Ready to stop hoping your security holds and start verifying it?

Forget security theory—this is a practical application lab.

You will walk away with ready-to-use configuration files and deployment examples for SELinux, Keylime, and USBGuard, enabling you to construct a truly robust, attestable, and compliance-ready RHEL environment and implement this advanced security skill set the moment you return to work.

SELinux (Security-Enhanced Linux): We will move beyond basic permissive/enforcing modes to architect and troubleshoot custom Mandatory Access Control (MAC) policies, significantly limiting the damage from exploited processes. This will help you detect Compromised Services & Privilege Escalation.

Keylime: Remote Attestation & Integrity Monitoring (via TPM 2.0 and IMA). Protects against unauthorized modifications to the bootloader, kernel, or critical system files. It provides cryptographic, continuous proof that a host has not been tampered with—ideal for detecting sophisticated, hardware-level rootkits and ensuring compliance.

USBGuard: USB Device Authorization Policy. Stops malicious USB devices (like “Rubber Ducky” or “BadUSB” keystroke injectors or firmware attacks) from executing automatically. It blocks unauthorized removable media, preventing both data exfiltration and malware introduction via physical ports.

Prerequisites

Participants should bring a laptop with an SSH client installed to connect to a remote lab.

Alternatively, if you would like to run the lab locally, please ensure your device meets the following minimum requirements: