Over the course of 2025, we performed several hundred security assessments for our clients. In each of these, security analysts must understand a new environment and often work with unfamiliar technologies. Even for well-known technologies, things change rapidly. Quick learning and adaptability are essential skills.

To keep our security analysts sharp and up to date, we regularly attend security conferences, external courses and trainings but also organize internal sessions. It has become a tradition for us to spend the first week of January learning new things, starting the year with improving our know-how. These trainings help us strengthen and broaden our internal know-how, which allows us to continue delivering practical, realistic security recommendations to our clients.

Focus Training: Container & Kubernetes Security

With the widespread adoption of cloud-native technologies everywhere, Kubernetes security was a natural focus for us.

We had the pleasure of welcoming Gabriel Graf in our offices in Bern to guide us. He shared his expertise from both a defensive and an attacker’s point of view when dealing with containers and Kubernetes. All participants had the opportunity to practice with hands-on labs and CTF-style exercises, connecting theory with real behavior and making risks easier to understand.

Here are a few take-aways from this training:

  • We finally learned how to pronounce the word Kubernetes: [qiubernëtis]
  • Containers and Kubernetes require explicit security design
  • Exploiting misconfigurations remains a primary attack vector
  • Security must span the full lifecycle, from supply chain to runtime

Parallel Training Tracks

In parallel to this on-site training, several analysts chose to dive into a topic of their choice individually or in small teams. Here are a few of the courses we tackled:

  • Red Team Operations: Provides a good general understanding of Active Directory exploitation and defense
  • IoT and Hardware Hacking: Teaches the basics of IoT devices and how to extract and analyze their firmware
  • Web Security Academy: Offers labs with a focus on injection flaws and advanced web attack techniques
  • Cyber Threat Intelligence: Contains foundational concepts of threat intelligence incorporating practical examples and case studies

Sharing Know-How: Security Boot Camp 2026

During the same week, our annual Security Boot Camp took place, a five-day hands-on training for a small group of students. They had the chance to learn about OSINT, Active Directory security, digital forensics and incident response through theory blocks and practice in a cloud-based lab.

Sharing our know-how and supporting young security professionals is important to us and is one way we contribute to the wider security community.

Looking Ahead

We are constantly testing new ideas and continuing to learn. After this first week of 2026, we will consolidate this know-how and share it internally in order to maintain a high technical standard.

What are you planning to do in 2026 towards a better cybersecurity culture?