TLS Training Materials Package for In-house Teams

The Best TLS Training materials can be purchased for your organisation. If you have a large development or sysadmin team, you can get the complete training materials to use within the organisation, so everyone can learn how to better protect your systems.

We will provide complete materials, books, exercises, slides and access to our preconfigured virtual servers.

Contact us for more information and a quote.

All we need to know is how many people there are in your team and we’ll get back to you with a proposal!


Your team will learn how to

  • Understand threats and attacks against encryption
  • Identify real risks that apply to your systems
  • Deploy servers with strong private keys and valid certificates
  • Deploy TLS configurations with strong encryption and forward secrecy
  • Understand higher-level attacks against web applications
  • Use the latest defence technologies, such as HSTS, CSP, and HPKP
  • Learn about key PKI standards and formats
  • Understand where practice differs from theory
  • Analyze certificate lifecycle in detail
  • Evaluate PKI weaknesses and how they affect you
  • Deploy robust protection using public key pinning
  • Learn about what's coming in the future

Each participant will receive

  • Book Bulletproof SSL and TLS
  • The Best TLS Training in the World
    • Exercises
    • Handouts
    • High-resolution slides
  • Internet PKI in Depth
    • Exercises
    • Handouts
    • High-resolution slides
  • Optional - Virtual servers
    • We can provide pre-configured virtual servers on which the participants will do the work. The servers are intentionally misconfigured and it is the task of the participants to make them secure.

Meet the Author

Ivan Ristić is a security researcher, engineer, and author, known especially for his contributions to the web application firewall field and development of ModSecurity, an open source web application firewall, and for his SSL/TLS and PKI research, tools and guides published on the SSL Labs web site.

He is the author of three books, Apache Security, ModSecurity Handbook, and Bulletproof SSL and TLS, which he publishes via Feisty Duck, his own platform for continuous writing and publishing. Ivan is an active participant in the security community and you'll often find him speaking at security conferences such as Black Hat, RSA, OWASP AppSec, and others. His latest project, Hardenize, is a security posture analysis service that makes security fun again.

The Best TLS Training Testimonials

“Very well structured and full of information. Made the subject of TLS genuinely exciting to learn. The quality of the material, the exercises and the handouts was some of the best I've ever seen.”

Chris Bell, Fujitsu

“Very knowledgeable and engaging. Great content, useful lab exercises. Good mix of theory and practical.”

Scott Oakley, HSBC

“Great course. Lots of useful information and practical labs. Flawless lab setup. ”

Tom Griffiths,
Infrasys Technology

Trainer-Led Remote Training

In addition to purchasing the materials, we recommend that the key members of the team attend one of our trainer-led public trainings.

Remote training takes place over four half-days (3.5 hours a day).

We are also available to organise an in-house remote training for up to 16 delegates. Contact us if you require more information!

What You Need to Know

Target audience

This course is for system administrators, developers, and IT security professionals, who want to learn how to protect their systems from eavesdropping and impersonation attacks.


  • Basic Linux command line skills: moving about, invoking commands, editing configuration files.
  • A laptop with a SSH client, which you will only need to connect to your assigned virtual server.
  • You should be comfortable using a Unix editor.

We'll provide you with your own virtual server and a sample web application to work on throughout the course.