The document discusses the challenges in IT security education highlighted by significant data breaches and suggests a tutorial framework to improve learning. This framework enables interactive and hands-on experience with real software in a containerized format, catering to trainers, students, and professionals. It emphasizes open-source components, self-guided learning, and easy integration with existing platforms, promoting community involvement.

1. Seattle | September 16-17, 2019
Containerizing IT Security
Knowledge
KRISTÓF TÓTH

2. Seattle | September 16-17, 2019
Something is wrong with security
• 3 billion Yahoo accounts hacked (2016)
• Marriott breach leaks data of 500 million guests (2018)
• Facebook hack leaves 540 million accounts exposed (2019)
• This doesn’t seem right...

3. Seattle | September 16-17, 2019
Why are we failing?
• The amount of programmers is doubling every few years
• ITSec training is still a curiosity at many universities
• Generations of engineers without a proper background in security
• Education is the missing link

4. Seattle | September 16-17, 2019
Tutorial Framework – What?
• Helps you creating interactive learning environments
• Automatically guide the user through topics ...
• ... by making them interact with real software
• A hybrid of training videos and hacking labs
• Accessible through a browser
• Package & ship the whole thing in containers
• TL;DR hacking labs on crack

5. Seattle | September 16-17, 2019
Tutorial demo

6. Seattle | September 16-17, 2019
What is the value?
• ”Smart security sandboxes”
• Self-guided learning without previous knowledge
• Learn by experimenting with real software
• Hands-on experience without a learning curve

7. Seattle | September 16-17, 2019
It’s for you!
• For trainers & teachers
• For students & professionals
• For the community
• Fast & easy development
• No proprietary software involved, all open source
• Independent of the Avatao platform, but allows easy integration

8. Seattle | September 16-17, 2019
You get a set of useful components
• State tracking
• An IDE, console and terminal
• Chat to communicate with user
• Process management, live logs
• And more ...

9. Seattle | September 16-17, 2019
How it works
• Multiple processes running in a container (tini + supervisord)
• Nginx serving an Angular SPA
• Custom IPC daemon
• Used for RPC and event advertisement
• Connected to processes over ZeroMQ
• Connected to frontend over WebSockets

10. Seattle | September 16-17, 2019
IPC daemon
• Simple JSON based message format
• Used for RPC and event advertisement
• Routes messages between ZeroMQ & WebSockets
• Processes can connect to it via:
• ZeroMQ sockets
• POSIX named pipes
• ...

11. Seattle | September 16-17, 2019
IPC daemon

12. Seattle | September 16-17, 2019
How do you use it?
• Built in components use our messaging daemon to communicate
• You can control them via a simple JSON API
• They broadcast relevant events
• Fill a container with the software you need and instrument TFW

13. Seattle | September 16-17, 2019
Framework demo

14. Seattle | September 16-17, 2019
Giving back to the community
• Where can I get it?
• Licensed under the GNU LGPLv3
• Available on GitHub:
• github.com/avatao-content/baseimage-tutorial-framework
• github.com/avatao-content/frontend-tutorial-framework
• github.com/avatao-content/test-tutorial-framework

15. Seattle | September 16-17, 2019
Thank you for listening!
Questions?