Code signing Hardening Workshop
RCCE students will learn code signing implementation and management including certificate management, signing key protection, timestamp services, revocation procedures, and signature verification. RCCE students will learn to implement code signing for applications, scripts, and container images, manage signing keys using hardware security modules and key management services, configure certificate lifecycle management including rotation and revocation, verify code signatures in deployment pipelines, detect and respond to unauthorized code signing, implement code signing policies across development teams, and integrate code signing into automated build and release workflows. This hands-on hardening course focuses on reducing attack surface through practical configuration changes and security guardrails. Building on core knowledge, RCCE students will learn to apply hardening baselines, validate configurations, and measure the security improvement achieved. Students walk away with actionable hardening checklists and the skills to maintain hardened configurations as environments evolve.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Code signing Hardening Workshop
- Execute hands-on tasks for code signing hardening workshop
- Execute hands-on tasks for advanced cyber defense mastery
- Execute hands-on tasks for certificate mgmt
- Execute hands-on tasks for key protection
- Integrate privilege controls with identity providers and SIEM telemetry
- Execute hands-on tasks for signature verification
- Execute hands-on tasks for code signing implementation
- Execute hands-on tasks for signing key hardening
- Build detections and response workflows for privilege escalation, including Mastery Targets.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for root certificate authority
- Execute hands-on tasks for code signing certificate
| Module 01 | Code Signing Hardening Workshop |
| Module 02 | Advanced Cyber Defense Mastery |
| Module 03 | Certificate Mgmt |
| Module 04 | Key Protection |
| Module 05 | Pipeline Integration |
| Module 06 | Signature Verification |
| Module 07 | Code Signing Implementation |
| Module 08 | Signing Key Hardening |
| Module 09 | Verification & Detection |
| Module 10 | Code Signing Trust Chain Architecture |
| Module 11 | Root Certificate Authority |
| Module 12 | Code Signing Certificate |
| Module 13 | EV Code Signing |
| Module 14 | Certificate Lifecycle Management Workflow |
All hands-on labs run on Rocheston Rose X OS. Students practice code signing hardening workshop by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for code signing hardening workshop
- Lab 2: Execute hands-on tasks for advanced cyber defense mastery
- Lab 3: Execute hands-on tasks for certificate mgmt
- Lab 4: Execute hands-on tasks for key protection
- Lab 5: Integrate privilege controls with identity providers and SIEM telemetry
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Code signing Hardening Workshop, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI