Real Skills for Modern OS Security
We started Shrktool because too many security programs skip the fundamentals. Our training focuses on practical operating system hardening, threat detection, and incident response—not surface-level theory. We teach what actually works in production environments.
View ProgramsBuilding Security Education Since 2019
Started in a shared office space in Pennsville with three instructors and a clear mission. We've grown by listening to what organizations actually need.
Founded in New Jersey
Three former system administrators noticed a gap. Security training was either too academic or too shallow. We started teaching weekend workshops on Linux hardening and Windows security auditing. First cohort had seven students.
Expanded Curriculum
Added specialized tracks for network defense and endpoint protection. Partnered with regional IT departments to understand real-world challenges. Our students started getting jobs faster than we expected.
Lab Infrastructure Upgrade
Built out dedicated training labs with virtual environments that mirror enterprise setups. Students can now break things safely and learn from mistakes. This changed how we teach incident response.
Current Programs Running
We're now running quarterly cohorts with enrollment opening for Fall 2025 and Winter 2026. Still focused on hands-on training with real systems. Class sizes stay small so instructors can actually help when students get stuck.
Learn From People Who've Done It
Greta spent eight years hardening hospital networks before joining us. She knows what happens when security fails—and more importantly, how to prevent it. Her approach is direct: start with fundamentals, build systematically, test everything.
Our other instructors come from similar backgrounds. Sven worked in financial systems security. Marcus handled incident response for a regional ISP. They don't just teach concepts—they share actual scenarios they've handled.
Teaching Philosophy: We believe the best way to learn security is by doing it wrong first, then understanding why. Our labs are designed for mistakes. Students configure vulnerable systems, then attack them. This teaches more than any lecture could.
What's Actually Happening in OS Security
Configuration Still Beats Tools
Organizations keep buying security products while running default configurations. We're seeing breaches that could've been stopped with proper system hardening. Our curriculum prioritizes baseline security before advanced topics. It's less exciting but way more effective.
Log Analysis Makes a Comeback
Fancy AI security tools are popular, but people who can actually read system logs are in demand. Windows Event Logs, Linux audit trails, network flow data—these tell you what happened. We spend significant time teaching students how to spot anomalies in normal system activity.
Documentation Becomes Critical
When incidents happen, organizations need clear records of system states and changes. We're teaching students to document as they work. Not for compliance checkbox purposes, but because it actually helps during investigations and recovery.
Hybrid Environments Get Messier
Most organizations now run a mix of on-premise systems, cloud services, and legacy infrastructure. This creates security gaps. Our students learn to secure each platform properly, then understand how they interact. The complexity isn't going away, so we prepare people for it.
How We Actually Teach This Stuff
We've tried different approaches over the years. This structure works because it mirrors how you'd actually learn on the job—except with guidance and a safe environment to fail.
Foundation Work
Start with OS architecture, user permissions, and file systems. Build a vulnerable test system. Understand what normal operations look like before trying to secure anything.
Hardening Practice
Apply security baselines to your test system. Students work through CIS benchmarks and security guides. Then we test whether the hardening actually works by trying to break in.
Monitoring Setup
Configure logging and monitoring tools. Learn to spot unusual activity in system logs. Practice correlating events across multiple systems. This part takes longer than people expect.
Incident Scenarios
Respond to simulated security events. Figure out what happened, contain the issue, document findings. Work through realistic scenarios based on actual incidents we've seen.
Ready to Start Learning?
Our next enrollment period opens for Fall 2025 cohorts starting in September. Classes run 16 weeks with two evening sessions per week plus lab time. We keep cohorts to 12 students maximum because quality instruction requires time.
Programs begin September 2025 and January 2026. Application review typically takes two weeks. We look for people with basic IT experience who want to specialize in security—not necessarily those with security backgrounds already. Prior system administration work helps but isn't required.
