Harbor Training

Harbor Labs, a leading software and networking security consulting firm, is leveraging our 20+ years in the industry to provide hands-on training in the most current and relevant security technologies. Members of our team of instructors have been featured as TED speakers and frequent keynote speakers at conferences, and we have many years of experience teaching in university environments.

Our constantly evolving courses immerse students in a simulated, virtualized environment that we created specifically to teach students with varied backgrounds to experiment in a supervised setting to solve real problems.

Our small class sizes and interactive labs give each student an opportunity to work directly with instructors, and our live training exercises provide a learning environment that cannot be achieved online. Our programs are vendor neutral and multi-platform, focusing on tools and techniques that are applicable in any setting. We emphasize technology literacy and build a foundation for deeper understanding of the course topics. Each course includes a certificate of completion.

Each of our two-day courses counts for 12 Continuing Professional Education Credits (CPEs) towards the CISSP or (ISC)2 certifications.

Course Descriptions

Securing Medical Devices (1 Day)


This course provides the foundation for the secure design and implementation of the core cybersecurity technologies found in clinical, therapeutic and diagnostic medical devices. Taught by instructors with extensive backgrounds in secure medical device design and implementations, coursework will also include cyber-related regulatory compliance, HIPAA guidance, and secure network integration with EHR and other healthcare data repositories and services.

Participants will be presented with common medical device exploit categories and industry best practices for implementing defenses against common vulnerabilities. The coursework will explore secure architectures for medical device firmware, including cryptographic primitives, encryption functions and sound key management practices. Secure communications protocols for both wired and wireless networking, and integration with cloud endpoints, will also be reviewed.

Who should attend?

This class is intended for technology professionals involved with the development and support of medical device firmware, user space software, networking protocols and associated hardware components.

Course Preparation

General familiarity with medical device architectures and functions.

Topics Include

  • Security Nuances of Private, Semi-Private and Open Networks
  • Common Medical Device Exploits
  • Secure Design & Implementation
  • Encryption Functions
  • Key Management
  • Secure EHR Integration
  • Secure Network Protocols

Executive Crash Course in Cybersecurity (1/2 Day)


President Trump's May 11, 2017 Executive Order on CyberSecurity calls for heads of agencies to be held accountable for risk management as well as IT and data security in their organizations. The Executive Order further calls on agencies to implement the NIST Risk Management Framework for CyberSecurity. Executives in industry are being held to the same standard.

There is an increasing trend in industry for accountability at the top, and now more than ever executives need to understand the risks of CyberSecurity threats and the best mitigations available. We will review the NIST framework in a straightforward and accessible presentation. The crash course will cover how to maximize prevention of breaches and ransomware, how to deal with these incidents when they happen, and provide a general level of literacy and understanding of the most important CyberSecurity issues.

Topics Covered Include

  • NIST Risk Mitigation Framework
  • Managing CyberSecurity Requirements
  • Evaluating Organizational CyberSecurity
  • Managing a CyberSecurity Program
  • Training your Employees in Cyber Hygiene
  • Maintaining an Understanding of CyberSecurity Risk
  • Reporting of CyberSecurity Risks
  • Understanding Threats
  • Handling a Cyber crisis

Who should attend?

This class is intended for executives, board members, managers and other professionals in industry who are accountable for a large organization's CyberSecurity risk.

Course Preparation

General audience.

Basic Cybersecurity Awareness (1 Day)


This course is required learning for employees who use computers or mobile devices in an enterprise. Participants learn basic computer hygiene - the dos and don'ts of security. The course is primarily geared towards a non-technical audience whose members find themselves in an increasingly complex and hostile online environment. We focus on actionable guidance on how to protect personal and corporate assets including data, systems and mobile devices.

Is it safe to connect to a public WifI network? Is it okay to click on this link in my email? Is there a virus on my computer? How do I protect sensitive files in my organization? How private is my smartphone communication? We answer these and many other questions related to day to day operations of computer and mobile systems in today's enterprise environments.

Topics Covered Include

  • Identity theft
  • Passwords
  • Email security/Phishing
  • Smartphone/Tablet security
  • Ransomware & backups
  • Handling sensitive data
  • Brand protection
  • Security on social media
  • "Free" Public Wi-Fi
  • Insider Threat
  • Denial of service

Who should attend?

This class is intended for anyone who works in an office and uses a computer and/or a smartphone or tablet.

Course Preparation

No prerequisites.

CyberSecurity 101 (2 Day; 12 CPEs)


This course is designed for IT professionals who need to understand cybersecurity. The course examines the threats and the bad actors, examining their motivations and methods. We cover mitigations and what organizations can and should do to protect themselves.

Attendees will learn what to expect when a cybersecurity breach occurs and how to handle various security incidents. We will cover malware such as ransomware and botnets, how to detect and eliminate these and how to cope with new threats and attacks. We'll also study distributed denial of service attacks, how they work, and how to deal with them.

Lectures will include interspersed case studies about topics including Full Disk Encryption (FDE), Security Information and Event Management (SIEMs), multifactor authentication, password managers, forensics, and others.

By the end of the course, you will have a comprehensive understanding of the cybersecurity landscape for enterprises and other organization, as well as literacy in the cybersecurity space.

Topics Covered Include

  • Threats and mitigations
  • Malware (Ransomware & Botnets)
  • Distributed Denial of Service Attacks (DDoS)
  • Insider threat
  • Phishing and Spear Phishing
  • Targeted attacks
  • Network Security
  • Best Practices & Procedures
  • Forensics
  • BYOD Mobile and Cloud
  • Risk Management

Who should attend?

This class is intended for executives, managers and other professionals in industry who need to understand the threats and mitigations present in today's IT systems.

Course Preparation

General audience.

Cybersecurity for Applications Developers (2 Day; 12 CPEs)


This course provides hands-on training on securing web applications and avoiding common pitfalls that lead to vulnerable systems. Students will learn about common cybersecurity errors in application development as we describe and demonstrate problem areas in applications. We utilize a running example of an application in a web application framework that we designed with some common vulnerabilities. We will perform a vulnerability analysis and source code analysis. In the hands-on labs, we will learn to discover the vulnerabilities, to fix them, and to avoid them in the future.

The course also covers browser security issues, correct use and configuration of such protocols as TLS, and handling of certificates. We will study common attacks such as XSS, CSRF, and SQL injection and learn how to build applications that are resistant to these and other attacks. Finally, we will cover secure coding practices for developers, contrasting good and bad code examples.

Topics Covered Include

  • Web Application Development
  • Cybersecurity Design Life Cycles
  • Secure Configuration and Policy Management
  • Proper Implementation of Cryptographic Protocols (SSL/TLS)
  • Authentication
  • Web-based Attacks
  • Secure Coding Practices
  • Vulnerability Assessment
  • Browser Security

Who should attend?

This class is intended for anyone who wants to learn about how to include security requirements in the software development life cycle and how to properly configure, test, and deploy applications that include popular and well-regarded security mechanisms. The students should be familiar with at least one common web application frameworks.

Course Preparation

General application development knowledge or Computer Science background. Familiarity with web application development and web application containers.

Network Forensics using Wireshark (2 Day; 12 CPEs)


Network forensics can be generally defined as monitoring a network for anomalous traffic and intrusions, and analyzing captured network traffic to reconstruct the underlying semantics. Wireshark is a free, multi-platform network packet capture and analysis tool. It has become the standard bearer for network analysis. Wireshark enables you to troubleshoot hundreds of network protocols including the entire TCP/IP suite (e.g., DNS, HTTP, and SMTP). The packet-centric approach of Wireshark is not limited to protocol troubleshooting, it is also useful for performing network forensic analysis.

In this course, you will become intimately familiar with Wireshark as we perform a live network analysis on a simulated network (i.e., virtualized network). In particular, we provide in-class instruction on the setup, configuration, and use of Wireshark, as well as in-class activities that further explore these concepts. We also provide a variety of network packet captures that will guide you through the retroactive analysis of an unknown network.

Once you have become comfortable with Wireshark, we will describe a set of network attacks and the tools that perform them. Working in small groups, you will use these tools to perform a network attack that another group will analyze in real-time. The goal is for every student to successfully perform a network attack and identify an attack using Wireshark.

The course concludes with an active capture the flag exercise.

Topics Covered Include

  • Wireshark
  • PCAP files
  • Network protocol analysis
  • Live packet capture, retroactive analysis
  • TCP/IP and popular application-layer protocols (e.g., HTTP)
  • MITM (man-in-the-middle)
  • DNS injection
  • ARP cache poisoning
  • Charles Proxy

Who should attend?

This class is intended for anyone who wants to learn about how network protocols work in the context of hands-on network packet analysis. The students should be familiar with basic networking and TCP/IP, with the concept of network layering, and with how to use a standard application user interface.

Course Preparation

General IT knowledge or Computer Science background. Laptop required.

In addition to these four courses, other immersive hands-on courses on Securing Windows/Mac/Linux and Penetration Testing are in development. Harbor Training can also develop specialized courses targeting executives or technical staff that we can bring to your organization by request. For more information about our courses, please contact .

Our Classrooms

Harbor Training offers courses in various training classrooms throughout the DC area in Baltimore, Columbia, and in Washington DC. We also perform training on site for clients that have classroom space.

For more information about private group training (corporate or government) contact

Harbor Training Instructors

Dr. Avi Rubin is the founder of Harbor Labs and Harbor Training. He is also a Professor of Computer Science and Technical Director of the Information Security Institute at Johns Hopkins University. His Ph.D. from the University of Michigan is in the area of Applied Cryptography and Computer Security. Dr. Rubin has been teaching Information Security for over 24 years and has an extensive background in Cryptography and Information Security. He is a frequent keynote speaker at industry and academic conferences, and he delivered widely viewed TED talks in 2011 and 2015. A former Fulbright Scholar, Dr. Rubin testified about information security before the U.S. House and Senate on multiple occasions, and he is the author of several books about computer security. In January, 2004 Baltimore Magazine named Rubin a Baltimorean of the Year for his work in safeguarding the integrity of our election process, and he is also the recipient of the 2004 Electronic Frontiers Foundation Pioneer Award.

Dr. Paul Martin is a Research Scientist at Harbor Labs and a member of the Upsilon Pi Epsilon International Computer Science Honor Society. His Ph.D. from Johns Hopkins University is in the area of Computer System and Network Security. He has taught applied cryptography, reverse engineering, computer architecture, hardware hacking, and vulnerability analysis at the university level. His research interests include embedded systems security, operating system security, vulnerability analysis, reverse engineering, network protocol analysis, anomaly detection and big-data security analytics.

Dr. Michael Rushanan is a Research Scientist at Harbor Labs and a member of the Upsilon Pi Epsilon International Computer Science Honor Society. His Ph.D. from Johns Hopkins University is in the area of Computer System and Network Security. His teaching experience includes courses on modern cryptography and hardware hacking. His research interests include systems security, health IT security, privacy, and applied cryptography. His hobbies include embedded system design and implementation (e.g., Arduino and Raspberry Pi), mobile application development (i.e., iOS and Android), and programming.

Katie Chang is a Research Associate at Harbor Labs. She earned B.S. and M.S. degrees in Computer Science from the Johns Hopkins University. Her experience and interests include code analysis, software development, security reviews, and reverse engineering.

Gabriel Kaptchuk is a Research Associate at Harbor Labs, a doctoral student in Computer Science at Johns Hopkins University, and a member of the Upsilon Pi Epsilon International Computer Science Honor Society. His experience includes teaching security and cryptography. His research interests include applied cryptography, network security, and hardware security.

David Russell is a Research Associate at Harbor Labs and a Computer Science doctoral student at Johns Hopkins University. He holds a B.S. in Computer Engineering from Johns Hopkins where he helped teach a course about programmable devices.

About Harbor Labs

Harbor Training was spun out of Harbor Labs, a computer security consulting company. Harbor Labs was founded by a Computer Science professor to offer expertise and training in software and networking security to our clients. Our three primary focus areas are security evaluations and audit, assistance with regulatory compliance, and expertise and testimony in software and networking related litigation. Please visit www.harborlabs.com to learn more.

Health Records Security Avi Rubin talked about a breach of records systems at several U.S. health care companies, which resulted in nearly 3.5 million records being compromised.