heise online has announced a new training workshop focused on securing application programming interfaces (APIs) against common vulnerabilities outlined in the OWASP Top 10 list. The workshop aims to provide participants with practical knowledge and hands-on experience in identifying and mitigating security risks associated with APIs. This initiative highlights growing concerns about the increasing number of cyber threats targeting API endpoints, which serve as critical communication channels between clients and servers. The workshop will take place in a virtual environment where attendees can simulate real-world attacks and learn how to defend against them effectively. Participants will analyze typical weaknesses based on the OWASP Top 10 API Security Risks, including issues related to authentication and authorization using protocols such as OAuth 2.0 and OpenID Connect. They will also explore measures to protect against injection attacks and data leaks. With a maximum of twelve participants per session, the workshop ensures personalized attention and ample opportunity for discussion and question-asking. The event is scheduled for September 25, 2026, and runs from 9:00 AM to 5:00 PM. Attendees who register before July 28, 2026, will receive a 10 percent early bird discount. The workshop is led by two experienced security experts from codecentric AG, Lucy Jochum and Robin Kappler. Both have extensive backgrounds in conducting web penetration tests and responding to security incidents. Their expertise comes from real-world projects, allowing them to share insights into recognizing and addressing common API vulnerabilities. Participants are encouraged to attend if they work with API development and wish to enhance their understanding of security practices. While prior knowledge of API development is beneficial, it is not mandatory. The workshop promises to deliver actionable solutions that can be directly applied to ongoing development projects. In addition to this API security workshop, heise online has also introduced another training program focused on hardening Active Directory environments. Active Directory serves as the central component of many corporate networks and thus represents an attractive target for cyberattacks. This workshop provides comprehensive guidance on systematically securing Active Directory setups, emphasizing the identification and remediation of potential security risks. Attendees will gain hands-on experience using audit tools such as PingCastle alongside offensive tools like PowerView and BloodHound to detect and analyze vulnerabilities within their network infrastructure. Practical exercises will allow participants to conduct audits independently, identify typical misconfigurations, and implement appropriate hardening measures. These activities aim to deepen understanding of secure authentication methods while analyzing specific attack scenarios. This three-day online workshop is set to run from August 19 to 21, 2026, followed by another session from November 4 to 6, 2026. Early registration discounts apply until July 22, 2026, for the first session and October 7, 2026, for the second. Led by Thomas Kudlacek, a cybersecurity specialist at Oneconsult AG, the workshop draws upon his diverse professional background as both a former software developer and long-term IT security consultant. Kudlacek brings valuable insight into how Active Directory environments are typically attacked in practice, highlighting frequently occurring weaknesses and demonstrating effective ways to address these issues. His approach includes providing concrete examples, proven methodologies, and immediately applicable recommendations tailored to each participant's unique situation. The workshop caters specifically to administrators looking to engage more deeply with attack scenarios and seeking to strengthen their on-premise Active Directory configurations. Due to its limited group size—capped at ten participants—it fosters close interaction among attendees and with the trainer itself. This setup ensures that all individuals benefit from direct engagement and thorough discussions regarding their particular challenges and requirements.
3 reports
heise onlineIndependentCenterFactual 100Objective 10013 days ago heise-offer: iX-Workshop API security: OWASP Top 10 API Security Risks This is a list of the top 10 API security threats in the world.The article promotes an API security workshop organized by heise online, focusing on the OWASP Top 10 API Security Risks. The event aims to educate participants on identifying and mitigating common API vulnerabilities through practical exercises and expert guidance. It highlights topics such as authentication via OAuth 2.0 and Open ID Connect, protection against injection attacks, and data leaks. The workshop is led by two security experts from codecentric AG and offers hands-on experience in a simulated environment. Participation is limited to 12 attendees to ensure personalized instruction. The event is scheduled for August 25, 2026, with early bird discounts available until July 28, 2026.
Bias read (Center): The article presents a technical training event focused on cybersecurity practices, which is apolitical in nature. It does not discuss governmental policies, elections, or social issues, making it suitable for a center-aligned rating.
Why these scores (Factual 100 · Objective 100): The article accurately reflects the content of the primary source document, including the focus on OWASP Top 10 API risks, practical exercises, and expert instruction.
heise onlineIndependentCenterFactual 89Objective 8617 days ago iX workshop: Active Directory Hardening From audit to a secure environmentThe article promotes a workshop titled 'Active Directory Hardening: From Audit to Secure Environment' offered by heise online. The workshop aims to teach participants how to secure their corporate Active Directory environments against cyberattacks through practical exercises and expert guidance. Attendees will learn to identify security risks, fix misconfigurations, and defend against attacks using tools like PingCastle, PowerView, and BloodHound. The event includes hands-on training in a realistic lab environment and is led by Thomas Kudlacek, a cybersecurity specialist with experience in penetration testing and IT security consulting. The workshop is targeted at administrators looking to strengthen their on-premise Active Directory setups.
Bias read (Center): The article focuses on a technical training workshop related to cybersecurity practices and does not engage with any politically charged topics, debates, or ideological perspectives. It provides factual information about the content, structure, and purpose of the workshop without any apparent bias.
Why these scores (Factual 89 · Objective 86): The article provides detailed information about implementing ISO 27001, aligning with the primary source. It remains objective by focusing on the practical aspects of implementation without promoting any specific vendor.
heise onlineIndependentCenterFactual 85Objective 8022 days ago heise-offer: iX-Workshop: Tracing the aftermath of the M365 attack ‒ Targeted evaluation of logsThe article promotes a two-day workshop titled 'M365 Forensics and Incident Response' organized by iX, focusing on identifying, containing, and investigating cyberattacks targeting Microsoft 365 environments. The workshop includes hands-on simulations where participants take on the role of attackers to understand how cybercriminals exploit M365 applications through techniques like Business Email Compromise (BEC). Attendees will learn to analyze logs, apply the MITRE ATT&CK framework, and implement effective incident response strategies. The event is led by professionals with experience in real-world cybersecurity incidents, offering practical insights into current attack methods and forensic analysis techniques. Registration details and dates are provided.
Bias read (Center): The article discusses a technical training workshop focused on cybersecurity practices and does not engage with politically charged topics such as government actions, policies, or ideological debates. It provides factual information about the content and structure of the workshop without any evident
Why these scores (Factual 85 · Objective 80): The article accurately describes the workshop content and objectives related to cybersecurity threats like BEC. It provides practical details about the workshop structure and benefits but has some promotional language.
★
Keep the news honest.
ObjectiveNews is reader-funded and ad-free — we show you the bias instead of hiding it. Support independent journalism for €5/month.
Become a Supporter