Home Riscure培训课程

Riscure培训课程

It is only possible to deliver robust hardware and software when security is part of your development process. To test your products you can use the specialized tools and services of Riscure. To embed security in your product lifecycle, you need to invest in your talent. Riscure Training Academy helps your development team accelerate the learning of the latest attack and mitigation techniques. We achieve this by adding three main ingredients to every course: a view from an attacker’s perspective, detailed knowledge of the security landscape relevant for your industry, management and collaboration approaches to deliver secure software and devices. Our courses condense years of experience of our security team, hundreds of successful security evaluation projects and in-depth research on device security to deliver exactly these three requirements to your company and your development team.

Our online courses are accessible 24/7 for individual booking (payment with Paypal on our training portal). Course access is typically 30 days, so as a learner, you can cover the training material at your own pace. Please note that our public online courses, as well as additionally available material can be provided as a separate learning portal for your company. The courses are also available as independent SCORM compliant packages, so they can be integrated with your own learning portal as part of a corporate learning agreement.

Fault injection for smartcards

Understand how fault injection attacks can circumvent security measures and learn how to mitigate problems.

Fault injection for embedded systems

Understand how fault injection attacks are applied to embedded systems and learn how to mitigate problems.

Side Channel Analysis

Learn to apply side channel analysis to evaluate the SCA robustness of your chip and its countermeasures

HCE security certification master class

The result of 50+ security evaluation projects related to HCE and TEE based payment solutions and certification brings you the essential knowledge about HCE security challenges and solutions.

Memory corruption issues in C

Most software developers know what a buffer overflow is. But there is no shortage of such coding mistakes in all types of software. We have created a course specifically to help developers address this problem.

Deep Learning for Side Channel Analysis

Learn how to use neural networks to evaluate both private and public key crypto algorithms.

Essential Side Channel Analysis

Regardless of your background, this training is designed to help you understand what makes Side Channel Analysis easy and what makes it difficult.

Advanced Side Channel Analysis

Upgrade your SCA skills to a whole new level. This additional course is aimed at developers and security professionals with existing Side Channel knowledge.

Essential Fault Injection

Closely connected with SCA know-how, the Fault Injection experience this training empowers your team with the complete knowledge of hardware security techniques.

Advanced Fault Injection

Advanced FI explores the topic of hardware security in deeper detail for experienced professionals. A practical hands-on course brought by the leading developer of SCA/FI tools.

Embedded Systems Security

Device security starts here. The Embedded Systems Security training is a primer for hardware and software security, a must-have course to obtain the essential knowledge on how to build robust devices.

Embedded Security for Automotive

In this training you will look at an automotive solution from an attacker’s perspective. You will learn how ECUs can be hacked, and identify ways to apply this knowledge to your product and make it more robust.

Deep Learning for Side Channel Analysis

Deep Learning for SCA is a practical training to help you speed up your side channel analysis routine.

Secure Code Development Bootcamp

This training helps your development team to adopt the best security practices by sharing a hacker’s mindset. Look at your software from a different perspective, understand how it can be hacked and identify ways to mitigate a coding error before it happens.

Hardening Secure Boot Workshop

Protect the most important security asset of your embedded hardware product. Harden your secure boot implementation against logical and fault injection attacks.

ARM Reverse Engineering

Extract data structures, language constructs and identify typical vulnerability patterns from compiled code by combining static and dynamic analysis techniques.

Introduction to Software Exploitation

Don’t hunt for vulnerabilities! Deploy mitigation techniques that make your embedded software more robust even when a coding mistake happens.

Introduction to Smartcard Security

Specifically designed for smart card vendors, card issuers including banks and governmental bodies, this training covers the most important topics of smartcard security.

Booking details

您可以通过访问课程目录和相关的培训页面直接在线预定您的开放式培训。 点击“获取此课程”注册。 我们接受通过Paypal或主要信用卡的付款。

预订后,您会收到我们的注册确认。 发票将被分别发送到注册邮箱。 请注意,私人和荷兰的公司将收到一张包含荷兰增值税的发票。

一旦注册,您将可以访问培训学院门户网站,从而可以访问您注册的所有课程,以及在课程日期接近之前有关课程的更多详细信息。

对于现场,定制或更大型的集体培训,请联系Riscure的销售人员,您当地的经销商,或发送电子邮件至trainingacademy@riscure.com。 我们经常在客户所在地进行现场培训,我们很乐意接受。 但请注意,我们需要为我们的培训师收取差旅和住宿费用。 现场培训还要求最小参与人数,以确保培训的有效性。

For on-site, custom or larger group training, please contact your Riscure sales person, your reseller, or email us, trainingacademy@riscure.com. We often get requests for on-site training in a customer’s location, which we are happy to accommodate. Note however, that we then do need to charge travel and accommodation costs for our trainer(s). On-site training also requires a minimum seat attendance per course to ensure the training is effective.

培训包含的内容

Riscure提供午餐,咖啡/茶,饮料和培训材料。 在实践课程中我们会提供相应的设备,包括培训计算机,培训卡/设备和设备。

相关文件(视频,演示,文件)可能会在培训学院门户网站或在培训地点的课程中提供给用户。

完成课程后,学员将收到Riscure培训证书。

Our trainers

 

Rafael Boix Carpi 

“打破东西是有趣的,但帮助人们了解要修复的东西,并使他们能够计划如何开始修复东西更好。 这正是我们在培训课程中所做的。“

 

高级安全分析师兼培训师,自2013年起加入Riscure 公司。他毕业于西班牙巴伦西亚大学计算机科学工程学院。此外,他也拥有电信工程硕士学位,以及网络和操作系统专业化课程。

他的专业领域包括嵌入式设备和智能卡的侧信道分析和故障注入,以及低级嵌入式系统协议。在他的贡献中,拉斐尔在全球多个会议(CCC camp 2015, PANDA 2016, ChinaCrypt 2015, SPACE 2015, Crypto Summerschool 2017, 2015 and 2014, …)上做主题发言,并且在多篇研究论文中撰写和合作关于故障注入的话题(更多点击这里)。

Rafael对信息安全,软件开发,硬件黑客和嵌入式设备感兴趣。基本上把任何带有芯片的设备拆开,直到泄露它的秘密,并愿意分享如何去做。

培训课程:侧信道分析,故障注入

高级SCA以及FI,嵌入式系统安全,智能卡安全

Ana Mafalda Monteiro Oliveira Cortez

 

“预防胜于寻求治疗!”

Ana Mafalda Monteiro Oliveira Cortez自2015年起担任Riscure的安全分析师。获得波多黎各大学微电子与嵌入式系统专业硕士学位(FEUP)和Technische Universiteit Delft(代尔夫特理工大学)硬件安全专业博士学位。 她擅长的领域包括硬件芯片安全和集成电路,智能卡和片上系统的故障注入和侧信道分析。 另外,她是一名经验丰富的CC评估者。

培训课程:嵌入式系统安全

Krzysztof Okupski

 

Krzysztof自2015年起担任Riscure的安全分析师。获 埃因霍温科技大学(TU / e)信息安全技术硕士学位。 在日常工作中,他对支付和内容保护市场的TEE解决方案进行安全评估。 Krzysztof在空闲时间喜欢解决CTF的挑战。

 

培训课程:软件漏洞,嵌入式系统漏洞,识别以及代码强化

 

Maurice Aarts

“如果没有攻破,就更加努力……”

 

Maurice Aarts自2013年起担任Riscure安全分析师,自2014年底以来一直活跃在Host Card Emulation(HCE)市场。Morice拥有荷兰埃因霍温技术大学(TU / e)信息安全技术专业硕士学位。 作为安全分析师,他在与支付市场,EMV,HCE和可信执行环境(TEE)相关的项目上进行了广泛的工作。 除了故障注入,代码审查,逆向工程和开发知识之外,Maurice还拥有Android生态系统,智能卡,NFC / RFID以及EMVC和CC评估方面的经验。

培训课程:HCE安全认证专家课程