Marjorie Pepito - V.Ships Services Oceana, Inc.
Internet Security is a branch of computer security related to browser and network security, especially as it relates to transactions, authentication and protection of data sent over the Internet.
NobleProg onsite live Internet Security training courses demonstrate through interactive discussion and hands-on practice how to understand, plan and implement an Internet Security strategy within their organization. Special focus is given to setting up the proper systems and procedures needed to detect and mitigate threats. Internet Security courses are available as interactive trainings and a number of them include a testing and certification component.
Internet Security training is available in various formats, including onsite live training and live instructor-led training using an interactive, remote desktop setup. Local Internet Security training can be carried out live on customer premises or in NobleProg local training centers.
Marjorie Pepito - V.Ships Services Oceana, Inc.
18 Wojskowy Oddział Gospodarczy
communication skills of the trainer
Flavio Guerrieri - RANDSTAD ITALIA SPA Attention: Anna Ceriani Purchasing Specialist
the discussion and exchange of ideas
RAYMOND JACKSON PAJARILLO - V.Ships Services Oceana, Inc.
deep knowledge, real examples, the fact that trainer is also a practicioner
18 Wojskowy Oddział Gospodarczy
The interaction and facts gained / learnt.
Monna Liza Mengullo - V.Ships Services Oceana, Inc.
|ccsk||CCSK - Certificate of Cloud Security Knowledge - Plus||14 hours||Description: This 2-day CCSK Plus course includes all content from the CCSK Foundation course, and expands on it with extensive hands-on labs in a second day of training. Students will learn to apply their knowledge by performing a series of exercises involving a scenario that brings a fictional organization securely into the cloud. After completing this training, students will be well prepared for the CCSK certification exam, sponsored by Cloud Security Alliance. This second day of training includes additional lecture, although students will spend most of their time assessing, building, and securing a cloud infrastructure during the exercises. Objectives: This is a two day class that begins with the CCSK- Basic training, followed by a second day of additional content and hands-on activities Target Audience: This class is geared towards security professionals, but is also useful for anyone looking to expand their knowledge of cloud security.|
|GDRPAd||GDPR Advanced||21 hours||This is more in-depth and would be for those working a great deal with the GDPR and who may be appointed to the GDPR team. This would be ideal for IT, human resources and marketing employees and they will deal extensively with the GDPR.|
|pkiimpman||PKI: Implement and Manage||21 hours||Overview This Public Key Infrastructure – Implement and Manage course helps any individual to gain knowledge in managing robust PKI and having better understanding of topics surrounding public key infrastructure. Moreover, the PKI course is a preparation for the increasingly critical component – which ensures confidentiality, integrity, and authentication in an enterprise. Our PKI course provides the knowledge and skills necessary to select, design and deploy PKI, to secure existing and future applications within your organization. It also gives a deeper look into the foundations of cryptography and the working principles of the algorithms being used. Throughout the whole course, participants will gain in-depth knowledge on the following topics: Legal aspects of a PKI Elements of a PKI PKI management Trust in a digital world Digital signature implementation Trust models After completing the PKI course, each individual will be able to successfully design, setup, deploy, and manage a public key infrastructure (PKI). This is a 3-day course is considered essential for anyone who needs to understand Public Key Infrastructure (PKI) and the issues surrounding its implementation. It covers the issues and technologies involved in PKI in-depth and gives hands-on practical experience of setting up and maintaining a variety of PKI solutions. Detailed knowledge of issues surrounding PKI helps to put recent attacks which have appeared in the news headlines into context and enable valid decisions to be made about their relevance to your organisation. Objectives To introduce the student to the theoretical aspects of the foundations and benefits of Public Key Infrastructure (PKI), including different types of encryption, digital signatures, digital certificates and Certificate Authorities. To give students hands on experience of implementing and using PKI solutions with a variety of applications. To give students an understanding of the concepts of evaluating and selecting PKI technologies Audience Anyone involved in Public Key Infrastructure | PKI decision-making, implementing and securing e-commerce and other Internet applications, including CIOs, Chief Security Officers, MIS Directors, Security Managers and Internal Auditors.|
|secana||Security Analyst||35 hours||Target Audience would be - Network server administrators, firewall administrators, information security analysts, system administrators, and risk assessment professionals|
|cybersecfun||Cybersecurity Fundamentals||28 hours||Description: Cybersecurity skills are in high demand, as threats continue to plague enterprises around the world. An overwhelming majority of professionals surveyed by ISACA recognise this and plan to work in a position that requires cybersecurity knowledge. To fill this gap, ISACA has developed the Cybersecurity Fundamentals Certificate, which provides education and verification of skills in this area. Objectives: With cybersecurity threats continuing to rise and the shortage of appropriately-equipped security professionals growing worldwide, ISACA's Cybersecurity Fundamentals Certificate programme is the perfect way to quickly train entry-level employees and ensure they have the skills and knowledge they need to successfully operate in the Cyber arena. Target Audience: The certificate program is also one of the best ways to gain foundational knowledge in cybersecurity and begin to build your skills and knowledge in this crucial area.|
|ehcm||Ethical Hacking and Countermeasures||35 hours||Description: This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defences work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how Intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. Target Audience: This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.|
|cisa||CISA - Certified Information Systems Auditor||28 hours||Description: CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting. Our CISA course is an intense, very competitive and exam focused training course. With experience of delivering more than 150+ CISA trainings in Europe and around the world and training more than 1200+ CISA delegates, the Net Security CISA training material has been developed in house with the top priority of ensuring CISA delegates pass the ISACA CISA® Exam. The training methodology focuses on understanding the CISA IS auditing concepts and practicing large number of ISACA released question banks from the last three years. Over a period, CISA holders have been in huge demand with renowned accountings firms, global banks, advisory, assurance, and internal audit departments. Delegates may have years of experience in IT auditing but perspective towards solving CISA questionnaires will solely depend on their understanding to globally accepted IT assurance practices. CISA exam is very challenging because the possibility of a very tight clash between two possible answers exists and that is where ISACA tests you on your understanding in global IT auditing practices. To address these exam challenges, we always provide the best trainers who have extensive experience in delivering CISA training around the world. The Net Security CISA manual covers all exam-relevant concepts, case studies, Q&A's across CISA five domains. Further, the Trainer shares the key CISA supporting material like relevant CISA notes, question banks, CISA glossary, videos, revision documents, exam tips, and CISA mind maps during the course. Goal: The ultimate goal is to pass your CISA examination first time. Objectives: Use the knowledge gained in a practical manner beneficial to your organisation Provide audit services in accordance with IT audit standards Provide assurance on leadership and organizational structure and processes Provide assurance on acquisition/ development, testing and implementation of IT assets Provide assurance on IT operations including service operations and third party Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets. Target Audience: Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.|
|cism||CISM - Certified Information Security Manager||28 hours||Description:; CISM® is the most prestigious and demanding qualification for Information Security Managers around the globe today. This qualification provides you with a platform to become part of an elite peer network who have the ability to constantly learn and relearn the growing opportunities/ challenges in Information Security Management. Our CISM training methodology provides an in-depth coverage of contents across the Four CISM domains with a clear focus on building concepts and solving ISACA released CISM exam questions. The course is an intense training and hard-core exam preparation for ISACA’s Certified Information Security Manager (CISM®) Examination. We have delivered more than 100+ CISM training events in the United Kingdom and Europe. Our instructors encourage all attending delegates to go through the ISACA released CISM QA&E (Questions, Answers and Explanations) as exam preparation - you get this FREE as part of our course. The QA&E is exceptional in helping delegates understand the ISACA style of questions, approach to solving these questions and it helps rapid memory assimilation of the CISM concepts during live classroom sessions. All our trainers have extensive experience in delivering CISM training. We will thoroughly prepare you for the CISM examination. If you do not pass first time, then join us again for exam preparation free of charge. Goal: The ultimate goal is to pass your CISM examination first time. Objectives: Use the knowledge gained in a practical manner beneficial to your organisation Establish and maintain an Information security governance framework to achieve your organization goals and objectives Manage Information risk to an acceptable level to meet the business and compliance requirements Establish and maintain information security architectures (people, process, technology) Integrate information security requirements into contracts and activities of third parties/ suppliers Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact Target Audience: Security professionals with 3-5 years of front-line experience; Information security managers or those with management responsibilities; Information security staff, information security assurance providers who require an in-depth understanding of information security management including: CISO's, CIO's, CSO's, privacy officers, risk managers, security auditors and compliance personnel, BCP / DR personnel, executive and operational managers responsible for assurance functions.|
|netsecadm||Network Security Administrator||35 hours||Audience: System Administrators and Network Administrators as well as anyone who is interested in defensive network security technologies.|
|pki||Public Key Infrastructure||21 hours||The training is directed to all operating systems administrators, who plan to implement a public key infrastructure based on MS Windows Server 2012 R2 and plan to use qualified electronic signature certificates. The participants will learn about the basic issues related to the implementation of public key infrastructure, and also with the idea of applying the latest cryptographic solutions for securing information systems. On the basis of MS Windows Server 2012 R2 are discussed possibilities of using certification services for the enterprise.During the training in a virtual environment is installed complete certification center and discuss the most important issues related to the management and administration of public key infrastructure in an Active Directory domain. The training includes theoretical and practical knowledge on the use of electronic signatures issued by certification centers in Poland under the "Act on Electronic Signatures." These are legal issues, legal requirements, as well as examples of the use of certificates of electronic signatures in Poland. The participants will gain the knowledge needed to create electronic correspondence relating to communication with the public authorities and other services that allow or require the use of a type of ID.|
|cismp||CISMP - Certificate in Information Security Management Principles||35 hours||A thorough, practical, 5 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. The CISMP course is aligned with the latest national information assurance frameworks (IAMM), as well as ISO/IEC 27002 & 27001; the code of practice and standard for information security. This course is a CESG Certified Training (CCT) course. The course follows the latest BCS syllabus and prepares delegates for the 2 hour multiple choice BCS examination which is sat on the afternoon of the last day of the course. This qualification provides delegates with detailed knowledge of the concepts relating to information security; (confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures), along with an understanding of current legislation and regulations which impact information security management. Award holders will be able to apply the practical principles covered throughout the course ensuring normal business processes become robust and more secure.|
|nbiotfordev||NB-IoT for Developers||7 hours||Most of today's IoT connections are industrial. Industrial IoT (IIoT) connections require Low Power Wide Area (LPWA) technologies to provide connectivity, coverage and subscription capabilities for low bandwidth applications. Although these requirements could be served by existing cellular networks, such networks may not be ideal. NB-IoT (Narrow Band IoT) technology offers a promising solution. NB-IoT (also known as LTE Cat NB1) allows IoT devices to operate over carrier networks such as GSM and “guard bands” between LTE channels. NB-IoT needs only 200kHz of bandwidth and can efficiently connect large numbers of endpoint devices (up to 50,000 per NB-IoT network cell). Its low power requirements makes it ideal for use in small, uncomplicated IoT gadgets such as smart parking, utilities and wearables. In this instructor-led, live training, participants will learn about the various aspects of NB-IoT as they develop and deploy a sample NB-IoT based application. By the end of this training, participants will be able to: Identify the different components of NB-IoT and how to fit together to form an ecosystem Understand and explain the security features built into NB-IoT devices Develop a simple application to track NB-IoT devices Audience Developers Technical Managers Format of the course Part lecture, part discussion, exercises and heavy hands-on practice|
|grmcfun||Governance, Risk Management & Compliance (GRC) Fundamentals||21 hours||Course goal: To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities. Overview: GRC Basic terms and definitions Principles of GRC Core components, practices and activities Relationship of GRC to other disciplines|
|cissp||CISSP - Certified Information Systems Security Professional||35 hours||Overview: Certified Information Systems Security Professional certification is recognised as a key qualification for developing a senior career in information security, audit and IT governance management. Held by over 30,000 qualified professionals worldwide, the Certified Information Systems Security Professional qualification shows proven knowledge and is the key to a higher earning potential in roles that include CISO, CSO and senior security manager. You will learn to: Use the knowledge gained in a practical manner beneficial to your organisation Protect your organisational assets using access control techniques and strengthen confidentiality and integrity controls from the world of cryptography Secure your network architecture and design (implement Cyber security) Achieve your organisational objectives such as legal & compliance, Information assurance, security and data governance Enhance IT services secure delivery via Security operations, architecture and design principles Implement business resiliency via Business Continuity Plan You will gain a thorough understanding of the 8 domains as prescribed by (ISC)2® The Main Goal: To pass your CISSP examination first time. Target Audience: This training is intended for individuals preparing for the CISSP certification exam.|
|netnorad||NetNORAD||7 hours||NetNORAD is a system built by Facebook to troubleshoot network problems via end-to-end probing, independent of device polling. In this instructor-led, live training, participants will learn how NetNORAD and active path testing can help them improve their network troubleshooting methods. By the end of this training, participants will be able to: Understand how NetNORAD works Learn the design principles behind NetNORAD Use open-source NetNORAD tools with their own code to implement a fault detection system Audience Network engineers Developers System engineers Format of the course Part lecture, part discussion, exercises and heavy hands-on practice|
|webap||WEBAP - Web Application Security||28 hours||Description: This course will give the participants thorough understanding about security concepts, web application concepts and frameworks used by developers in order to be able to exploit and protect targeted application. In today’s world, that is changing rapidly and thus all the technologies used are also changed at a fast pace, web applications are exposed to hackers attacks 24/7. In order to protect the applications from external attackers one has to know all the bits and pieces that makes the web application, like frameworks, languages and technologies used in web application development, and much more than that. The problem is that attacker has to know only one way to break into the application and developer (or systems administrator) has to know all of the possible exploits in order to prevent this from happening. Because of that it is really difficult to have a bullet proof secured web application, and in most of the cases web application is vulnerable to something. This is regularly exploited by cyber criminals and casual hackers, and it can be minimized by correct planning, development, web application testing and configuration. Objectives: To give you the skill and knowledge needed to understand and identify possible exploits in live web applications, and to exploit identified vulnerabilities. Because of the knowledge gained through the identification and exploitation phase, you should be able to protect the web application against similar attacks. After this course the participant will be able to understand and identify OWASP top 10 vulnerabilities and to incorporate that knowledge in web application protection scheme. Audience: Developers, Police and other law enforcement personnel, Defense and Military personnel, e-Business Security professionals, Systems administrators, Banking, Insurance and other professionals, Government agencies, IT managers, CISO’s, CTO’s.|
|cyberwarfare||Fundamentals of corporate cyberwarfare||14 hours||Audience Cyber security specialists System administrators Cyber security managers Cyber security auditors CIOs Format of the course Heavy emphasis on hands-on practice. Most of the concepts are learned through samples, exercises and hands-on development.|
|seccode||How to Write Secure Code||35 hours||After the major attacks against national infrastructures, Security Professionals found that the majority of the vulnerabilities that caused the attacks came from poor and vulnerable code that the developers write. Developers now need to master the techniques of how to write Secure Code, because we are in a situation where anyone can use availble tools to write a script that can effectivly disable a large organization's systems because the developers have written poor code. This Course aims to help in the following: Help Developers to master the techniques of writing Secure Code Help Software Testers to test the security of the application before publishing to the production environment Help Software Architects to understand the risks surrounding the applications Help Team Leaders to set the security base lines for the developers Help Web Masters to configure the Servers to avoid miss-configurations In this course you will also see details of the latest cyber attacks that have been used and the countermeasures used to stop and prevent these attacks. You will see for yourself how developers mistakes led to catastrophic attacks, and by participatig in the labs during the course you will be able to put into practise the security controls and gain the experience and knowledge to produce secure coding. Who should Attend this Course? This Secure Code Training is ideal for those working in positions such as, but not limited to: Web Developers Mobile Developers Java Developers Dot Net Developers Software Architects Software Tester Security Professionals Web Masters|
|crisc||CRISC - Certified in Risk and Information Systems Control||21 hours||Description: This class is intended as intense and hard core exam preparation for ISACA’s Certified Information Systems Auditor (CRISC) Examination. The five (5) domains of ISACA’s CRISC syllabus will be covered with a big focus on the Examination. The Official ISACA CIRSC Review Manual and Question, Answer and Explanation, (Q,A&E), supplements will ALSO be provided when attending. The Q,A&E is exceptional in helping delegates understand the ISACA style of questions, the type of answers ISACA are looking for and it helps rapid memory assimilation of the material. The technical skills and practices that ISACA promotes and evaluates within the CRISC certification are the building blocks of success in the field. Possessing the CRISC certification demonstrates your skill within the profession. With a growing demand for professionals holding risk and control expertise, ISACA’s CRISC has positioned itself to be the preferred certification program by individuals and enterprises around the world. The CRISC certification signifies commitment to serving an enterprise and the chosen profession with distinction. Objectives: To help you pass the CRISC examination first time possessing this certification will signify your commitment to serving an enterprise with distinction the growing demand for professionals with risk and control skills will allow holders of this certification to command better positions and salary You will learn: To help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls. The technical skills and practices that CRISC promotes, these are the building blocks of success in the field|
|iso27005||Building up information security according to ISO 27005||21 hours||This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.|
|ethhack||Ethical Hacker||35 hours||This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. The purpose of the Ethical Hacking Training is to: Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures. Inform the public that credentialed individuals meet or exceed the minimum standards. Reinforce ethical hacking as a unique and self-regulating profession. Audience: The Course is ideal for those working in positions such as, but not limited to: Security Engineers Security Consultants Security Managers IT Director/Managers Security Auditors IT Systems Administrators IT Network Administrators Network Architects Developers|
|cdp||CDP - Certificate in Data Protection||35 hours||Description: There is a need to provide adequate training on the Data Protection Act 1998 "the Act" and its implications for both organisations and individuals. There are important differences between the Act and its predecessor, the Data Protection Act 1984. In particular, the Act contains important new obligations in relation to manual records and transborder data flows, a new notification system and amended principles. It is important to understand the Act in the European context. Those experienced in data protection issues, as well as those new to the subject, need to be trained so that their organisations are confident that legal compliance is continually addressed. It is necessary to identify issues requiring expert data protection advice in good time in order that organisational reputation and credibility are enhanced through relevant data protection policies and procedures. Objectives: The aim of the syllabus is to promote an understanding of how the data protection principles work rather than simply focusing on the mechanics of regulation. The syllabus places the Act in the context of human rights and promotes good practice within organisations. On attaining the certificate, award holders will possess: an appreciation of the broader context of the Act. an understanding of the way in which the Act and the Privacy and Electronic Communications (EC Directive) Regulations 2003 work a broad understanding of the way associated legislation relates to the Act an understanding of what has to be done to achieve compliance a recognised qualification in data protection Course Synopsis: The syllabus comprises three main parts, each with many sub-sections! Context - this will address the origins of and reasons for the Act together with consideration of privacy in general. Law – Data Protection Act - this will address the main concepts and elements of the Act and subordinate legislation. Application - this will consider how compliance is achieved and how the Act works in practice.|
|datapro||Data Protection||35 hours||This is an Instructor led course, and is the non-certification version of the "CDP - Certificate in Data Protection" course Those experienced in data protection issues, as well as those new to the subject, need to be trained so that their organisations are confident that legal compliance is continually addressed. It is necessary to identify issues requiring expert data protection advice in good time in order that organisational reputation and credibility are enhanced through relevant data protection policies and procedures. Objectives: The aim of the syllabus is to promote an understanding of how the data protection principles work rather than simply focusing on the mechanics of regulation. The syllabus places the Act in the context of human rights and promotes good practice within organisations. On completion you will have: an appreciation of the broader context of the Act. an understanding of the way in which the Act and the Privacy and Electronic Communications (EC Directive) Regulations 2003 work a broad understanding of the way associated legislation relates to the Act an understanding of what has to be done to achieve compliance Course Synopsis: The syllabus comprises three main parts, each sub-sections. Context - this will address the origins of and reasons for the Act together with consideration of privacy in general. Law – Data Protection Act - this will address the main concepts and elements of the Act and subordinate legislation. Application - this will consider how compliance is achieved and how the Act works in practice.|
|cl-njs||Node.JS and Web Application Security||21 hours||As a developer, your duty is to write bulletproof code. What if we told you that despite all of your efforts, the code you have been writing your entire career is full of weaknesses you never knew existed? What if, as you are reading this, hackers were trying to break into your code? How likely would they be to succeed? What if they could steal away your database and sell it on the black market? This Web application security course will change the way you look at code. A hands-on training during which we will teach you all of the attackers’ tricks and how to mitigate them, leaving you with no other feeling than the desire to know more. It is your choice to be ahead of the pack, and be seen as a game changer in the fight against cybercrime. Delegates attending will: Understand basic concepts of security, IT security and secure coding Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Learn client-side vulnerabilities and secure coding practices Learn about Node.js security Learn about MongoDB security Have a practical understanding of cryptography Understand essential security protocols Understand security concepts of Web services Learn about JSON security Get practical knowledge in using security testing techniques and tools Learn how to handle vulnerabilities in the used platforms, frameworks and libraries Get sources and further readings on secure coding practices|
|chfi||CHFI - Certified Digital Forensics Examiner||35 hours||The Certified Digital Forensics Examiner vendor neutral certification is designed to train Cyber Crime and Fraud Investigators whereby students are taught electronic discovery and advanced investigation techniques. This course is essential to anyone encountering digital evidence while conducting an investigation. The Certified Digital Forensics Examiner training teaches the methodology for conducting a computer forensic examination. Students will learn to use forensically sound investigative techniques in order to evaluate the scene, collect and document all relevant information, interview appropriate personnel, maintain chain-of-custody, and write a findings report. The Certified Digital Forensics Examiner course will benefit organizations, individuals, government offices, and law enforcement agencies interested in pursuing litigation, proof of guilt, or corrective action based on digital evidence.|
|cas||CAS: Setting up an single-sign-on authentication server||7 hours||CAS, or Central Authentication Service, is an open-source, enterprise-level, single-sign on protocol for the web. CAS gives users access to multiple applications using a single sign-on and allows web applications to authenticate users without giving them access to user passwords. CAS has a Java server component and various client libraries written in PHP, PL/SQL, Java, and more. In this course, we discuss CAS's architecture and features and practice installing and configuring a CAS server. By the end of the course, participants will have an understanding of CAS's implementation of SOS (Single-Sign-On-Authentication) as well as the necessary practice to deploy and manage their own authentication server. Audience System administrators Format of the course Part lecture, part discussion, heavy hands-on practice|
|ciaa||CIAA - Certificate in Information Assurance Architecture||35 hours||Description: The IA Architect is based on a set of skills defined by the Institute of Information Security Professionals (IISP) and the UK Government’s GCHQ department. The IA Architect, also referred to in industry as the Security Architect must be able to drive beneficial security change into an organisation through the development or review of security architectures so that they: Meet business requirements for security. Mitigate identified risks and conform to relevant corporate security policies. Balance information risk against the cost of countermeasures. This course aligns to Level 3 (Skilful Application) competence as defined in the Skills Framework developed by the IISP. Objectives: Candidates that have successfully completed the Practitioner in IA Architecture course should be able to: Describe the business environment and the information risks that apply to systems. Describe and apply security design principles. Identify information risks that arise from potential solution architectures. Design alternate architectures or countermeasures to mitigate identified information risks. Ensure that proposed architectures and countermeasures adequately mitigate identified information risks. Apply ‘standard’ security techniques and architectures to mitigate security risks. Develop new architectures that mitigate the risks posed by new technologies and business practices. Provide consultancy and advice to explain Information Assurance and architectural problems. Securely configure ICT systems in compliance with their approved security architectures. Audience: Candidates who wish to gain the BCS IA Architecture certificate. System Administrators who wish to become Security Architects. Technical Architects looking to move into the field of security architecture. Security professionals wishing to gain an appreciation of the technical and business aspects of their profession, or to move into a more senior architecture role.|
|devopssecurity||DevOps Security: Creating a DevOps security strategy||7 hours||DevOps is a software development approach that aligns application development with IT operations. Some of the tools that have emerged to support DevOps include: automation tools, containerization and orchestration platforms. Security has not kept up with these developments. In this course, participants will learn how to formulate the proper security strategy to face the DevOps security challenge. Audience Devops engineers Security engineers Format of the course Part lecture, part discussion, some hands-on practice|
|pcirm||PCIRM - Practitioner Certificate in Information Risk Management||35 hours||Description: The Practitioner Certificate in Information Risk Management (PCIRM) provides security practitioners with a comprehensive and highly practical course enabling them to develop a business focused information security and governance risk strategy. It closely follows the approaches recommended in the ISO 27001 and ISO 27005 standards. The five-day course prepares delegates to confidently sit the BCS/ISEB Practitioner Certificate in Information Risk Management examination. Target Audience: Information security and governance practitioners Internal IT auditors Staff from within compliance and operational risk functions IT managers and senior staff Project managers and others responsible for designing security in to information systems. Objectives: On completion of this course delegates will be able to: develop an information risk management strategy conduct threat vulnerability and likelihood assessments, business impact analyses and risk assessments explain how the management of information risk will bring about significant business benefits explain and make full use of information risk management terminology explain the principles of controls and risk treatment present results of the risk assessment in a format which will form the basis of a risk treatment plan explain and produce information classification schemes confidently sit the ISEB examination|
|embeddedsecurity||Embedded systems security||21 hours||This training introduces the system architectures, operating systems, networking, storage, and cryptographic issues that should be considered when designing secure embedded systems. By the end of this course, participants will have a solid understanding of security principles, concerns, and technologies. More importantly, participants will be equipped with the techniques needed for developing safe and secure embedded software. Audience Embedded systems professionals Security professionals Format of the course Part lecture, part discussion, hands-on practice|
|cgeit||CGEIT – Certified in the Governance of Enterprise IT||28 hours||Description: This four day event (CGEIT training) is the ultimate preparation for exam time and is designed to ensure that you pass the challenging CGEIT exam on your first attempt. The CGEIT qualification is an internationally recognised symbol of excellence in IT governance awarded by ISACA. It is designed for professionals responsible for managing IT governance or with significant advisory or assurance responsibility for IT governance. Achieving CGEIT status will provide you with wider recognition in the marketplace, as well as increased influence at executive level. Objectives: This seminar has been designed to prepare Delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding so as to be better prepared to pass the exam, as defined by ISACA. Target Audience: Our training course is for IT and business professionals, with significant IT governance experience who are undertaking the CGEIT exam.|
|iast||Interactive Application Security Testing (IAST)||14 hours||Interactive Application Security Testing (IAST) is a form of application security testing that combines Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) or Runtime Application Self-protection (RASP) techniques. IAST is able to report the specific lines of code responsible for a security exploit and replay the behaviors leading to and following such an exploit. In this instructor-led, live training, participants will learn how to secure an application by instrumenting runtime agents and attack inducers to simulate application behavior during an attack. By the end of this training, participants will be able to: Simulate attacks against applications and validate their detection and protection capabilities Use RASP and DAST to gain code-level visibility into the data path taken by an application under different runtime scenarios Quickly and accurately fix the application code responsible for detected vulnerabilities Prioritize the vulnerability findings from dynamic scans Use RASP real-time alerts to protect applications in production against attacks. Reduce application vulnerability risks while maintaining production schedule targets Devise an integrated strategy for overall vulnerability detection and protection Audience DevOps engineers Security engineers Developers Format of the course Part lecture, part discussion, exercises and heavy hands-on practice|
|basel3||Basel III – Certified Basel Professional||21 hours||Description: Basel III is a global regulatory standard on bank capital adequacy, stress testing and market liquidity risk. Having initially been agreed upon by the Basel Committee on Banking Supervision in 2010–11, changes to The Accord have extended implementation to 31st March 2019. Basel III strengthens bank capital requirements by increasing bank liquidity and decreasing bank leverage. Basel III differs from Basel I & II in that it requires different levels of reserves for different forms of deposits and other types of borrowings, so it does not supersede them so much as it does work alongside Basel I and Basel II. This complex and constantly changing landscape can be hard to keep up with, our course and training will help you manage likely changes and their impact on your institution. We are accredited with and a training partner to the Basel Certification Institute and as such the quality and suitability of our training and material is guaranteed to be up to date and effective Objectives: Preparation for the Certified Basel Professional Examination. Define hands-on strategies and techniques for the definition, measurement, analysis, improvement, and control of operational risk within a banking organization. Target Audience: Board members with risk responsibilities CROs and Heads of Risk Management Members of the Risk Management team Compliance, legal and IT support staff Equity and Credit Analysts Portfolio Managers Rating Agency Analysts Overview: Introduction to Basel norms and amendments to the Basel Accord (III) Regulations for market, credit, counterparty and liquidity risk Stress testing for various risk measures including how to formulate and deliver stress tests The likely effects of Basel III on the international banking industry, including demonstrations of its practical application Need For The New Basel Norms The Basel III Norms Objectives of The Basel III Norms Basel III – Timeline|
|shadowsocks||Shadowsocks: Set up a proxy server||7 hours||Shadowsocks is an open-source, secure socks5 proxy. In this instructor-led, live training, participants will learn how to secure an internet connection through a Shadowsocks proxy. By the end of this training, participants will be able to: Install and configure Shadowsocks on any of a number of supported platforms, including Windows, Linux, Mac, Android, iOS, and OpenWRT. Deploy Shadosocks with package manager systems, such as pip, aur, freshports and others. Run Shadowsocks on mobile devices and wireless networks. Understand how Shadowsocks encrypts messages and ensures integrity and authenticity. Optimize a Shadowsocks server Audience Network engineers System Administrators Computer technicians Format of the course Part lecture, part discussion, exercises and heavy hands-on practice|
|secitp||Security for IT Practitioners||35 hours||Description: A 5-day course that will take anyone in a current IT job role into the world of Information Security. This is a fantastic start point for those wanting to go into the major growth area of IT which is Security. Many practical labs are used throughout the course to improve student understanding of theoretical concepts and give them experience of real-world products. This course is aimed at individuals who want to move into the Information Security arena or simply want to gain a broader working knowledge of the topic. Objectives: To give students of all levels a good appreciation of security issues when dealing with computers and networks. Audience: People who work in IT|
|shiro||Apache Shiro: Securing your Java application||7 hours||Apache Shiro is a powerful Java security framework that performs authentication, authorization, cryptography, and session management. In this instructor-led, live training, participants will learn how to secure a web application with Apache Shiro. By the end of this training, participants will be able to: Use Shiro's API to secure various types of applications, including mobile, web and enterprise Enable logins from various data sources, including LDAP, JDBC, Active Directory, etc. Audience Developers Security engineers Format of the course Part lecture, part discussion, exercises and heavy hands-on practice|
|pcbc||PCBC - Practitioner Certificate in Business Continuity Management||35 hours||Description: This is a 'Practitioner' course and leans heavily on practical exercises designed to reinforce the concepts being taught and to build the delegates confidence in implementing business continuity management. The course is also designed to encourage debate, and the sharing of knowledge and experience between students. Delegates will benefit from the practical and extensive experiences of ours trainers who are practicing business continuity management and ISO 22301:2012 specialists. Delegates will learn how to: Explain the need for business continuity management (BCM) in all organisations Define the business continuity lifecycle Conducting business continuity programme management Understand their organisation sufficiently to identify mission-critical impact areas Determine their organisation's business continuity strategy Establish a business continuity response Exercise, maintain and review plans Embed business continuity in an organisation Define terms and definitions appropriate to business continuity By the end of the course, delegates will have a detailed understanding of all the key components of business continuity management and be able to return to their work, making a significant contribution to the business continuity management process.|
|GDPR1||GDPR Workshop||7 hours||This one-day course is for people looking for a brief outline of the GDPR – General Data Protection Regulations coming out May 25, 2018. This is ideal for managers, department heads, and employees who need to understand the basics of the GDPR.|
Internet security and operations of security continual real-time security and analyst controls and other examples of participants will learn how to create developers analysis and retraces of classes. Of context of the server and network structures and product systems, structure collection in the organization methods and end the constructors by a strategic application (robot of. Design process distribution to the process and business and a common content type of content configuring asp. Net servers and security process data calculations and the course is t. And control of so process management attack and private and a manage a function the business time line command line based on the processes the process controller process of and us. And expressions design and which to complex memory system and streaming activity conversions and still service best process in the structure of the model sub queries to determine th.