Cyber Security Training in the UK

This instructor-led, live training in the UK (online or onsite) is aimed at advanced-level cyber security professionals who wish to understand Cyber Threat Intelligence and learn skills to effectively manage and mitigate cyber threats.By the end of this training, participants will be able to:

• Understand the fundamentals of Cyber Threat Intelligence (CTI).
• Analyze the current cyber threat landscape.
• Collect and process intelligence data.
• Perform advanced threat analysis.
• Leverage Threat Intelligence Platforms (TIPs) and automate threat intelligence processes.

This instructor-led, live training in the UK (online or onsite) is aimed at experienced developers who wish to gain a comprehensive understanding of Python programming and its applications in cybersecurity. By the end of this training, participants will be able to:

• Use Python programming for defensive cybersecurity.
• Understand and use Python for ethical offensive techniques and digital forensics tasks.
• Recognize legal and ethical considerations surrounding offensive cybersecurity and vulnerability disclosure.

Description: Disclaimer: Please be advised that this updated CISM exam content outline is applicable to exams starting 1 June 2022. CISM® is the most prestigious and demanding qualification for Information Security Managers around the globe today. This qualification provides you with a platform to become part of an elite peer network who have the ability to constantly learn and relearn the growing opportunities/ challenges in Information Security Management. Our CISM training methodology provides an in-depth coverage of contents across the Four CISM domains with a clear focus on building concepts and solving ISACA released CISM exam questions. The course is an intense training and hard-core exam preparation for ISACA’s Certified Information Security Manager (CISM®) Examination. Our instructors encourage all attending delegates to go through the ISACA released CISM QA&E (Questions, Answers and Explanations) as exam preparation - you get this FREE as part of our course. The QA&E is exceptional in helping delegates understand the ISACA style of questions, approach to solving these questions and it helps rapid memory assimilation of the CISM concepts during live classroom sessions.
All our trainers have extensive experience in delivering CISM training. We will thoroughly prepare you for the CISM examination. Goal: The ultimate goal is to pass your CISM examination first time. Objectives:

• Use the knowledge gained in a practical manner beneficial to your organisation
• Establish and maintain an Information security governance framework to achieve your organization goals and objectives
• Manage Information risk to an acceptable level to meet the business and compliance requirements
• Establish and maintain information security architectures (people, process, technology)
• Integrate information security requirements into contracts and activities of third parties/ suppliers
• Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact

Target Audience:

• Security professionals with 3-5 years of front-line experience
• Information security managers or those with management responsibilities
• Information security staff, information security assurance providers who require an in-depth understanding of information security management including: CISO’s, CIO’s, CSO’s, privacy officers, risk managers, security auditors and compliance personnel, BCP / DR personnel, executive and operational managers responsible for assurance functions

This instructor-led, live training in the UK (online or onsite) is aimed at intermediate-level IT professionals who wish to enhance their skills in identifying and managing IT risk and implementing information systems controls, and prepare for the CRISC certification exam.By the end of this training, participants will be able to:

• Understand the governance and risk management aspects of IT.
• Conduct IT risk assessments and implement risk responses.
• Design and implement information systems controls.
• Prepare effectively for the CRISC certification exam.

ISO 27799 Lead Manager training enables you to acquire the necessary expertise to support an organization in implementing and managing Information Security controls based on ISO 27799 and ISO/IEC 27002. During this training course, you will also gain a comprehensive knowledge of the best practices of Information Security Controls and how to improve Information Security within a healthcare organization. Additionally, this training enables you to develop the necessary expertise to support healthcare organizations in establishing, implementing, managing and maintaining an Information Security Management System (ISMS). Furthermore, during this training you will learn the complex and different factors that should be taken into account when dealing with information security issues within a healthcare organization.After mastering all the necessary concepts of Information Security Controls, you can sit for the exam and apply for a “PECB Certified ISO 27799 Lead Manager” credential. By holding a PECB Lead Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in implementing and managing Information Security Controls in healthcare organizations based on ISO 27799 and ISO/IEC 27002.Who should attend?

• Managers or consultants seeking to implement an Information Security Management System (ISMS) based on ISO/IEC 27001, ISO/IEC 27002 and ISO 27799
• Project managers or consultants seeking to master the Information Security Management System implementation process in healthcare organizations
• Individuals responsible for Information Security, compliance, risk, and governance in a healthcare organization
• Information Security team members
• Expert advisors in information technology
• Information Security officers
• Information Security managers
• Privacy officers
• IT professionals
• CTOs, CIOs and CISOs

Learning objectives

• Master the implementation of Information Security controls in healthcare organizations by adhering to the framework and principles of ISO 27799 and ISO/IEC 27002
• Master the concepts, approaches, standards, methods and techniques required for the implementation  and effective management of Information Security controls in healthcare organizations
• Comprehend the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Understand the importance of Information Security for the strategy of a healthcare organization
• Master the implementation of Information Security management processes
• Master the expertise to support a healthcare organization to effectively implement, manage and maintain Information Security Controls
• Master the formulation and implementation of Information Security requirements and objectives
• Master the development and administration of a health information security program, including: policies, procedures, risk assessment, security architectures etc. 

ISO/IEC 27002 Lead Manager training enables you to develop the necessary expertise and knowledge to support an organization in implementing and managing Information Security controls as specified in ISO/IEC 27002. After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential.  A PECB Lead Manager Certification, proves that you have mastered the principles and techniques for the implementation and management of Information Security Controls based on ISO/IEC 27002.Who should attend?

• Managers or consultants seeking to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants seeking to master the Information Security Management System implementation process
• Individuals responsible for the information security, compliance, risk, and governance, in an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective implementation and management of Information Security controls
• Comprehend the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Understand the importance of information security for the strategy of the organization
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training is based on both theory and practice
• Sessions of lectures illustrated with examples based on real cases
• Practical exercises based on case studies
• Review exercises to assist the exam preparation
• Practice test similar to the certification exam

General Information

• Certification fees are included on the exam price
• Training material containing over 500 pages of information and practical examples will be distributed to the participants
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants
• In case of exam failure, you can retake the exam within 12 months for free

This instructor-led, live training in the UK (online or onsite) is aimed at beginner to intermediate-level system administrators and security professionals who wish to learn how to implement Cloudflare for content delivery and cloud security, as well as mitigate DDoS attacks. By the end of this training, participants will be able to:

• Configure Cloudflare for their websites.
• Set up DNS records and SSL certificates.
• Implement Cloudflare for content delivery and caching.
• Protect their websites from DDoS attacks.
• Implement firewall rules to restrict traffic to their websites.

A CISSP is an information assurance professional who defines the architecture, design, management and/or controls that assure the security of business environments. The vast breadth of knowledge and the experience it takes to pass the exam is what sets a CISSP apart. The credential demonstrates a globally recognized level of competence provided by the (ISC)2® CBK®, which covers critical topics in security today, including cloud computing, mobile security, application development security, risk management and more. This course helps you review the 10 domains of the information security practices. It also serves as a strong learning tool for mastering concepts and topics related to all aspects of information systems security. Objectives:

• To review of the main topics of CISSP CBK (Common Body of Knowledge).
• To prepare for a CISSP examination

This instructor-led, live training in  (online or onsite) is aimed at developers, engineers, and architects seeking to secure their web apps and services.By the end of this training, participants will be able to integrate, test, protect, and analyze their web apps and services using the OWASP testing framework and tools

This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking. The purpose of the Ethical Hacking Training is to:

• Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
• Inform the public that credentialed individuals meet or exceed the minimum standards.
• Reinforce ethical hacking as a unique and self-regulating profession.

Audience: The Course is ideal for those working in positions such as, but not limited to:

• Security Engineers
• Security Consultants
• Security Managers
• IT Director/Managers
• Security Auditors
• IT Systems Administrators
• IT Network Administrators
• Network Architects
• Developers

In this instructor-led, live training the UK (online or onsite), we discuss CAS's architecture and features and practice installing and configuring a CAS server. By the end of this training, participants will be able to:

• Have an understanding of CAS's implementation of SSO (Single-Sign-On Authentication).
• Have the necessary practice to deploy and manage their own authentication server.

Shadowsocks is an open-source, secure socks5 proxy. In this instructor-led, live training, participants will learn how to secure an internet connection through a Shadowsocks proxy. By the end of this training, participants will be able to:

• Install and configure Shadowsocks on any of a number of supported platforms, including Windows, Linux, Mac, Android, iOS, and OpenWrt.
• Deploy Shadosocks with package manager systems, such as pip, aur, freshports and others.
• Run Shadowsocks on mobile devices and wireless networks.
• Understand how Shadowsocks encrypts messages and ensures integrity and authenticity.
• Optimize a Shadowsocks server

Audience

• Network engineers
• System Administrators
• Computer technicians

Format of the course

• Part lecture, part discussion, exercises and heavy hands-on practice

In this instructor-led, live training in the UK, participants will understand Internet of Things (IoT) architectures and learn the different IoT security solutions applicable to their organization. By the end of this training, participants will be able to:

• Understand IoT architectures.
• Understand emerging IoT security threats and solutions.
• Implement technologies for IoT security in their organization.

BeyondCorp is an open source Zero Trust security framework that allows employees to work securely from any location without the need for a traditional VPN. In this instructor-led, live training, participants will learn hands-on how to set up a Zero Security system as they set up and deploy BeyondCorop in a live-lab environment. By the end of this training, participants will be able to:

• Assess their organization's existing security model.
• Shift access controls from the perimeter to individual devices and users.
• Deploy applications using a user and device-centric authentication and authorization workflow.
• Understand, plan and implement a Zero Trust network within their organization.

Audience

• Network engineers
• Cyber security professionals
• System architects
• IT managers

Format of the Course

• Part lecture, part discussion, exercises and heavy hands-on practice

Note

• To request a customized training for this course, please contact us to arrange.

This course is designed to help the attendee to build organizational resilience against a range of threats so that organizations can respond effectively to incidents, maintain the availability of business operations and safeguard its interests. 

This course discusses how to manage an incident response team, how the first responder act, given the frequency and complexity of today's cyber attacks, incident response is a critical function for organizations. Incident response is the last line of defense, detecting and efficiently responding to incidents requires strong management processes, and managing an incident response team requires special skills and knowledge
 

This instructor-led, live training in the UK (online or onsite) is aimed at engineers who wish to safeguard connected vehicles from cyber attacks.By the end of this training, participants will be able to:

• Implement cybersecurity in automotive systems.
• Choose the most suitable technologies, tools, and approaches.

• After this one day seminar the attendee will be able to demonstrate knowledge and understanding of Cloud Computing.

This instructor-led, live training in the UK (online or onsite) is aimed at beginner to intermediate-level security analysts and system administrators who wish to establish a foundational understanding of Cyber Defence (SOC) analysis. By the end of this training, participants will be able to:

• Understand the principles of Security Management in a Cyber Defence context.
• Execute effective Incident Response strategies to mitigate security incidents.
• Implement Security Education practices to enhance organizational awareness and preparedness.
• Manage and analyze Security Information for proactive threat identification.
• Utilize Event Management techniques to monitor and respond to security events.
• Implement Vulnerability Management processes to identify and address system vulnerabilities.
• Develop skills in Threat Detection to identify and respond to potential cyber threats.
• Participate in Simulated Attacks to test and improve incident response capabilities.

The RESILIA  course starts with the purpose, key terms, the distinction between resilience and security, and the benefits of implementing cyber resilience. It introduces risk management and the key activities needed to address risks and opportunities. Further, it explains the relevance of common management standards and best practice frameworks to achieve cyber resilience. Subsequently, it identifies the cyber resilience processes, the associated control objectives, interactions and activities that should be aligned with corresponding ITSM activities. In the final part of the course, it describes the segregation of duties and dual controls related to cyber resilience roles and responsibilities.    
 

This course explore the technical skills to implement, monitor and administer IT infrastructure using information security policies and procedures. And how to protecting the confidentiality, integrity and availability of data.    
 

This course provides leaders and managers with an overview of issues and activities associated with cybersecurity. Leaders will receive information in various topics that will build their knowledge and hone executive decision-making in regard to the cybersecurity threat.    
  By the end of this training, participants will be able to:

• Understand the Internet, social network Privacy
• Know PII and why it is important
• Know how to secure the Online Activates
• Know how to maintain the Privacy of business users
• Know more of the Cyber laws that protect the Privacy

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This course cover the basics of PKI, the basics of encryption, the Encrypting File System currently used by Windows 7 and Windows 8, the creation of a PKI using a variety of software and looking at tools which can exploit flaws in the implementation of a PKI.     
 

This course cover the considertion of security and Privacy in the architecture, and how to design the security in the preperation of the design phase, the course also cover many technical controls to be designed in the architecture.

This two days course s designed for those with some data protection responsibilities in an
organization or who, for other reasons, wish to achieve and demonstrate a broad
understanding of the law, including the EU General Data Protection Regulation (GDPR) and
the UK Data Protection Bill and their practical application. It is recognized that those with
overall responsibility for data protection within an organization will need to develop a detailed
understanding of the law"    

The Payment Card Industry Professional training course provides an individual qualification
for industry practitioners who wish to demonstrate their professional expertise and
understanding of the PCI Data Security Standard (PCI DSS).
 

This course discusses how to manage an incident response team. how the first responder act, given the frequency and complexity of today's cyber attacks, incident response is a critical function for organizations. Incident response is the last line of defense, detecting and efficiently responding to incidents requires strong management processes, and managing an incident response team requires special skills and knowledge

This course help you to understand what is special about Bitcoin, we need to understand how it works at a technical level. We’ll address the important questions about Bitcoin, such as:
How does Bitcoin work? What makes Bitcoin different? How secure are your Bitcoins? How anonymous are Bitcoin users? What determines the price of Bitcoins? Can cryptocurrencies be regulated? What might the future hold?   
 

This one day course show the cyber crime impact on the business and how the hackers can effect the business through the cyber crimes, the course discuss the history of cyber crime and security terminologies of the hacking and cyber security, finally it will discuss how to stop this risk on the business    
    
 

This course was put together focusing on what today’s Mobile Forensics practitioner requires, Basics of Android and iOS areas this course will be cover & the analysis using reverse engineering understanding how the popular Mobile OSs are hardened to defend against common attacks and exploits.

Digital Forensics and Investigations is a comprehensive entry level course to teach the basic theoretical concepts of digital forensics as well as the practical side of digital forensics, i.e. how to conduct digital forensic investigations. This course is designed for a wide range of people such as law enforcers, crime investigators, managers in larger organizations, technical personnel in larger organizations, and anyone else interested in a general background of digital forensics.    
 

In this course, you will learn the principles and techniques for digital forensics investigation and the spectrum of available computer forensics tools. You will learn about core forensics procedures to ensure court admissibility of evidence, as well as the legal and ethical implications. You will learn how to perform a forensic investigation on both Unix/Linux and Windows systems with different file systems. with many advanced topics like wireless, network, web, DB and Mobile crimes investigation    
 

This class will help the attendees to scan, test, hack on secure their own systems, get in-depth knowledge and practical experience with the current essential security systems. the attendees know how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed, the attendees then will learn how intruders escalate privileges and what steps can be taken to secure a system, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.    
 

This instructor-led, live training in the UK (online or onsite) is aimed at information system analysts who wish to use MITRE ATT&CK to decrease the risk of a security compromise. By the end of this training, participants will be able to:

• Set up the necessary development environment to start implementing MITRE ATT&CK.
• Classify how attackers interact with systems.
• Document adversary behaviors within systems.
• Track attacks, decipher patterns, and rate defense tools already in place.

This instructor-led, live training in the UK (online or onsite) is aimed at information analysts who wish to learn the techniques and processes behind social engineering so as to protect sensitive company information. By the end of this training, participants will be able to:

• Set up the necessary development environment to start creating custom malware.
• Backdoor legitimate web applications undetected.
• Deliver evil files as normal file types.
• Use social engineering techniques to lead targets into a fake website.

Why should you attend?The Certified Lead Ethical Hacker training course enables you to develop the necessary expertise to perform information system penetration tests by applying recognized principles, procedures and penetration testing techniques, in order to identify potential threats on a computer network. During this training course, you will gain the knowledge and skills to manage a penetration testing project or team, as well as plan and perform internal and external pentests, in accordance with various standards such as the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM). Moreover, you will also gain a thorough understanding on how to draft reports and countermeasure proposals. Additionally, through practical exercises, you will be able to master penetration testing techniques and acquire the skills needed to manage a pentest team, as well as customer communication and conflict resolution.  The Certified Lead Ethical Hacking training course provides a technical vision of information security through ethical hacking, using common techniques such as information gathering and vulnerability detection, both inside and outside of a business network.The training is also compatible with the NICE (The National Initiative for Cybersecurity Education) Protect and Defend framework. After mastering the necessary knowledge and skills in ethical hacking, you can take the exam and apply for the "PECB Certified Lead Ethical Hacker" credential. By holding a PECB Lead Ethical Hacker certificate, you will be able to demonstrate that you have acquired the practical skills for performing and managing penetration tests according to best practices. Who should attend?

• Individuals interested in IT Security, and particularly in Ethical Hacking, to either learn more about the topic or to start a process of professional reorientation.
• Information security officers and professionals seeking to master ethical hacking and penetration testing techniques.
• Managers or consultants wishing to learn how to control the penetration testing process.
• Auditors wishing to perform and conduct professional penetration tests.
• Persons responsible for maintaining the security of information systems in an organization.
• Technical experts who want to learn how to prepare a pentest.
• Cybersecurity professionals and information security team members.

This instructor-led, live training in the UK (online or onsite) is aimed at supply chain professionals who wish to establish effective control and oversight of their supply chain, especially as it relates to cybersecurity. By the end of this training, participants will be able to:

• Understand the security oversights that can bring about significant damage and disruption to a supply chain.
• Break down a complex security problem into manageable and actionable parts.
• Address common supply chain vulnerabilities by analyzing high risk areas and engaging with stakeholders.
• Adopt best practices in securing a supply chain.
• Noticeably reduce or eliminate the biggest risks to an organization's supply chain.

Lead SCADA Security Manager training enables you to develop the necessary expertise to plan, design, and implement an effective program to protect SCADA systems. In addition, you will be able to understand common Industrial Control System (ICS) threats, vulnerabilities, risks related to the Industrial Control Systems (ICS) and techniques used to manage these risks. This training focuses on several aspects of security management and skills related to SCADA/ICS security.Lead SCADA Security Manager training course is designed by industry experts with in-depth experience in SCADA and Industrial Control Systems Security. Unlike other trainings, this training course concentrates specifically on the knowledge and skills needed by a professional seeking to advice on, or manage risks related to SCADA environments and systems. Given the high profile nature and the significant impacts associated with such environments, a holistic professional approach to security is needed and that is exactly what this course is designed to provide.In addition, to acquire the theoretical knowledge needed by a SCADA Security Manager, a comprehensive methodology for the implementation of a SCADA Security program is presented. Thus, at the end of this course, you will gain knowledge on how to effectively implement a security program for SCADA/ICS systems.After mastering all the necessary concepts of SCADA Security, you can sit for the exam and apply for a “PECB Certified Lead SCADA Security Manager” credential. By holding a PECB Lead SCADA Security Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing SCADA Security.Who should attend?

• Security professionals interested in acquiring SCADA security professional skills
• IT professionals looking to enhance their technical skills and knowledge
• IT and Risk Managers seeking a more detailed understanding of ICS and SCADA systems
• SCADA system developers
• SCADA engineers and operators
• SCADA IT professionals

Learning objectives

• Understand and explain the purpose and risks to SCADA systems, Distributed Control Systems and Programmable Logic Controllers
• Understand the risks faced by these environments and the appropriate approaches to manage such risks
• Develop the expertise to support a pro-active SCADA Security program, including policies and vulnerability management
• Define and design network architecture incorporating defense in advanced security controls for SCADA
• Explain the relationship between management, operational and technical controls in a SCADA Security program
• Improve the ability to design resilient and high availability SCADA systems
• Learn how to manage a program of effective security testing activities

Educational approach

• This training is based on both theory and best practices used in SCADA Security
• Lecture sessions are illustrated with examples based on case studies
• Practical exercises are based on a case study which includes role playing and discussions
• Practical tests are similar to the Certification Exam

General Information

• Certification fees are included on the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

ISO 27799 Foundation training enables you to learn the basic elements of Information security management and Information Security Controls in healthcare organizations as specified in ISO 27799 and ISO/IEC 27002. During this training course, you will be able to understand how ISO 27799 is related to ISO/IEC 27001 and ISO/IEC 27002.After completing this course, you can sit for the exam and apply for the “PECB Certified ISO 27799 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies and management approach.Who should attend?

• Individuals interested in Information Security Management applicable to the healthcare industry
• Individuals seeking to gain knowledge about the main processes of an Information Security Management System and Information Security Controls relevant to healthcare organizations
• Individuals interested to pursue a career in Information Security Management 

Learning objectives

• Understand the implementation of Information Security Controls in accordance with ISO 27799 and ISO/IEC 27002
• Acknowledge the correlation between ISO ISO/IEC 27001, ISO 27799, ISO/IEC 27002 and other standards and regulatory frameworks
• Understand the approaches, methods and techniques used for the implementation of Information Security Controls in healthcare organizations

Educational Approach

• Lecture sessions are illustrated with practical questions and examples
• Practical exercises include examples and discussions
• Practice tests are similar to the Certification Exam

General Information

• Certification fees are included on the exam price
• Training material containing over 200 pages of information and practical examples will be distributed
• A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months for free

The Certified Ethical Hacker certification is a sought-after cybersecurity certification around the world. This program incorporates instruction and practice to get students ready to take the CEH certification exam as well as the CEH Practical Exam. Candidates who successfully pass both exams earn the CEH Master credential as well as their CEH certification. Students are given the choice to add either the CPENT or the CHFI course to their package. Training for either the Certified Penetration Testing Professional (CPENT) course or the Computer Hacking Forensic Investigator (CHFI) course will be given to each student via EC-Council’s online, self-paced, streaming video program. CPENT (Pen-test):
Teaches students how to apply the concepts and tools taught in the CEH program to a pen-test methodology in a live cyber range. CHFI (Computer Forensics):
Teaches students a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence. Course Description CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to set up your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident. CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure. Who Should Attend

• Law enforcement personnel
• System administrators
• Security officers
• Defense and military personnel
• Legal professionals
• Bankers
• Security professionals

About the Certified Ethical Hacker Master To earn the CEH Master certification, you must pass the CEH Practical exam. The CEH Practical Exam was designed to give students a chance to prove they can execute the principals taught in the CEH course. The practical exam requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, and more. The CEH Practical does not contain simulations. Rather, you will be challenging a live range which was designed to mimic a corporate network through the use of live virtual machines, networks, and applications. Successfully completing the challenges found in the CEH Practical Exam is the next step after attaining the Certified Ethical Hacker (CEH) certification. Successfully passing both the CEH exam and the CEH Practical will earn you the additional certification of CEH Master. About the Certified Ethical Hacker Practical To prove that you are skilled in ethical hacking, we test your abilities with real-world challenges in a real-world environment, using labs and tools requiring you to complete specific ethical hacking challenges within a time limit, just as you would face in the real world. The EC-Council CEH (Practical) exam is comprised of a complex network that replicates a large organization’s real-life network and consists of various network systems (including DMZ, Firewalls, etc.). You must apply your ethical hacking skills to discover and exploit real-time vulnerabilities while also auditing the systems. About CPENT EC-Council’s Certified Penetration Tester (CPENT) program is all about the pen test and will teach you to perform in an enterprise network environment that must be attacked, exploited, evaded, and defended. If you have only been working in flat networks, CPENT’s live practice range will teach you to take your skills to the next level by teaching you to pen test IoT systems, OT systems, as well as how to write your own exploits, build your own tools, conduct advanced binaries exploitation, double pivot to access hidden networks, and customization of scripts and exploits to get into the innermost segments of the network. About CHFI The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation.

This instructor-led, live training in the UK (online or onsite) is aimed at security engineers and system administrators who wish to integrate more security into their Ubuntu Linux distribution and protect their system from threats. By the end of this training, participants will be able to:

• Install and configure Ubuntu operating system.
• Reinforce the physical security of Ubuntu Linux distribution.
• Embed encrypted server features to protect the administration system.
• Secure device interactions within the Ubuntu System.
• Recognize general security threats to Ubuntu environment and execute the proper solutions.

Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.Who Can Attend?

• Project managers and consultants involved in and concerned with the implementation of an ISMS 
• Expert advisors seeking to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organization
• Members of an ISMS implementation team

 

General information

• Certification fees are included in the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months free of charge

Educational approach

• This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises. 
• The exercises are based on a case study. 
• The structure of the quizzes is similar to that of the certification exam.

Learning objectivesThis training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes based on ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

This instructor-led, live training in the UK (online or onsite) is aimed at computer users who wish to understand malware and take appropriate measures to minimize its threat. By the end of this training, participants will be able to:

• Understand the concept of malware.
• Identify the different types of malware.
• Take necessary steps to mitigate malware (procedural, technological, awareness, etc).

Cyber Security is the practice of applying technologies, controls, and processes to protect computer systems, servers, networks, devices, programs, and data from malicious cyber attacks. This instructor-led, live training (online or onsite) is aimed at anyone who wish to learn how to protect internet-connected systems from different kinds of cyber threats. By the end of this training, participants will be able to:

• Understand the concept of Cyber Security.
• Learn and understand the different Cyber Security threats.
• Learn processes and best practices to protect internet-connected systems from cyber attacks.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Who is it for: Anyone who is involved in the areas of information security and information assurance.  The certificate is relevant to anyone requiring an understanding of Business Continuity Management as well as those who are involved in the areas of information security and information assurance. What will I learn: Candidates should be able to demonstrate: 

• The function of and need for business continuity management within an organisation
• The business continuity management life cycle
• The main components of a business continuity management programme
• The need for risk assessment within business continuity management
• The options for development of a business continuity management strategy
• How to prepare and develop plans for business continuity management response  
• The need for exercising, maintenance and review of plans 
• The need for embedding business continuity management awareness within the organisation 

This instructor-led, live training in the UK (online or onsite) is aimed at IT professionals who wish to learn and apply the fundamentals of Cybersecurity practices, processes, and tools in their organization. By the end of this training, participants will be able to:

• Understand the Cybersecurity concepts, definitions, architecture, and principles.
• Learn how to secure and protect digital assets (networks, systems, applications, and data).
• Implement security models, frameworks, operational techniques, and incident handling.
• Evaluate and mitigate the impact of cyber attacks, risks, threats, and vulnerabilities.
• Gain insights on cybersecurity challenges with emerging technologies.

This instructor-led, live training in the UK (online or onsite) is aimed at software engineers and IT professionals who wish to gain a deeper knowledge on CyBOK and strengthen theoretical and applied skills in cyber security. By the end of this training, participants will be able to:

• Understand the fundamental concepts, definitions, and principles of cyber security.
• Acquire in-depth expertise in cyber security by implementing the CyBOK knowledge areas.
• Gain extensive and foundational knowledge to operationalize the CyBOK framework.
• Facilitate community and organization enablement to increase focus on data security and privacy.
• Expand opportunities to earn specialization and credentials for cyber security professions.

Description:This class is intended as intense and hard core exam preparation for ISACA’s Certified Information Systems Auditor (CRISC) Examination. The latest four (4) domains of ISACA’s CRISC syllabus will be covered with a big focus on the Examination. The Official ISACA CRISC Review Manual and Question, Answer and Explanation, (Q,A&E), supplements will ALSO be provided when attending. The Q,A&E is exceptional in helping delegates understand the ISACA style of questions, the type of answers ISACA are looking for and it helps rapid memory assimilation of the material.The technical skills and practices that ISACA promotes and evaluates within the CRISC certification are the building blocks of success in the field. Possessing the CRISC certification demonstrates your skill within the profession. With a growing demand for professionals holding risk and control expertise, ISACA’s CRISC has positioned itself to be the preferred certification program by individuals and enterprises around the world. The CRISC certification signifies commitment to serving an enterprise and the chosen profession with distinction.Objectives:

• To help you pass the CRISC examination first time.
• Possessing this certification will signify your commitment to serving an enterprise with distinction.
• The growing demand for professionals with risk and control skills will allow holders of this certification to command better positions and salary.

You will learn:

• To help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based, efficient and effective IS controls.
• The technical skills and practices that CRISC promotes, which are the building blocks of success in the field.

The course is providing practical knowledge on OpenStack and private cloud security. It starts from the introduction to the system, then the participants are getting practical knowledge on security in private clouds and securing OpenStack installation. During the course, each of the core OpenStack modules is presented, participants are building up virtual identity, image, network, compute and storage resources while discussing relevant security topics. Each participant is getting their own training environment with a complete OpenStack installation based on selected cloud architecture (eg. storage, networking). The training could be highly customized based on the needs of the client. Customization options
The training can be contracted to 2 days, focusing on core aspects relevant for the customer. The training can be also extended regarding administrative, design, networking and/or troubleshooting topics concerning OpenStack deployments
 

Audience: System Administrators and Network Administrators as well as anyone who is interested in defensive network security technologies.  

Advanced PHP and Secure Coding Course