Red Hat Project Security Engineers Haim Krasniker, Or Asaf, and Luiza Nacshon recently led the first Red Hat Beyond-Cyber-01 course with MTA (The Academic College of Tel Aviv-Yaffo). Beyond-Cyber-01 provides undergraduates the opportunity to learn fundamentals in security. The course took place in the Ra’anana Red Hat Office, which allowed teachers and students to conduct group work face to face.
The course is part of Red Hat’s Beyond Program, created by Liora Milbaum, Senior Principal Software Engineer, and Irit Goihman, Manager, Software Engineering. The goal of Beyond-Cyber-01, a new course led by Krasniker, is for students to develop an understanding of the offensive and defensive sides of cybersecurity and apply many of those hands-on principles. Students worked in teams guided by mentors.
During each class session, a new type of vulnerability was introduced by one of the mentors. The course covered some of the most common vulnerabilities, such as SQL injection, cross-site scripting, buffer overflows, and cryptography attacks. Each session included team presentations, lectures by mentors, and group work in teams with mentor support. Through homework assignments, students were presented with a vulnerable code that had to be exploited and explained in a write-up and presentation. Once the code was exploited, students had to mitigate the vulnerability by doing a pull request to fix it. Through the week, the teams worked together, conducted research, and applied what they learned to solve the homework, which presented different and more complex versions of the material practiced in class. Learn more about the students’ final solutions in the Beyond GitHub repository.
Beyond-Cyber-01 provides new learning opportunities for students to build real world skills. The first course of the Beyond Program, Beyond OS, provides students the opportunity to experience how practical development works in industry while using open source software principles and collaborative teamwork. This class has been offered six times since the program launched.