My experiences as SANS facilitator

At the BruCon conference in October 2016 I had an interesting conversation at the SANS stand. Their collection of security trainings was impressive, but unfortunately outside of my budget. However, they did mention there is something like the Work-Study program.

So I applied for the SANS Brussels Winter conference in December. End of December I got an email back that I was selected for the Work-Study program!

For a fraction of the price you get the complete training, 2 preparation exams, the real exam, online training(OnDemand) and audio files of the training. This is really nice.

What you have to do for this nice price?

  • Arrive a day early around 9 am to setup the rooms and network, prepare network, distribute trainingmaterial, etc.
    A lot of work, but I didn’t mind it.
  • Arrive early during the training to prepare the room, help participants and help the trainer.
  • During breaks attend to the classroom to see that nobody who isn’t on the list enters, help the trainer if necessary, fix urgent issues if there are any (usually there weren’t any issues).
  • In the evenings help out a bit. This is usually not much work so normally you can still enjoy the sessions.
  • Probably the last evening, you have to set up a network for the lab session at the last day. This is usually done in 2 hours.
  • At the last training day, tear down the networks, pack up all microphones, network gear, extension cords, training materials, greet each other and go home.
    The last training day usually stops around 15:00, so you might still be home in time to spend the evening with your family (if you don’t have to travel too far).

So what do you get out of it, next to the training itself and certification?

  • A very busy week, but with lots of good talks, good friendships and good contacts in the business.
  • Introduction into the SANS organization.

For me these advantages were all very valuable to me, so after getting my GIAC Certified Inciden Handler (GICH) certificate following the SEC504 training, I decided to apply again to the Work-Study program. With success because now I can facilitate the FOR508 at SANS Secure Europe in Amsterdam and ICS410 at Munich Summer 2017. Two very interesting trainings that will really help to further advance my security career!

Making a Breakout game with Scratch

Lately I’ve been involved with CoderDojo. It’s real fun to challenge children to be creative with code. A tool we start with is Scratch. Now, if you have programmed in ‘real’ programming languages, you may think Scratch is only for children, but it really isn’t. It’s quite powerful!

Especially for creating games it is much easier to quickly create simple games in it than it would be in Python/PyGame for example. In this post I’ll show you how you can create a simple Breakout clone.

If you don’t know Breakout yet, you can read up on it on Wikipedia. In essence it works like this:

In the game, a layer of bricks lines the top third of the screen. A ball travels across the screen, bouncing off the top and side walls of the screen. When a brick is hit, the ball bounces away and the brick is destroyed. The player loses a turn when the ball touches the bottom of the screen. To prevent this from happening, the player has a movable paddle to bounce the ball upward, keeping it in play.

So, to start open Scratch, right click the Cat scratch, delete it and paint new sprite. Create a nice round colored circle (shift helps to make it round instead of oval):

Next step is to make the ball move. You can do this by changing the X and Y coordinates. I’ll always put initialization code immediately after “when flag clicked”. This way I’m always sure where my sprite is located, if it visible, etc.


If you run it, you’ll see that the ball goes to the edge of the screen and then moves along the edge to one corner. It should bounce of course!

Scratch has a very simple mechanism to achieve this: <touching color>. To use this, we create a Stage with corners. At the top and bottom I put a black line. At the bottom I put dark grey lines. You can create this in another program or by selecting Stage, then tab Backdrops, and draw a black line, select it, enlarge it, and move it to top. Copy it and move the copy to bottom. Repeat with grey line for left and right, like this:


Now it is just a matter of using <touching color> to detect which edge we hit. If we hit the top/bottom edge, we should reverse the Y direction. If we hit left/right edge, we should reverse the X direction, like this:


Next: the paddle. Create a new sprite and draw the paddle. Add code to move it left and right:


We still have an issue that the ball doesn’t bounce of the paddle. Unless you made the paddle the same color as the edges of the Stage. Hey, good idea, let’s do that:Paddle

If you run this on your computer, you might notice that the paddle lags a bit. This is a Windows issue. To solve this, search in Control Panel for keyboard and change the Repeat delay:


Now it should start moving quicker.

Ball moves, ball bounces on all sides and on the paddle. But wait, the ball should NOT bounce on the bottom border! So change the bottom border to red for example. An here is an ideal moment to introduce another very useful block of scratch: Broadcast.

With it you can give a signal to other sprite (or your own sprite) that something happened. Very handy to let everything stop for example. Or just to clean up your scripts.


To keep score, I add a variable Score. And to increase the score we need to remove the blocks on the top of the screen. So that’s for the next post…

The Scratch file up to this point: Breakout1


Never delete requirements in ALM with the DEL key

Suppose you want to delete the link of a requirement to a testcase.

In ALM you then go to the testcase, select tab Requirements Coverage, select the requirement and delete that link, yes?

This is true, but do not delete the link with the Delete button on your keyboard, because ALM will be so kind to delete the complete testcase, no the link!
You really have to use the icon in the tab menu.