Two cohorts run in 2026. This page describes the summer intensive (20 July – 20 August). A second four-week cohort runs 5 October – 5 November — see Senior Advanced — Autumn 2026.
The 2026 Cybersecurity Summer School is the flagship hybrid programme of the chen.ist Academy. Over four weeks, a small cohort lives and studies on our private campus in Craiova: three weeks of teaching on the practice of cybersecurity in the open, followed by a closing hackathon in which everything learned is put to work on a single project, judged in public.
The programme is built for people who already write code or run systems and now want a serious, structured grounding in defensive security — including the parts that get left out of most curricula: the human side, the open-source ecosystem, and the discipline of running a project and presenting it.
What you will learn
Everything in Senior 2026 — plus the advanced material that fundamentals make room for:
- detection engineering and incident response taught at depth, not as a primer;
- threat modelling and attack-surface analysis on a real codebase;
- a substantive open-source security contribution instead of an introductory PR;
- the closing five-day hackathon judged by an external jury.
Six pillars run through the four weeks. The first five are taught in weeks 1 to 3; the sixth — the hackathon — uses them.
Weeks 1–3 · Taught
01 / Cybersecurity
The technical core: threat models, network and host security, common attack patterns, defensive monitoring, log analysis and the basics of incident response. Hands-on labs in a sandboxed environment from day one; no theatrics.
02 / Cyber hygiene
The personal practice: password managers and passkeys, multi-factor authentication, device hardening, encrypted backups, secure communications and the small, daily habits that decide most real-world outcomes. You leave the school with your own setup hardened.
03 / Cyber awareness
The human layer: phishing, social engineering, business email compromise, deepfakes and the ways attackers route around technology. Includes tabletop exercises and a guided phishing simulation run on the cohort itself.
04 / Open source
Open source as both a toolkit and a politics. We work with the tools serious teams actually use — Suricata, Wazuh, OSSEC, OpenVAS, ZAP, Kali, Sigma rules, MISP — and we look at the supply-chain side: SBOMs, dependency review, signing, the OpenSSF baseline. Each participant makes a small but real contribution to an open-source project during the school.
05 / Project management
How to actually finish something with a team of five strangers and a deadline: scoping, breaking work down, lightweight agile, risk registers, decision logs, and the project-management overlay that security work specifically needs (CIA-aligned planning, threat modelling as a planning activity, security-aware milestones).
06 / Public speaking
The skill nobody gets taught. How to brief, demo, present and defend your work — to a technical audience, to non-technical decision-makers, and to a hostile questioner. Two structured rehearsal sessions per week, recorded and reviewed.
Week 4 · Applied — the hackathon
The capstone. See The hackathon below.
How the four weeks are arranged
| Week | Focus |
|---|---|
| Week 1 (20–26 Jul) | Cybersecurity foundations · Cyber hygiene · Cyber awareness |
| Week 2 (27 Jul – 2 Aug) | Open source — tools, ecosystem, and contribution |
| Week 3 (3–9 Aug) | Project management & public speaking, applied to a security brief |
| Week 4 (10–16 Aug) | Hackathon: build, defend, present |
| Closing (17–20 Aug) | Public colloquium, jury feedback, departures |
The hackathon
The school closes with a five-day hackathon held on campus. Teams of four to six are given a realistic brief — a small organisation in trouble, a vulnerable open-source project, a public service that needs hardening — and must, by the end of the week:
- ship a working defensive or remediation project,
- document it well enough for a stranger to take it over,
- contribute their fix or tooling upstream where it makes sense,
- and present it in a 15-minute talk plus a 10-minute hostile Q&A in front of an external jury drawn from industry, academia and the Romanian cybersecurity community.
The hackathon is not a competition for prizes. It is the school’s final exam: did you, in fact, learn to do the work?
A typical teaching day (weeks 1–3)
| Time of day | Activity |
|---|---|
| 09:00 – 12:30 | Lectures and seminars on theoretical foundations |
| 14:00 – 17:30 | Workshops, lab work, group project sessions |
| 18:00 – 19:30 | Invited speakers, panels, occasional film screenings |
| 19:30 onwards | Dinner and informal cohort time |
What is included
- Full tuition across the four-week programme
- All course materials and lab access
- Lunch on weekdays, opening and closing dinners
- Hackathon brief, infrastructure and external jury
- Certificate of completion
- An invitation to the chen.ist alumni network
Accommodation on the Craiova campus is offered separately at cost; off-site accommodation is also available in the city.
Who it is for
The programme assumes some prior comfort with the command line, a high-level understanding of how networks and operating systems work, and the ability to read code (in any language). It is not an introduction to computing; it is a school for people who want to take defensive security seriously and learn the working culture around it.
Outcomes
Past participants have used the programme as a step into postgraduate research in security, as a structured bridge into a first SOC or detection-engineering role, and — in several cases — as the seed of a project later continued with industry or public-sector partners. Each cohort closes with a public colloquium at which the hackathon projects are presented to faculty, alumni and invited guests.