Kristóf Tóth Software Engineer at Avatao The world is getting eaten alive by software. At this point, almost nothing can be done without interacting with some sort of software system. Not even buying your groceries. As we keep dumping out huge piles of code like there is no tomorrow, our far from perfect systems keep getting worse and worse from a security standpoint. What could possibly go wrong? We believe that education is the missing link. As appsec is still a curiosity topic on top universities, freshly graduated engineers simply have no clue. And how could they? The number of programmers keeps on doubling every few years and generations of software professionals are stuck without a proper background in ITSec. As this trend continues, our responsibility to do something about this is on the rise. In hopes of fighting this trend, we, at Avatao, have decided to share some of our dreams with the community. Our Tutorial Framework allows you to easily create interactive learning environments running inside Docker containers. These environments are capable of automatically guiding users through a set of topics by allowing them to interact with real software through a simple web browser. Users can attack webservices, write code to fix them or use a terminal to deploy websites by creating and pushing git tags. Nothing here is a mock-up: Every software component is real. In this talk, I am going to demonstrate the capabilities of the framework, talk about the technology behind it and explore some use cases for it. During the session we will open source the framework with the hope of creating a better, secure future together.