➤ Single Sign-On |
---|
SSO 1 – Introduction to Single Sign-On: OAuth and OpenID Connect |
SSO 2 – Single Sign-On Security: OAuth and OpenID Connect |
SSO 3 – OAuth 2.1 and OpenID Connect – Master Class >> NEW |
SSO S – Single Sign-On Security: SAML |
Back to Overview – IT Security Training >> |
Single Sign-On Security: SAML
Your Benefits
In this interactive training, you will learn the security best practices for SAML-based single sign-on systems.
- Understand how attackers steal SAML tokens and the resulting risks.
- Take the right actions to protect your service and identity providers against cyber attacks.
- Protect your SAML systems from attackers unauthorized access and data theft.
- Convince your customers with state-of-the-art security technologies such as Holder-of-Key (HoK).
Possible Training Contents
We work with you to select the specific topics in advance in order to provide your team with the greatest possible benefit.
- Introduction
- XML Parsing (DOM vs. SAX)
- XML Schema
- Extensible Stylesheet Language (XSLT)
- Document Type Definition
- XML (External) Entity Attacks
- XML-specific Denial-of-Service Attacks
- SAML-based Single Sign-On
- XML Signature
- Web Browser SSO Profile
- Attacks on SAML Service Providern
- Replay Attacks
- Signature Exclusion
- XML Signature Wrapping (XSW)
- Certificate Faking and Injection Angriffe
- Covert Redirect Attacks
- Anttacks on SAML Identity Provider SAML
- SAML Secure Bindings
- Apply the knowledge you have acquired to your own applications
Target Audience
This training is intended for people who want to build and maintain secure SAML systems.
This course is helpful for, among others:
- Identity management administrators
- Identity provider and client developers
- Penetration testers and security researchers
To participate, you will need a computer and a remote desktop client (RDP) to complete the interactive exercises.
Booking Options
Customized training options for you or your team.
Whether fixed date, team online training or classroom training, we adapt to your wishes.
Contact us for the training you require to receive an individual and non-binding offer.
Send the registration form or your individual booking request directly to Dr. Christian Mainka:
Your Contact for This IT Security Training
Dr. Christian Mainka | Department Single Sign-On
christian.mainka@hackmanit.de
* All prices excl. VAT