Cyber Security Courses

The most severe vulnerabilities are people.

Even though securing technically an organization’s IT infrastructure is a critical step, it has to be combined with constant training of every user of the organization.
Studies show that attacks involving unintentional user contribution account for 90% of all attacks. Thus, training is of the utmost importance.
Usually users are so unaware and unprepared, that a hacker will not need any kind of physical access to cause harm. Predictable usernames and guessable or weak passwords are more than enough for them, even persuading a user into clicking a link can do enough damage.

Cyber Security Culture Course

The course’s main purpose is to ensure that all system users comprehend the significance of cyber risk as it can be very costly; money-wise or reputation-wise, and concerns every organization in every industry. It informs users about methods used by hackers to approach them, how to identify and successfully address threats in order to protect sensitive data from their malicious goals.

View Course Agenda

  • General cyber security terminology and categorization
  • Malware, viruses and spyware
  • Anti-virus software
  • Unauthorized system access and characteristics of a strong password
  • Identification of theft and compromise of classified data
  • Risks regarding removable media
  • Phishing
  • Dangers associated with emails (dangerous attachments, hoaxes, etc.)
  • Dangers related to mobile devices
  • Backing up systems and files
  • File sharing and copyright issues
  • Dangers of unsecured wireless networks
  • Desktop security
  • Social engineering and other human aspects
  • Risks of social networking

Hacker Detection for System Administrators

Cyber attacks have become more sophisticated and come in numerous forms. This course aims to train IT personnel on how to protect systems by tracking network traffic, how to identify an attack, and finally how to immediately react upon it. It is essential that IT directors, data security managers, data and application administrators are aware of such policies and practices for data and information as well as system networks security reasons.

View Course Agenda

  • Secure Network Architecture
  • Malware
  • Windows
    • Baselining
    • Cheat Sheat
    • Windows Logging
    • Monitoring
    • WMIC
    • Workshop (Hacking Demonstration)
  • Linux
    • Baselining
    • Bastile
    • File Integrity OSSEC
    • Cheat Sheat
    • Logs
    • Workshop (Hacking Demonstration)
  • System Monitoring
    • Nagios
  • Network
    • Monitoring tools
    • Workshop: Network baselining
    • Workshop: Detect Network Malicious Traffic

Incident Response for System Administrators – Maritime First Response

Immediate response to a cyber attack is the key in order to maintain company reputation. Prevention methods are taught in this course as well as identification and reaction techniques suitable for IT operators in the following steps;
Understanding of reaction procedures in case of a cyber incident _ Implementation and verification of such procedures _ Tools and techniques for the reaction and verification of a cyber incident

View Course Agenda

  • Definitions (Incident, Incident Response, Forensics)
  • First Response Framework
  • Preparation
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons Learned
  • Workshop: Incident Response Techniques
  • Registry Analysis & Event Logs

– Reg ripper
– Log parser

  • Scripts and Open source tools for data acquisition
  • Mandiant Redline, Triage, etc.
  • Online Tools for Malware verification/analysis
  • Workshop: Case Study – A real compromise in action

Secure Coding

Company applications and websites are vulnerable as they can be easily targeted by hackers and revoke access as well as damage corporate reputation. The course explains penetration techniques and focuses on how to overcome them with secure coding. It concerns developers and project managers in development departments.

View Course Agenda

  • Web Application Attacks
  • Web Application Proxies
  • Parameter Manipulation
  • Cross-Site Scripting (XSS)
  • Open Redirect
  • SQL Injection
  • HTTP Response Splitting
  • Input Validation
  • Output Validation
  • Authentication and Password Management
  • Session Management
  • Access Control
  • Cryptographic Practices
  • Error Handling and Logging
  • Data Protection
  • Communication Security
  • File Management
  • Memory Management
  • Whitelists
  • Blacklists
  • General Coding Practices
  • Character Encoding
  • Command Encoding
  • Content Security Policy
Security doesn't happen by accident.