Cyber Security Courses

The most severe vulnerabilities are people.

Even though securing technically an organization’s IT infrastructure is a critical step, it has to be combined with constant training of every user of the organization.
Studies show that attacks involving unintentional user contribution account for 90% of all attacks. Thus, training is of the utmost importance.
Usually users are so unaware and unprepared, that a hacker will not need any kind of physical access to cause harm. Predictable usernames and guessable or weak passwords are more than enough for them, even persuading a user into clicking a link can do enough damage.

Cyber Security Culture Course

The course’s main purpose is to ensure that all system users comprehend the significance of cyber risk as it can be very costly; money-wise or reputation-wise, and concerns every organization in every industry. It informs users about methods used by hackers to approach them, how to identify and successfully address threats in order to protect sensitive data from their malicious goals.

View Course Agenda

  • General cyber security terminology and categorization
  • Malware, viruses and spyware
  • Anti-virus software
  • Unauthorized system access and characteristics of a strong password
  • Identification of theft and compromise of classified data
  • Risks regarding removable media
  • Phishing
  • Dangers associated with emails (dangerous attachments, hoaxes, etc.)
  • Dangers related to mobile devices
  • Backing up systems and files
  • File sharing and copyright issues
  • Dangers of unsecured wireless networks
  • Desktop security
  • Social engineering and other human aspects
  • Risks of social networking

HACKER DETECTION & Emergency response FOR IT ADMINISTRATORS

The course analyses the modern threat detection techniques and appropriate methods of reaction, to achieve the best possible management of security incidents in information systems and networks of the organization.

Furthermore this course provides the basic knowledge required by information system administrators in order to be able to detect and deal with first level cyber-attacks received by their supported systems.

During the course practical techniques that can be used by trainees are presented, to locate a breach to information systems and networks of the organisation. The course includes on-site demonstrations of attacks, system infection and ways to identify infected systems, infected system isolation and collecting evidence as well as first level response procedures to address security incidents.

Completing this training program, participants will be fully aware of threats, how a malicious attacker can exploit their system weaknesses, how they can locate a breach to their systems and how to react to a first level incident response.

Target Audience
This program is open to senior IT executives, information security officers, system administrators, application administrators.

View Course Agenda

  • Secure Network Architecture
  • Malware
  • Windows
    • Baselining
    • Cheat Sheat
    • Windows Logging
    • Monitoring
    • WMIC
    • Workshop (Hacking Demonstration)
  • Linux
    • Baselining
    • Bastile
    • File Integrity OSSEC
    • Cheat Sheat
    • Logs
    • Workshop (Hacking Demonstration)
  • System Monitoring
    • Nagios
  • Network
    • Monitoring tools
    • Workshop: Network baselining
    • Workshop: Detect Network Malicious Traffic

Incident Response for System Administrators – Maritime First Response

Immediate response to a cyber attack is the key in order to maintain company reputation. Prevention methods are taught in this course as well as identification and reaction techniques suitable for IT operators in the following steps;
Understanding of reaction procedures in case of a cyber incident _ Implementation and verification of such procedures _ Tools and techniques for the reaction and verification of a cyber incident

View Course Agenda

  • Definitions (Incident, Incident Response, Forensics)
  • First Response Framework
  • Preparation
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons Learned
  • Workshop: Incident Response Techniques
  • Registry Analysis & Event Logs

– Reg ripper
– Log parser

  • Scripts and Open source tools for data acquisition
  • Mandiant Redline, Triage, etc.
  • Online Tools for Malware verification/analysis
  • Workshop: Case Study – A real compromise in action

Secure Coding

Company applications and websites are vulnerable as they can be easily targeted by hackers and revoke access as well as damage corporate reputation. The course explains penetration techniques and focuses on how to overcome them with secure coding. It concerns developers and project managers in development departments.

View Course Agenda

  • Web Application Attacks
  • Web Application Proxies
  • Parameter Manipulation
  • Cross-Site Scripting (XSS)
  • Open Redirect
  • SQL Injection
  • HTTP Response Splitting
  • Input Validation
  • Output Validation
  • Authentication and Password Management
  • Session Management
  • Access Control
  • Cryptographic Practices
  • Error Handling and Logging
  • Data Protection
  • Communication Security
  • File Management
  • Memory Management
  • Whitelists
  • Blacklists
  • General Coding Practices
  • Character Encoding
  • Command Encoding
  • Content Security Policy
Security doesn't happen by accident.