Focus on: 
Back to Conference View
Login

Thematic CERN School of Computing on Security 2025

Data controller
CSC team/CERN
computing.school@cern.ch
Privacy notice
Europe/Zagreb
Cosener's House

Cosener's House

15-16 Abbey Cl, Abingdon OX14 3JD, United Kingdom
Alberto Pace (CERN), Kristina Gunne (CERN), Andrzej Nowicki (CERN)
Description

The 16th Thematic CERN School of Computing (tCSC security 2025) will take place on April 6-12 2025. The theme of the school is "Security of research computing infrastructures" - see the academic programme for more details. 

The school is proposed to people working in academia and research institutes, who as part of their job need to ensure security and resilience of computing resources they manage, and want to be prepared to detect and handle possible security incidents.

This school is organized by CERN in collaboration with the UK Research and Innovation, Science and Technologies Facilities Council (UKRI STFC) The school will take place in Abingdon and will be hosted in The Cosener's house, located in the grounds of the medieval Abbey of Abingdon, eight miles from Oxford.

Applications are open!

Important Dates

  • January 31st 2025- applications closing at midnight
  • February 14th 2025 - invitations sent to the selected participants
  • March 7th 2025 - registration fee payment deadline
  • Sunday 6 April - Saturday 12 April 2025 - the school

                 

poster_a4.pdf
CERN School of Computing
Registration
Applications
Register
  • Sunday 6 April
    • 15:00 17:00
      Registration 2h
    • 17:00 17:20
      Welcome to the CERN School of Computing 20m
    • 17:20 18:00
      Self-presentation: 1 minute per person 40m
  • Monday 7 April
    • 09:00 09:45
      Opening Session 45m
      Speakers: Alberto Pace (CERN), Sebastian Lopienski (CERN)
    • 09:45 10:45
      Security in research and scientific computing 1h
      • computer security: past, present and future
      • current risk landscape
      • most common threats and attack vectors
      • "why are we here?"
      Speaker: Stefan Lueders (CERN)
    • 10:45 11:00
      Announcements 15m
    • 11:00 11:30
      Coffee break 30m
    • 11:30 12:30
      Identity, authentication, authorisation 1h

      • An introduction to the concepts of Identity, Authentication, and Authorization
      • Authentication and authorisation for distributed research
      • Methods for communicating authentication and authorization: Certificates, SAML, OAuth
      • How these technologies fit within research infrastructures

      Speaker: Mr Tom Dack
    • 12:30 13:15
      Lunch 45m
    • 13:15 14:45
      Study time and/or daily sports 1h 30m
    • 14:45 15:45
      Security architecture fundamentals 1h

      Security architecture fundamentals
      • fundamental security principles
      • develop skills to be a security architect
      • how to design and provide secure computing infrastructure
      • security standards and frameworks
      • physical security
      • network security: segmentation, firewalls, VPNs

      Speaker: Barbara Krašovec (IJS)
    • 16:00 16:15
      Coffee break 15m
    • 16:15 17:15
      Security operations - lecture 1 1h
      • security operations: history, CERT vs. CSIRT
      • CSIRT organisation and provided services
      • preparations: asset management, security monitoring etc.
      • incident response readiness
      • lessons learned from past incidents
      Speaker: Sven Gabriel
    • 17:15 18:15
      Security operations - lecture 2 1h
      • security operations: history, CERT vs. CSIRT
      • CSIRT organisation and provided services
      • preparations: asset management, security monitoring etc.
      • incident response readiness
      • lessons learned from past incidents
      Speaker: Sven Gabriel
    • 18:15 19:15
      Network design - exercise 1h
      Speaker: Barbara Krašovec (ISJ)
    • 19:15 20:00
      Dinner at Cosener´s house 45m
  • Tuesday 8 April
    • 08:45 09:45
      Virtualisation and cloud security 1h

      Virtualisation and cloud security
      • virtualisation security fundamentals
      • cloud service models
      • authentication and key management
      • data security in the cloud
      • DevSecOps
      • security in private and public cloud
      • common threats in the cloud
      • security tools

      Speaker: Barbara Krašovec (IJS)
    • 09:45 10:45
      Risk and vulnerability management 1h
      • risk analysis and risk mitigation
      • vulnerability lifecycle, monitoring, scanning
      • CVE, CVSS, CPE, CWE and related standards
      • special cases: vulnerable hardware, EOL systems etc.
      Speaker: Sven Gabriel
    • 10:45 11:00
      Announcements 15m
    • 11:00 11:05
      School photo 5m
    • 11:05 11:30
      Coffee break 25m
    • 11:30 12:30
      Logging and traceability 1h
      • host-based logs (system and application level), network monitoring
      • the importance of central logging
      • tools and technologies
      • data privacy, dealing with personal and sensitive data, log retention
      • traceability challenges
      Speaker: David Crooks (UKRI STFC)
    • 12:30 13:15
      Lunch 45m
    • 13:15 14:45
      Study time and/or daily sports 1h 30m
    • 14:45 15:45
      Intrusion detection with SOC: threat intelligence, monitoring, integration and processes 1h
      • indicators of compromise (IoCs), threat intelligence sharing, TLP protocol
      • tools and technologies: MISP, Zeek, OpenSearch etc.
      • deploying a Security Operation Center
      • security incidents: detecting and alerting
      Speaker: David Crooks (UKRI STFC)
    • 15:45 16:15
      Coffee break 30m
    • 16:15 17:15
      Student lightning talks 1h
    • 17:15 18:15
      Introduction to web penetration testing 1h
      • web application security, typical web vulnerabilities
      • ethical hacking
      • introduction to pentesting
      Speaker: Sebastian Lopienski (CERN)
    • 18:15 19:15
      Penetration testing - exercises 1h
      Speaker: Sebastian Lopienski (CERN)
    • 19:15 20:00
      Dinner at Cosener´s house 45m
  • Wednesday 9 April
    • 08:45 09:45
      Container security 1h
      • key concepts of containers (namespaces, cgroups etc.) and Docker
      • container security, threat landscape
      • vulnerability and patch management
      Speaker: Daniel Kouřil (CESNET)
    • 09:45 10:45
      Container security - exercises 1h
      Speaker: Daniel Kouřil (CESNET)
    • 10:45 11:00
      Announcements 15m
    • 11:00 11:30
      Coffee break 30m
    • 11:30 12:30
      Intrusion detection with SOC: deployment and operation 1h
      • indicators of compromise (IoCs), threat intelligence sharing, TLP protocol
      • tools and technologies: MISP, Zeek, OpenSearch etc.
      • deploying a Security Operation Center
      • security incidents: detecting and alerting
      Speaker: David Crooks (UKRI STFC)
    • 12:30 13:15
      Lunch 45m
    • 13:15 18:45
      Outdoor excursion 5h 30m
  • Thursday 10 April
    • 08:45 09:45
      Digital forensics: essentials and data acquisition 1h

      digital evidence handling
      data acquisition (live systems, storage etc.)
      data analysis (OS, file system, network, executables etc.)
      reporting

      Speaker: Daniel Kouřil (CESNET)
    • 09:45 10:45
      Defensible security architecture: how to implement security principles 1h

      • data security
      • endpoint security: hardware, host, OS, BMC security, system hardening
      • application security
      • future security trends

      Speaker: Barbara Krašovec (IJS)
    • 10:45 11:00
      Announcements 15m
    • 11:00 11:30
      Coffee break 30m
    • 11:30 12:30
      Digital forensics: data analysis 1h
      Speaker: Daniel Kouřil (CESNET)
    • 12:30 13:15
      Lunch 45m
    • 13:15 14:45
      Study time and/or daily sports 1h 30m
    • 14:45 15:45
      Incident response management 1h

      • incident management and coordination
      • incident analysis and investigation
      • communication with stakeholders
      • containment and eradiction
      • recovery
      • lessons learnt

      Speaker: Barbara Krašovec (IJS)
    • 15:45 16:15
      Coffee break 30m
    • 16:15 19:00
      Intrusion detection with SOC and AAI - exercises 2h 45m
      • indicators of compromise, threat intelligence sharing, TLP protocol
      • tools and technologies
      • deploying a Security Operation Center
      • detecting security incidents
      Speakers: David Crooks (UKRI STFC), Mr Tom Dack
    • 19:15 20:00
      Dinner at Cosener´s house 45m
  • Friday 11 April
    • 08:45 10:15
      Digital forensics - exercises 1h 30m
      Speaker: Daniel Kouřil (CESNET)
    • 10:15 10:30
      Coffee break 15m
    • 10:30 11:45
      Introduction to forensics - exercises 1h 15m
      Speaker: Daniel Kouřil
    • 11:45 12:00
      Announcements 15m
    • 12:00 12:30
      Penetration testing - exercise debriefing 30m
      Speaker: Sebastian Lopienski (CERN)
    • 12:30 13:15
      Lunch 45m
    • 13:15 14:15
      Study time 1h
    • 14:15 15:00
      Exam 45m
    • 15:00 16:30
      Incident response - exercise 1h 30m
      • incident management and coordination
      • Sirtfi and trust frameworks
      • communication with local users, external communities, and other stakeholders
      • working with law enforcement
      • privacy aspects
      Speakers: Dr David Crooks (UKRI STFC), Romain Wartel (CERN), Sebastian Lopienski (CERN), Mr Tom Dack
    • 16:30 16:45
      Coffee break 15m
    • 16:45 18:00
      Incident response - exercise 1h 15m
      • incident management and coordination
      • Sirtfi and trust frameworks
      • communication with local users, external communities, and other stakeholders
      • working with law enforcement
      • privacy aspects
      Speakers: Dr David Crooks (UKRI STFC), Romain Wartel (CERN), Sebastian Lopienski (CERN), Mr Tom Dack
    • 18:00 18:45
      Closing Session 45m
      Speaker: Alberto Pace (CERN)
    • 19:30 21:15
      Outside Closing Dinner 1h 45m
  • Saturday 12 April
    • 08:45 10:45
      Departure 2h
Powered by Indico v3.3.6-pre