Take advantage of a last minute opportunity

Practical TLS - 3-day live class

Wednesday, 12 April 2023
07:00 AM PDT

Your session has expired.

April 12 -- 7a to 2p PST / 10a to 5p EST / 2p to 9p UTC
April 13 -- 7a to 2p PST / 10a to 5p EST / 2p to 9p UTC
April 14 -- 7a to 2p PST / 10a to 5p EST / 2p to 9p UTC

Next week I'm teaching a live, virtual session of my Practical TLS course.

 The class is Guaranteed to Run, and the vendor has authorized me to sell additional seats at a massive discount.  

Given the last minute nature of this, I'm offering access to the live course for $697.  

Normally, seats to this course sell for $2400.  

Take advantage of this last minute deal, it will never be available at this price again.

WHAT YOU GET

3-days of Instructor Lead training with Ed Harmoush

If you thought going through a Practical Networking online course was a great experience, you're going to love the live training experience =)

Free access to Practical TLS ($297 value)

The full, recorded version of the content we will cover. This can be used for additional study or review in the future.

Free access to OpenSSL Training ($40 value)

OpenSSL is the premier toolset to inspect & troubleshoot anything SSL and TLS.
This course comes with a cheat sheet and training series on how to use it.

Live Class Pricing

Practical TLS Live

$697 USD

Buy Now

Full Course Outline

Module 1 – TLS/SSL Overview

  • What is SSL? What is TLS?
  • How do SSL/TLS protect data?
  • Anti-Replay and Non-Repudiation
  • Key Players: Client, Server, Certificate Authority
  • TLS / SSL Versions and evolution through the years

Module 2 – Cryptography

  • Hashing
  • Data Integrity
  • Encryption
  • Public and Private Keys
  • How TLS and SSL use Cryptography
  • Public Key Infrastructure (PKI)
  • RSA
  • Diffie-Hellman (DH)
  • DSA – Digital Signature Algorithm

Module 3 – x509 Certificates and Keys

  • Overview of SSL Process – Part 1
  • What is inside a Certificate?
  • Inspecting a Certificate
  • Certificate Extensions
  • LAB 3.1 – Inspecting the Certificate of your favorite websites
  • What is inside a Private Key file?
  • LAB 3.2 – Matching Certificates to Private Keys
  • What is inside a Certificate Signing Request (CSR)?
  • File Formats (DER, PEM, PFX, PKCS#12)
  • LAB 3.3 – Creating a Certificate Authority and two Signed Certificates
  • LAB 3.4 – File Format Conversions

Module 4 – Security through Certificates

  • Overview of SSL Process – Part 2
  • Certificate Validation
  • Certificate Chains
  • LAB 4.1 – Certificate Chains
  • Basic Constraints
  • Certificate Types (DV, OV, EV)
  • Certificate Revocation
  • Manually Checking Revocation Status
  • LAB 4.2 - Certificate Revocation

    • Module 5 – Cipher Suites

  • Cipher Suites
  • Cipher Suites – Key Exchange protocols (ECDHE, DHE, ECDH, DH, RSA, PSK)
  • Cipher Suites – Authentication protocols (ECDSA, RSA, DSS, PSK)
  • Cipher Suites – Encryption protocols (CHACHA20, AES-256, AES-128, 3DES, RC4, DES, CBC, GCM)
  • Cipher Suites – Hashing protocols (Poly1305, SHA384, SHA256, SHA1, MD5)
  • Cipher Suites – Protocols to Avoid / Accept / Prefer
  • Enumerating Cipher Suites
  • LAB 5.1 – Cipher Suite Enumeration

    • Module 6 – TLS Handshake

  • Records
  • TLS Handshake
  • LAB 6.1 – Inspecting a TLS Handshake in Wireshark
  • TLS Handshake – Ephemeral Diffie-Hellman
  • TLS Handshake – Session Resumption
  • TLS Handshake – Mutual Authentication
  • LAB 6.2 – Inspecting TLS Handshake Variants
  • TLS Extensions
  • Extension: OCSP Stapling
  • Extension: Server Name Indication (SNI)
  • Extension: Session Tickets
  • LAB 6.3 – Inspecting Handshake Extensions
  • Decrypting TLS
  • LAB 6.4 – Decrypting TLS

Module 7 – TLS Defenses

  • Major SSL/TLS Failures over the Years
  • HTTP Strict Transport Security
  • Certificate Authority Authorization
  • Certificate Transparency - Part 1 - Overview
  • Certificate Transparency - Part 2 - Process and Demonstration
  • Certificate Transparency - Part 3 - Merkle Hash Trees

Module 8 – TLS 1.3

  • TLS 1.3 is a major paradigm shift
  • Differences in TLS 1.3 related to Cipher Suites
  • Differences in TLS 1.3 related to TLS Handshake
  • Differences in TLS 1.3 related to Session Renegotiation and Session Resumption
  • Middleboxes and how they complicated TLS 1.3
  • Forward Secrecy
  • Decrypting TLS 1.3 & Full Proxies
  • Key Schedule – Part 1
  • TLS 1.3 Handshake
  • Key Schedule – Part 2
  • TLS 1.3 Session Resumption
  • TLS 1.3 PSK Handshake
  • TLS 1.3 0-RTT
  • TLS 1.3 Extensions Review
  • TLS 1.3 Extensions: Signature Algorithm & Signature Algorithm Cert
  • TLS 1.3 Extensions: Cookie
  • TLS 1.3 Extensions: ALPN – Application Layer Protocol Negotiation
  • TLS 1.3 Extensions: Post Handshake Authentication