Workshops & Trainings

Diese Seite ist auch auf Deutsch verfügbar → Deutsche Version

Practical security workshops for development teams with a focus on threat modeling, secure architecture and real-world application scenarios.

Workshop

Threat Modeling for Development Teams

This workshop enables engineering teams to identify security risks early and make better architecture and design decisions — pragmatic, structured and free of buzzwords..

Who is it for?

  • Development teams (backend, frontend, fullstack)
  • Tech leads & senior engineers
  • Software- & Solution-Architekten
  • Technically minded product owners

Why threat modeling?

  • Many security issues are introduced at the architecture and interface level
  • Tools and pentests often come too late
  • A shared security language improves decision-making and delivery

Topics (excerpt)

  • System scope, data flows & trust boundaries
  • Threat categories (e.g., STRIDE applied pragmatically)
  • Risk assessment and prioritization
  • Deriving meaningful mitigations (technical & organizational)
  • Integrating threat modeling into your development lifecycle

Outcomes

  • A structured threat model (risks + priorities)
  • Actionable mitigations and next steps
  • A repeatable approach the team can continue using

Format

  • On-site: 1 or 2 days
  • Remote: e.g., 2× 4 hours
  • Language: English or German
Request workshop
Workshop

Cryptography for Developers

A practical workshop to understand core cryptographic concepts, apply them correctly, and avoid common pitfalls. The fundamentals are language-agnostic; hands-on sessions can be delivered in Java or Python..

Who is it for?

  • Backend and fullstack developers
  • Tech leads & senior engineers
  • Architects working on APIs, identity, or distributed systems
  • Teams with security / compliance requirements

Why this workshop?

  • Crypto is often used without fully understanding the implications
  • Most problems come from wrong assumptions and integration mistakes
  • Better crypto decisions lead to safer APIs, services, and platforms

Topics (excerpt)

  • Symmetric vs. asymmetric crypto: when to use what
  • Hashing vs. encryption vs. encoding (and typical pitfalls)
  • Digital signatures: integrity, authenticity, non-repudiation
  • Key management basics: keys, certificates, trust stores, rotation
  • TLS/HTTPS: what TLS protects — and what it doesn’t
  • Practical debugging and verification using OpenSSL

Hands-on (choose one)

  • Java: CA/JCE, keystore/truststore, signatures, TLS basics
  • Python: hashlib, cryptography, signatures, TLS basics

Outcomes

  • Shared understanding of cryptography within the team
  • Better decisions around TLS, signatures, tokens, and key handling
  • A practical “crypto mistakes” checklist for daily engineering work

Format

  • On-site: 1 day (or 2 days with deeper labs)
  • Remote: e.g., 2× 4 hours
  • English or German
Request workshop

Contact

Just send me a few key details and I’ll get back to you with a concrete proposal.

Send email

or write directly to:
info@increasecurity.com