Harbor Training

Harbor Labs, a leading software and networking security consulting firm, is leveraging our 20+ years in the industry to provide hands-on training in the most current and relevant security technologies. Members of our team of instructors have been featured as TED speakers and frequent keynote speakers at conferences, and we have many years of experience teaching in university environments.

Our constantly evolving courses immerse students in a simulated, virtualized environment that we created specifically to teach students with varied backgrounds to experiment in a supervised setting to solve real problems.

Our small class sizes and interactive labs give each student an opportunity to work directly with instructors, and our live training exercises provide a learning environment that cannot be achieved online. Our programs are vendor neutral and multi-platform, focusing on tools and techniques that are applicable in any setting. We emphasize technology literacy and build a foundation for deeper understanding of the course topics. Each course includes a certificate of completion.

Each of our two-day courses counts for 12 Continuing Professional Education Credits (CPEs) towards the CISSP or (ISC)2 certifications.

Course Descriptions

CyberSecurity 101 (2 Day; 12 CPEs)

Overview

This course is designed for IT professionals who need to understand cybersecurity. The course examines the threats and the bad actors, examining their motivations and methods. We cover mitigations and what organizations can and should do to protect themselves.

Attendees will learn what to expect when a cybersecurity breach occurs and how to handle various security incidents. We will cover malware such as ransomware and botnets, how to detect and eliminate these and how to cope with new threats and attacks. We'll also study distributed denial of service attacks, how they work, and how to deal with them.

Lectures will include interspersed case studies about topics including Full Disk Encryption (FDE), Security Information and Event Management (SIEMs), multifactor authentication, password managers, forensics, and others.

By the end of the course, you will have a comprehensive understanding of the cybersecurity landscape for enterprises and other organization, as well as literacy in the cybersecurity space.

Topics Covered Include

  • Threats and mitigations
  • Malware (Ransomware & Botnets)
  • Distributed Denial of Service Attacks (DDoS)
  • Insider threat
  • Phishing and Spear Phishing
  • Targeted attacks
  • Network Security
  • Best Practices & Procedures
  • Forensics
  • BYOD Mobile and Cloud
  • Risk Management

Who should attend?

This class is intended for executives, managers and other professionals in industry who need to understand the threats and mitigations present in today's IT systems.

Course Preparation

General audience.

Network Forensics using Wireshark (2 Day; 12 CPEs)

Overview

Network forensics can be generally defined as monitoring a network for anomalous traffic and intrusions, and analyzing captured network traffic to reconstruct the underlying semantics. Wireshark is a free, multi-platform network packet capture and analysis tool. It has become the standard bearer for network analysis. Wireshark enables you to troubleshoot hundreds of network protocols including the entire TCP/IP suite (e.g., DNS, HTTP, and SMTP). The packet-centric approach of Wireshark is not limited to protocol troubleshooting, it is also useful for performing network forensic analysis.

In this course, you will become intimately familiar with Wireshark as we perform a live network analysis on a simulated network (i.e., virtualized network). In particular, we provide in-class instruction on the setup, configuration, and use of Wireshark, as well as in-class activities that further explore these concepts. We also provide a variety of network packet captures that will guide you through the retroactive analysis of an unknown network.

Once you have become comfortable with Wireshark, we will describe a set of network attacks and the tools that perform them. Working in small groups, you will use these tools to perform a network attack that another group will analyze in real-time. The goal is for every student to successfully perform a network attack and identify an attack using Wireshark.

The course concludes with an active capture the flag exercise.

Topics Covered Include

  • Wireshark
  • PCAP files
  • Network protocol analysis
  • Live packet capture, retroactive analysis
  • TCP/IP and popular application-layer protocols (e.g., HTTP)
  • MITM (man-in-the-middle)
  • DNS injection
  • ARP cache poisoning
  • Charles Proxy

Who should attend?

This class is intended for anyone who wants to learn about how network protocols work in the context of hands-on network packet analysis. The students should be familiar with basic networking and TCP/IP, with the concept of network layering, and with how to use a standard application user interface.

Course Preparation

General IT knowledge or Computer Science background. Laptop required.

Cryptography in Practice (2 Day; 12 CPEs)

Overview

This course will teach you the language and practice of modern cryptographic methods and how it is used in the real world today. You will gain first-hand understanding of such topics as digital certificates, encryption, signatures, hashing, and when each type of algorithm is appropriate. We will examine applications such as disk encryption, secure email and key management, certificate generation and administration, and others.

Lectures will help you understand the applications and limitations of cryptography and guide you through process of understanding the often dense language used to describe cryptographic methods. We will not only explain the meaning of terms like "RSA," "AES," and "Diffie-Hellman," but will show how the algorithms themselves are deployed in the real world. What are running time and performance considerations? What key length is best under what circumstances? Which standards should I deploy? What off the shelf, approved standards are best and most appropriate for my application? To answer these questions, we will take a broad look at key NIST standards.

The class will also examine cryptographic policy including the encryption debate that pits law enforcement against civil libertarians, as well as exploring issues around export restrictions of cryptography.

You will also learn how to utilize cryptographic libraries to understand the basic building blocks that are used to protect data. By the end of the course, you will feel comfortable conversing about cryptography, and you will understand the proper applications of all of the most important cryptographic protocols and algorithms.

Topics Covered Include

  • Need for Cryptography
  • Crypto Policy
  • Fundamental Language around Cryptography
  • Basics of Cryptographic Algorithms
  • Applications of Cryptography
  • Digital Certificates
  • NIST standards and recommendations
  • Secure Cryptographic Protocols
  • Key Management

Who should attend?

This class is intended for anyone interested in modern cryptographic methods or anyone working in a technical field. This includes, but is not limited to, managers, programmers or system and network administrators. A background in computer science or similar field will be helpful.

Course Preparation

General IT knowledge or Computer Science background.

Securing a Small Enterprise (2 Day; 12 CPEs)

Overview

This course teaches a network or system administrator, or someone who has fallen into that role the fundamental steps needed to secure an enterprise or an organization.

Attendees will learn how to make informed decisions for tasks such as picking the right service providers, securing network infrastructure, scanning for signs of a breach, and dealing with a breach when it happens.

We discuss tradeoffs such as whether to outsource to a cloud provider or to keep operations in house, whether to use managed services to monitor your network or to run the tools yourself. We also cover how such tools work and how to use them.

The course covers mobile device management and BYOD, and how they relate to securing your organization. We survey available technologies, and study how they can impact security and usability.

By the end of the course, you will have an understanding of all of the security considerations facing your organization today, and you will know what you need to consider to implement the information assurance protocols and procedures to protect your network, systems and data.

Topics Covered Include

  • Managing border security (Firewalls)
  • Securing hosts and servers
  • Remote Access and VPNs
  • Infrastructure Monitoring (SIEMS)
  • Cloud and Mobile Device Management
  • Logging and Audit
  • Regulatory Issues and Compliance
  • Email and Messaging Services
  • Security Wireless Networks

Who should attend?

This class is intended for anyone in charge of securing an organization or who wants to understand the issues involved in such an undertaking.

Course Preparation

A basic understanding of networking. General IT knowledge or Computer Science background, system administration experience helpful. Laptop required.

In addition to these four courses, other immersive hands-on courses on Securing Windows/Mac/Linux and Penetration Testing are in development. Harbor Training can also develop specialized courses targeting executives or technical staff that we can bring to your organization by request. For more information about our courses, please contact .

Our Classrooms

Harbor Training offers courses in various training classrooms throughout the DC area in Baltimore, Columbia, and in Washington DC. We also perform training on site for clients that have classroom space.

For more information about private group training (corporate or government) contact

Harbor Training Instructors

Dr. Avi Rubin is the founder of Harbor Labs and Harbor Training. He is also a Professor of Computer Science and Technical Director of the Information Security Institute at Johns Hopkins University. His Ph.D. from the University of Michigan is in the area of Applied Cryptography and Computer Security. Dr. Rubin has been teaching Information Security for over 24 years and has an extensive background in Cryptography and Information Security. He is a frequent keynote speaker at industry and academic conferences, and he delivered widely viewed TED talks in 2011 and 2015. A former Fulbright Scholar, Dr. Rubin testified about information security before the U.S. House and Senate on multiple occasions, and he is the author of several books about computer security. In January, 2004 Baltimore Magazine named Rubin a Baltimorean of the Year for his work in safeguarding the integrity of our election process, and he is also the recipient of the 2004 Electronic Frontiers Foundation Pioneer Award.

Dr. Paul Martin is a Research Scientist at Harbor Labs and a member of the Upsilon Pi Epsilon International Computer Science Honor Society. His Ph.D. from Johns Hopkins University is in the area of Computer System and Network Security. He has taught applied cryptography, reverse engineering, computer architecture, hardware hacking, and vulnerability analysis at the university level. His research interests include embedded systems security, operating system security, vulnerability analysis, reverse engineering, network protocol analysis, anomaly detection and big-data security analytics.

Dr. Michael Rushanan is a Research Scientist at Harbor Labs and a member of the Upsilon Pi Epsilon International Computer Science Honor Society. His Ph.D. from Johns Hopkins University is in the area of Computer System and Network Security. His teaching experience includes courses on modern cryptography and hardware hacking. His research interests include systems security, health IT security, privacy, and applied cryptography. His hobbies include embedded system design and implementation (e.g., Arduino and Raspberry Pi), mobile application development (i.e., iOS and Android), and programming.

Gabriel Kaptchuk is a Research Associate at Harbor Labs, a doctoral student in Computer Science at Johns Hopkins University, and a member of the Upsilon Pi Epsilon International Computer Science Honor Society. His experience includes teaching security and cryptography. His research interests include applied cryptography, network security, and hardware security.

David Russell is a Research Associate at Harbor Labs and a Computer Science doctoral student at Johns Hopkins University. He holds a B.S. in Computer Engineering from Johns Hopkins where he helped teach a course about programmable devices.

About Harbor Labs

Harbor Training was spun out of Harbor Labs, a computer security consulting company. Harbor Labs was founded by a Computer Science professor to offer expertise and training in software and networking security to our clients. Our three primary focus areas are security evaluations and audit, assistance with regulatory compliance, and expertise and testimony in software and networking related litigation. Please visit www.harborlabs.com to learn more.

Health Records Security Avi Rubin talked about a breach of records systems at several U.S. health care companies, which resulted in nearly 3.5 million records being compromised.