoring * secure network design, network segmentation, IPv6 security
6:00 PM
Network design - exercise
-
Barbara Krašovec
(
ISJ
)
Network design - exercise
(Track 1: Protection and prevention)
Barbara Krašovec
(
ISJ
)
6:00 PM - 7:00 PM
7:15 PM
Dinner at MEDILS
Dinner at MEDILS
7:15 PM - 8:00 PM
Tuesday, June 21, 2022
8:45 AM
Risk and vulnerability management
-
Sven Gabriel
(
Nikhef
)
Risk and vulnerability management
(Track 1: Protection and prevention)
Sven Gabriel
(
Nikhef
)
8:45 AM - 9:45 AM
* risk analysis and risk mitigation * vulnerability lifecycle, monitoring, scanning * CVE, CVSS, CPE, CWE and related standards * special cases: vulnerable hardware, EOL systems etc.
9:45 AM
Virtualisation and cloud security
-
Barbara Krašovec
(
ISJ
)
Virtualisation and cloud security
(Track 1: Protection and prevention)
Barbara Krašovec
(
ISJ
)
9:45 AM - 10:45 AM
10:45 AM
School photo
School photo
10:45 AM - 10:50 AM
10:50 AM
Coffee break
Coffee break
10:50 AM - 11:15 AM
11:15 AM
Announcements
Announcements
11:15 AM - 11:30 AM
11:30 AM
Logging and traceability
-
David Crooks
(
UKRI STFC
)
Logging and traceability
(Track 2: Detection)
David Crooks
(
UKRI STFC
)
11:30 AM - 12:30 PM
* host-based logs (system and application level), network monitoring * the importance of central logging * tools and technologies * data privacy, dealing with personal and sensitive data, log retention * traceability challenges
12:45 PM
Lunch
Lunch
12:45 PM - 1:30 PM
1:30 PM
Study time and/or daily sports
Study time and/or daily sports
1:30 PM - 2:45 PM
2:45 PM
Student lightning talks
Student lightning talks
(Additional talks)
2:45 PM - 3:45 PM
3:45 PM
Coffee break
Coffee break
3:45 PM - 4:00 PM
4:00 PM
Intrusion detection with SOC: threat intelligence, monitoring, integration and processes
-
David Crooks
(
UKRI STFC
)
Intrusion detection with SOC: threat intelligence, monitoring, integration and processes
(Track 2: Detection)
David Crooks
(
UKRI STFC
)
4:00 PM - 5:00 PM
* indicators of compromise (IoCs), threat intelligence sharing, TLP protocol * tools and technologies: MISP, Zeek, OpenSearch etc. * deploying a Security Operation Center * security incidents: detecting and alerting
5:00 PM
Introduction to web penetration testing
-
Sebastian Lopienski
(
CERN
)
Introduction to web penetration testing
(Track 1: Protection and prevention)
Sebastian Lopienski
(
CERN
)
5:00 PM - 6:00 PM
* web application security, typical web vulnerabilities * ethical hacking * introduction to pentesting
6:00 PM
Penetration testing - exercises
-
Sebastian Lopienski
(
CERN
)
Penetration testing - exercises
(Track 1: Protection and prevention)
Sebastian Lopienski
(
CERN
)
6:00 PM - 7:00 PM
7:15 PM
Dinner at MEDILS
Dinner at MEDILS
7:15 PM - 8:00 PM
Wednesday, June 22, 2022
8:45 AM
Container security
-
Daniel Kouřil
(
CESNET
)
Container security
(Track 1: Protection and prevention)
Daniel Kouřil
(
CESNET
)
8:45 AM - 9:45 AM
* key concepts of containers (namespaces, cgroups etc.) and Docker * container security, threat landscape * vulnerability and patch management
9:45 AM
Container security - exercises
-
Daniel Kouřil
(
CESNET
)
Container security - exercises
(Track 1: Protection and prevention)
Daniel Kouřil
(
CESNET
)
9:45 AM - 10:45 AM
10:45 AM
Coffee break
Coffee break
10:45 AM - 11:15 AM
11:15 AM
Announcements
Announcements
11:15 AM - 11:30 AM
11:30 AM
Intrusion detection with SOC: deployment and operation
-
David Crooks
(
UKRI STFC
)
Intrusion detection with SOC: deployment and operation
(Track 2: Detection)
David Crooks
(
UKRI STFC
)
11:30 AM - 12:30 PM
* indicators of compromise (IoCs), threat intelligence sharing, TLP protocol * tools and technologies: MISP, Zeek, OpenSearch etc. * deploying a Security Operation Center * security incidents: detecting and alerting
12:45 PM
Lunch
Lunch
12:45 PM - 1:30 PM
1:30 PM
Outdoor excursion
Outdoor excursion
1:30 PM - 7:00 PM
7:15 PM
Outside dinner
Outside dinner
7:15 PM - 8:00 PM
Thursday, June 23, 2022
8:45 AM
Digital forensics: essentials and data acquisition
-
Daniel Kouřil
(
CESNET
)
Digital forensics: essentials and data acquisition
(Track 3: Response)
Daniel Kouřil
(
CESNET
)
8:45 AM - 9:45 AM
9:45 AM
Incident response: policies and procedures
-
Romain Wartel
(
CERN
)
Incident response: policies and procedures
(Track 3: Response)
Romain Wartel
(
CERN
)
9:45 AM - 10:45 AM
* incident management and coordination * Sirtfi and trust frameworks * communication with local users, external communities, and other stakeholders * working with law enforcement * privacy aspects
10:45 AM
Coffee break
Coffee break
10:45 AM - 11:15 AM
11:15 AM
Announcements
Announcements
11:15 AM - 11:30 AM
11:30 AM
Digital forensics: data analysis
-
Daniel Kouřil
(
CESNET
)
Digital forensics: data analysis
(Track 3: Response)
Daniel Kouřil
(
CESNET
)
11:30 AM - 12:30 PM
12:45 PM
Lunch
Lunch
12:45 PM - 1:30 PM
1:30 PM
Study time and/or daily sports
Study time and/or daily sports
1:30 PM - 2:45 PM
2:45 PM
Responding to security incidents as a community
-
Romain Wartel
(
CERN
)
Responding to security incidents as a community
(Track 3: Response)
Romain Wartel
(
CERN
)
2:45 PM - 3:45 PM
* incident management and coordination * Sirtfi and trust frameworks * communication with local users, external communities, and other stakeholders * working with law enforcement * privacy aspects
3:45 PM
Coffee break
Coffee break
3:45 PM - 4:00 PM
4:00 PM
Intrusion detection with SOC - exercises
-
David Crooks
(
UKRI STFC
)
Intrusion detection with SOC - exercises
(Track 2: Detection)
David Crooks
(
UKRI STFC
)
4:00 PM - 7:00 PM
* indicators of compromise, threat intelligence sharing, TLP protocol * tools and technologies * deploying a Security Operation Center * detecting security incidents
7:15 PM
Dinner at MEDILS
Dinner at MEDILS
7:15 PM - 8:00 PM
8:00 PM
Special evening talk: Ransomware - and much more!
-
Romain Wartel
(
CERN
)
Special evening talk: Ransomware - and much more!
(Additional talks)
Romain Wartel
(
CERN
)
8:00 PM - 9:00 PM
This is not about ransomware. It's about (double) extortion!
Friday, June 24, 2022
8:45 AM
Digital forensics - exercises
-
Daniel Kouřil
(
CESNET
)
Digital forensics - exercises
(Track 3: Response)
Daniel Kouřil
(
CESNET
)
8:45 AM - 10:15 AM
10:15 AM
Coffee break
Coffee break
10:15 AM - 10:30 AM
10:30 AM
Introduction to forensics - exercises
Introduction to forensics - exercises
(Track 3: Response)
10:30 AM - 11:45 AM
11:45 AM
Announcements
Announcements
11:45 AM - 12:00 PM
12:00 PM
Penetration testing - exercise debriefing
-
Sebastian Lopienski
(
CERN
)
Penetration testing - exercise debriefing
(Track 1: Protection and prevention)
Sebastian Lopienski
(
CERN
)
12:00 PM - 12:30 PM
12:45 PM
Lunch
Lunch
12:45 PM - 1:30 PM
1:30 PM
Study time
Study time
1:30 PM - 2:15 PM
2:15 PM
Exam
Exam
2:15 PM - 3:00 PM
3:00 PM
Coffee break
Coffee break
3:00 PM - 3:15 PM
3:15 PM
Incident response - exercise
-
Romain Wartel
(
CERN
)
Incident response - exercise
(Track 3: Response)
Romain Wartel
(
CERN
)
3:15 PM - 6:15 PM
* incident management and coordination * Sirtfi and trust frameworks * communication with local users, external communities, and other stakeholders * working with law enforcement * privacy aspects
6:30 PM
Closing Session
-
Sebastian Lopienski
(
CERN
)
Closing Session
Sebastian Lopienski
(
CERN
)
6:30 PM - 7:30 PM
7:45 PM
Outside Closing Dinner
Outside Closing Dinner
7:45 PM - 8:30 PM
Saturday, June 25, 2022
8:45 AM
Departure
Departure
8:45 AM - 10:45 AM