Training

About the Course

This 3-days course will educate participants the do's and don't of secure application development. Aimed specifically at web-based applications, the material and techniques described in this course are also applicable to non web-based applications. The course aims to be language-agnostic, and teaches principles, best practices, and security awareness aspects, that are necessary to produce and maintain secure web applications.

Who Should Attend

• Application Developers responsible for implementing secure business solutions.
• Information Security Professionals responsible for assessing, monitoring, and mitigating application security risks.
• Software Development Managers investigating strategies to integrate security into their product development life cycles.

Learning Objectives

• Gaining a solid conceptual understanding on the nature of security risks, threats, and vulnerabilities in software applications.
• Obtaining practical knowledge on how to integrate security into each stage of the software development life cycles.
• Knowledge of common vulnerabilities found in today's web technologies and how to defend against them.
• Practical skills on how to design and code securely using today's web technologies as case examples.

About the Course

4-Day Course. The course will combine interactive classroom instruction, demonstrations and hand on lab activities. The objective of this course is to level the playing field between security professionals and the most competent cyber criminals and terrorists. These highly controversial skills and knowledge are offered to ensure that IT and security professionals have equivalent and better knowledge than the adversaries they face. This is coupled with professional training for conducting vulnerability assessments and penetration tests.

Who Should Attend

• Network and Systems Penetration Testers Gives penetration testers the training needed to perform advanced penetration testing against known or unknown applications, services, and network systems.
• Application Developers Teaches developers the ramifications of poor coding. Often, a developer or code reviewer is required to clearly demonstrate the threat and impact of a coding error.

Learning Objectives

The Advanced Penetration Testing course is based on the Offensive Operations Model, which describes the process taken by the most professional criminals and cyber terrorists to compromise and exploit any type of network environment.

The Advanced Penetration Testing course will include the following sections:

• Understanding the Enemy.
• Why Penetration Testing?
• The Penetration Testing Lifecycle.
• The Offensive Operations Model.
• Security Architecture Review.
• Vulnerability Assessment and Analysis.
• Active and Passive Reconnaissance Techniques.
• Attack and Penetration Techniques.
• Physical Penetration Testing and Social Engineering.
• Presenting Penetration Testing Results.

The course is designed to bring to industry professionals the knowledge and techniques used by professional hackers and criminals to penetrate and compromise the integrity of corporate networks. This is coupled with a comprehensive methodology for conducting Vulnerability Assessments and Penetration Tests

About the Course

This 5-days course attendees with the basic knowledge and skill necessary to begin a computer-based investigation using practical case scenarios and will be guided through the process of conducting a computer forensics investigation, and will learn the principles surrounding computer forensic methodologies, together with the open-source forensic tools associated with forensic analysis that are applicable to the real case.

Who Should Attend

This workshop is suitable for : IT security professionals, to gather data that may be critical to the identification and analysis of a security incident law enforcement agency, to produce evidence in the court that can lead to the punishment of the actual and not limited for an academical who are interested in computer forensic.

Learning Objectives

• Understanding basic knowledge of Forensic methodology.
• Understanding how to properly establish and maintain chain of custody of media and evidence.
• Obtaining practical knowledge on how to correctly perform forensic analysis.

About the Course

This 4-days course will educate participants to enhance knowledge in security analysis and monitoring to identify known and emerging threats to critical infrastructure. The course also prepare the security analyst to respond, handle, and mitigate the security threats. Security monitoring helps the organization to reduce the overall security and business risk.

Security threat is evolving rapidly and each new technology represents a new avenue of attack. As threats become more sophisticated, improvement of knowledge is a must for security analyst identify, analyze, and respond quickly to the treats.

This course will help you to analyzes your server logs in real time to identify and alert you to compliance-relevant events.

Who Should Attend

• Information Security Analyst.
• Network Engineers.
• System, security, and network administrators.
• Incident Handlers.
• Security professional.

Learning Objectives

• Overview Security Concept.
• Applied Security Monitoring Concept.
• Logging and Log Management.
• Security Information and Event Management Concept and Overview.

About the Course

Incident response is a key component of an enterprise business continuity program. Security threats have become not only more numerous and diverse but also more damaging and disruptive. Incident handling and response capability is very important for rapidly detecting incidents, minimizing loss and destruction, mitigating the security risk, and restoring computing services.

This 5-days course is designed to help Incident Handlers, CERT teams, and any Information Security Analysts to understand how to plan, create and utilize their systems for detecting and responding to current and emerging computer security threats and attacks that are targeted at a variety of operating systems and architectures.

This course is also provides a basic introduction to the main incident handling tasks and critical thinking skills that will help an incident handler perform their daily work. Course attendees will learn how to how to build an incident respond policy and procedure, how to gather the information required to handle an incident, a deep understanding in technical skills to address a security incident, how to handle and respond to various types of malicious activity or compromise system, and how to deal with aincident response report.

Who Should Attend

• Incident Handlers.
• CERT Member.
• SOC team members.
• General information security analyst.

Learning Objectives

• Introduction to Incident Response and Handling.
• Risk Assessment.
• Security Policies and Laws.
• Incident Handling plan, policy, and procedure.
• Incident Response and Handling Steps.
• Incident Handling Technical Implementation.
• Incident Reporting.

About the Course

This 5-days course teaches how to begin wireless communication hacking specifically on 802.11 and GSM. The course will combine interactive classroom instruction, demonstrations, and hands on lab activities. We will provide labs that based on real world scenario and all required hardware tools necessary for the course will be provided.

Who Should Attend

This workshop is suitable for IT professional that interested to begin wireless communication hacking specifically on 802.11 and GSM.

Learning Objectives

• Understanding basic knowledge of Wireless communication on 802.11 and GSM.
• Understanding how to identify bogus wireless networks.
• Understanding how to conduct penetration testing against 802.11 and GSM.