For the last two weeks, I have given a course on security incidents in the Universidad Politécnica de Valencia. The course, with title ‘Before and after it happens’ tried to explain what is a security or business continuity incident, how to detect them in systems, how to solve them and most importantly: how to notify them.
The course has been the sea of interest for the type of students (to call them in some way since we were all combing) that have attended, almost all of the University’s operators already familiar with Security Incidents, so it has become an exchange of ideas and anecdotes. The index has been more or less as follows:
As you will see, not only have we given the most theoretical part of what a security incident is how to detect or prevent it, but We have also entered the most technical part to perform a small safety audit to the machines of our network and then power bastion Securize them to protect them in a way that malote I can’t exploit vulnerabilities… or at least it’s as complicated as possible.
And, well, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know, you know,
I don’t know if you can recognize it, but the rocky of that third slide is Guile, from Street Fighter: D
The practical part It always gets more fun, first we comment a little how the current vulnerabilities go on the Internet, how they were a few years ago and we try to scan a Linux system and a Windows XP which by definition have to have vulnerabilities. This part is cool because they try to sneak into different sites and discover new security vulnerabilities of the systems then fortify them and the others can’t get away.
The point is that, between laughter, anecdotes, captious questions and several gossip, we have spent the 20 hours of training where we have all learned something. As I have told them, they have made me feel at home… or better yet, I hope there are more editions of this course and we can repeat the experience.
