The center of Jinhe Plaza is located at the core of Suzhou Industrial Zone, on the east bank of Jinji Lake. Jinhe Plaza is a comprehensive building, including high-end shopping malls, five-star hotels, international Grade A office buildings, and Regus is located on the eleventh floor of the building. As the most famous landmark in Suzhou Financial Center, with its advanced facilities and central location, it has attracted many Fortune 500 companies such as Nokia, Philips and 3M. Jinhe Plaza provides easy access to all major core areas of Suzhou. Metro Line 1 Times Square Station is located on the basement of the building, while the High Speed Rail Station to Shanghai and Nanjing is a 5-minute drive away.
实现安全的网路应用程式可能很困难,即使对于可能事先使用过各种加密构建块(例如加密和数位签名)的开发人员也是如此。为了让参与者了解这些加密原语的作用和用法,首先给出了安全通信的主要要求(安全确认、完整性、机密性、远端识别和匿名)的坚实基础,同时还介绍了可能破坏这些要求的典型问题以及实际解决方案。
由于网路安全的一个关键方面是密码学,因此还讨论了对称密码学、哈希、非对称密码学和密钥协定中最重要的加密演算法。这些元素不是提供深入的数学背景,而是从开发人员的角度进行讨论,展示了与加密使用相关的典型用例示例和实际考虑,例如公钥基础设施。介绍了安全通信的许多领域的安全协定,并深入讨论了最广泛使用的协定系列,例如 IPSEC 和 SSL/TLS。
讨论了与某些加密演算法和加密协定相关的典型加密漏洞,例如 BEAST、CRIME、TIME、BREACH、FREAK、Logjam、Padding oracle、Lucky Thirteen、POODLE 等,以及 RSA 计时攻击。在每种情况下,都会针对每个问题描述实际考虑和潜在后果,同样,无需深入数学细节。
最后,由于 XML 技术是网路应用程式数据交换的核心,因此描述了 XML 的安全方面。这包括在 Web 服务和 SOAP 消息中使用 XML 以及 XML 签名和 XML 加密等保护措施,以及这些保护措施中的弱点和 XML 特定的安全问题,例如 XML 注入、XML 外部实体 (XXE) 攻击、XML 炸弹和 XPath 注入。
参加本课程的学员将
The fact that there were practical examples with the content
Smita Hanuman - Standard Bank of SA Ltd
课程 - Basel III – Certified Basel Professional
Real-life examples.
Kristoffer Opdahl - Buypass AS
课程 - Web Security with the OWASP Testing Framework
Questions, that helps me a lot to understand the characteristics of CRISC examination.
Masakazu Yoshijima - Bank of Yokohama, Ltd.
课程 - CRISC - Certified in Risk and Information Systems Control
The trainer's subject knowledge was excellent, and the way the sessions were set out so that the audience could follow along with the demonstrations really helped to cement that knowledge, compared to just sitting and listening.
Jack Allan - RSM UK Management Ltd.
课程 - Secure Developer .NET (Inc OWASP)
The trainer was extremely knowledgable and helpful. While walking through the exercises, I wasn't rushed and was allowed to make mistakes (to a point) and then help was given to correct to them where needed.
Tim Wilkes - Gamma
课程 - OpenStack Security
讲师拥有非常广泛的知识,并致力于他的工作。他能够让听众对他的课程感兴趣。培训范围完全符合我的期望。
Karolina Pfajfer - EY GLOBAL SERVICES (POLAND) SP Z O O
课程 - MasterClass Certified Ethical Hacker Program
机器翻译
The subject matter was very interesting and was able to relate this to my current role at Vodacom.
Malcolm Frank - Vodacom SA
课程 - Cybersecurity Fundamentals - A Practical Course
Nothing it was perfect.
Zola Madolo - Vodacom
课程 - Android Security
Piotr was incredibly knowledgeable and very patient. He was great at explaining things and I'd strongly recommend this course to others
Victoria Harper
课程 - Open Source Cyber Intelligence - Introduction
The training was excellent, than you Ditmar.
Maria Gagliardi - EY Global Services (Poland) Sp. z o.o.
课程 - CISSP - Certified Information Systems Security Professional
