Local, instructor-led live Cyber Security (also known as Cybersecurity, Internet Security or IT Security) training courses demonstrate through interactive discussion and hands-on practice how to understand, plan and implement an Cybersecurity strategy within their organisation. Special focus is given to setting up the proper systems and procedures needed to detect and mitigate threats. Internet Security courses are available as interactive trainings and a number of them include a testing and certification component.
Cybersecurity training is available as "onsite live training" or "remote live training". Onsite live Cyber Security trainings in the UK can be carried out locally on customer premises or in NobleProg corporate training centres. Remote live training is carried out by way of an interactive, remote desktop.
NobleProg -- Your Local Training Provider
Testimonials
I genuinely was benefit from the communication skills of the trainer.
Flavio Guerrieri
Course: CISM - Certified Information Security Manager
I liked the trainer was passionate about the subject and very convincing too.
Diana Vladulescu
Course: Secure Web Application Development and Testing
Really liked the trainer's deep knowledge, real examples, the fact that he is also a practitioner.
18 Wojskowy Oddział Gospodarczy
Course: CRISC - Certified in Risk and Information Systems Control
I mostly liked the knowledge,.
18 Wojskowy Oddział Gospodarczy
Course: CRISC - Certified in Risk and Information Systems Control
I mostly was benefit from the hands-on examples.
Trading Point of Financial Instruments (XM
Course: Secure coding in PHP
The subject of the course was very interesting and gave us many ideas.
Anastasios Manios
Course: Secure coding in PHP
I generally enjoyed the interaction.
Andreas Hadjidemetris
Course: Secure coding in PHP
Most of the known subjects related with secure coding covered and explained well Nice presentations Easy to watch, not boring.
Trading Point of Financial Instruments (XM
Course: Secure coding in PHP
The way and its approach on each different section.
Trading Point of Financial Instruments (XM
Course: Secure coding in PHP
The trainer has very good communication skills and can easily get & hold audience's attention. He can explain the matter in a very easy and detailed way so that each person can understand it.
Trading Point of Financial Instruments (XM
Course: Secure coding in PHP
All topics were well covered and presented with a lot of examples. Ahmed was very efficient and managed to keep us focused and attracted at all times.
Kostas Bastas
Course: Secure coding in PHP
Everything! I didn't have any experience with Secure Coding and the whole training was interesting and helpful.
Trading Point of Financial Instruments (XM
Course: Secure coding in PHP
I genuinely enjoyed the real life examples.
Marios Prokopiou
Course: Secure coding in PHP
I loved the delivery from the trainer's side. Very enthusiastic and made the training really pleasant and interesting. Also, very clear about the content he was delivering.
Trading Point of Financial Instruments (XM
Course: Secure coding in PHP
I genuinely liked the real world scenarios.
Michail Alvanos
Course: Java and Web Application Security
I genuinely liked the organisation.
Panagiotis Foutros
Course: Java and Web Application Security
Very good knowledge and character.
Constantinos Michael
Course: Java and Web Application Security
I was benefit from the exercises (SQL injection, XSS, CRSF. .).
David Lemoine - Statistical Solutions
Course: .NET, C# and ASP.NET Security Development
I liked the blend of theory/fundamentals/principles and activity/interactive-web-apps. Excellent mix.
Statistical Solutions
Course: .NET, C# and ASP.NET Security Development
Good pacing, by switching between lectures and activities the trainer was able to hold my attention, good variety of topics covered, trainer was very knowledgeable and able to adapt the subject matter to what was required.
Statistical Solutions
Course: .NET, C# and ASP.NET Security Development
I genuinely was benefit from the knowledge.
Luis Miguel Lara - Blue Indico Investments, S.L.U.
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
The way in which he explained to us during the 2 days and his way of being, which makes learning enjoyable.
Víctor Miguel Prado Saster - Blue Indico Investments, S.L.U.
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
I really liked the teacher's knowledge.
Ariany Auxiliadora Pulido Gonzalez - Blue Indico Investments, S.L.U.
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
The trainer was very nice and available. I appreciated his knowledge, skills and preparation about the subject. Furthermore, he provided us extra content about IoT, very interesting.
Giuseppe Fiorita - Blue Indico Investments, S.L.U.
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
Ahmed was always trying to keep attention of us.
Alberto Brezmes - Blue Indico Investments, S.L.U.
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
I enjoyed the trainer methods to attract our attention.
Antonio Osuna Sánchez - Blue Indico Investments, S.L.U.
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
Trainers command in his field
Adnan ul Husnain Hashmi - TDM GROUP
Course: Web Application Security
The hands-on labs were excellent.
Dr. Farhan Hassan Khan - TDM GROUP
Course: Web Application Security
The trainer always ensured me fully understand what he had taught and do not hesitate to repeat again if I am still not clear about it. He is committed to preparing more samples to show me to answer the extra questions from me.
Kenny, Jiun Ming Wee
Course: PKI: Implement and Manage
Very knowledgeable and approachable trainer.
Trainocate (S) Pte. Ltd.
Course: PKI: Implement and Manage
Ann is very knowledgeable on the subject. She is constantly varying pace according to the feedback. There is a lot of room for discussing attendee's own experiences. It was a great joy !.
Sjoerd Hulzinga - KPN p/a Bloomville
Course: IoT Security Architecture
It was quite informal.
Capita Business Services Ltd
Course: Understanding Modern Information Communication Technology
Trainer covered a lot of ground over a relatively short period.
Capita Business Services Ltd
Course: Understanding Modern Information Communication Technology
I enjoyed the practical exercises. Hands-on is the best way to learn.
W L Gore & Associates (UK) Ltd
Course: PKI: Implement and Manage
I found it very interesting to learn all about what happens behind the scenes when it comes to IT systems. I also enjoyed learning about security and what hackers do as ethical hacking is an avenue I'm very keen in pursuing.
Knowledge Pool/ DVLA
Course: Understanding Modern Information Communication Technology
Richard was very knowledgeable in his field.
Knowledge Pool/ DVLA
Course: Understanding Modern Information Communication Technology
The practical exercises
Corvil
Course: C/C++ Secure Coding
The hands-on approach to explain the concepts.
Corvil
Course: C/C++ Secure Coding
It was pitched at the right level - challenging but understandable & informative.
Louise Voisey - Capita Business Services Ltd
Course: Understanding Modern Information Communication Technology
Exercise and be able to experiment.
Corvil
Course: C/C++ Secure Coding
The trainer was extremely clear and concise. Very easy to understand and absorb the information.
Paul Clancy - Rowan Dartington
Course: CGEIT – Certified in the Governance of Enterprise IT
a lot of good documents provided. It helps us building up our knowledge.
MOL Information Technology Asia Ltd.
Course: CGEIT – Certified in the Governance of Enterprise IT
The delivery
Department for Communities
Course: CISMP - Certificate in Information Security Management Principles
Depth and breadth of the course. Trainer was excellent also.
Department for Communities
Course: CISMP - Certificate in Information Security Management Principles
Examples provided
Department for Communities
Course: CISMP - Certificate in Information Security Management Principles
The OWASP overview, especially slides with the specific examples of attacks. OWASP Zap tool.
Corvil
Course: Secure Developer Java (Inc OWASP)
I saw some security risk being easier to use than I expected It helped us to find some security holes in our Product
Corvil
Course: Secure Developer Java (Inc OWASP)
Hacking
Mohalmald Salim - PSO
Course: Ethical Hacker
Concise
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
Crypto
Carlos Ibarra
Course: Advanced Java, JEE and Web Application Security
Concise
Course: CCSK - Certificate of Cloud Security Knowledge - Plus
Cybersecurity Course Outlines
In this instructor-led, live training, participants will learn how to secure an application by instrumenting runtime agents and attack inducers to simulate application behavior during an attack.
By the end of this training, participants will be able to:
- Simulate attacks against applications and validate their detection and protection capabilities
- Use RASP and DAST to gain code-level visibility into the data path taken by an application under different runtime scenarios
- Quickly and accurately fix the application code responsible for detected vulnerabilities
- Prioritize the vulnerability findings from dynamic scans
- Use RASP real-time alerts to protect applications in production against attacks.
- Reduce application vulnerability risks while maintaining production schedule targets
- Devise an integrated strategy for overall vulnerability detection and protection
Audience
- DevOps engineers
- Security engineers
- Developers
Format of the course
- Part lecture, part discussion, exercises and heavy hands-on practice
During this training course, you will also gain a thorough understanding of best practices of risk assessment methods such as OCTAVE, EBIOS, MEHARI and harmonized TRA. This training course corresponds with the implementation process of the ISMS framework presented in the ISO/IEC 27001 standard.
After understanding all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Risk Manager” credential. By holding a PECB Risk Manager Certificate, you will be able to demonstrate that you have the necessary skills and knowledge to perform an optimal Information Security Risk Assessment and timely manage Information Security risks.
Who should attend?
- Information Security risk managers
- Information Security team members
- Individuals responsible for Information Security, compliance, and risk within an organization
- Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or involved in a risk management program
- IT consultants
- IT professionals
- Information Security officers
- Privacy officers
Examination - Duration: 2 hours
The “PECB Certified ISO/IEC 27005 Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
- Domain 1 Fundamental principles and concepts of Information Security Risk Management
- Domain 2 Implementation of an Information Security Risk Management program
- Domain 3 Information Security risk management framework and process based on ISO/IEC 27005
- Domain 4 Other Information Security risk assessment methods
General information
- Certification fees are included on the exam price
- Training material containing over 350 pages of information and practical examples will be distributed
- A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
After mastering all the necessary concepts of Information Security Risk Management based on ISO/IEC 27005, you can sit for the exam and apply for a “PECB Certified ISO/IEC 27005 Lead Risk Manager” credential. By holding a PECB Lead Risk Manager Certificate, you will be able to demonstrate that you have the practical knowledge and professional capabilities to support and lead a team in managing Information Security Risks.
Who should attend?
- Information Security risk managers
- Information Security team members
- Individuals responsible for Information Security, compliance, and risk within an organization
- Individuals implementing ISO/IEC 27001, seeking to comply with ISO/IEC 27001 or individuals who are involved in a risk management program
- IT consultants
- IT professionals
- Information Security officers
- Privacy officers
Examination - Duration: 3 hours
The “PECB Certified ISO/IEC 27005 Lead Risk Manager” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
- Domain 1 Fundamental principles and concepts of Information Security Risk Management
- Domain 2 Implementation of an Information Security Risk Management program
- Domain 3 Information security risk assessment
- Domain 4 Information security risk treatment
- Domain 5 Information security risk communication, monitoring and improvement
- Domain 6 Information security risk assessment methodologies
General Information
- Certification fees are included on the exam price
- Training material containing over 350 pages of information and practical examples will be distributed
- A participation certificate of 21 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
ISO/IEC 27005 training course enables you to comprehend the basic concepts of Information Security Risk Management by using the standard [ISO/IEC 27005](https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27005) as a reference framework.
By attending the ISO/IEC 27005 Introduction training course, you will understand the importance of Information Security Risk Management and the benefits that businesses, society and governments can obtain.
Who should attend?
- Individuals interested in Information Security Risk Management
- Individuals seeking to gain knowledge about the main processes of Information Security Risk Management
After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27005 Foundation” credential. A PECB Foundation Certificate shows that you have understood the fundamental methodologies, processes and management approach.
Who should attend?
- Individuals interested in Information Security Risk Management
- Individuals seeking to gain knowledge about the main processes of Information Security Risk Management
- Individuals interested to pursue a career in Information Security Risk Management
The “PECB Certified ISO/IEC 27005 Foundation” exam fully meets the requirements of the PECB Examination and Certification Programme (ECP). The exam covers the following competency domains:
Domain 1: Fundamental principles and concepts of Risk Management in Information Security
Domain 2: Information Security Risk Management approaches and processes
After successfully completing the exam, you can apply for the “PECB Certified ISO/IEC 27005 Foundation” credential.
General Information
Certification fees are included in the exam price
- Training material containing over 200 pages of information and practical examples will be distributed
- A participation certificate of 14 CPD (Continuing Professional Development) credits will be issued
- In case of exam failure, you can retake the exam within 12 months for free
By the end of this training, participants will be able to:
- Understand IoT architectures.
- Understand emerging IoT security threats and solutions.
- Implement technologies for IoT security in their organization.
This course is the non-certifcation version of the "[CISA - Certified Information Systems Auditor](/cc/cisa)" course. CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting.
Objectives:
- Use the knowledge gained to benefit your organisation
- Provide audit services in accordance with IT audit standards
- Provide assurance on leadership and organizational structure and processes
- Provide assurance on acquisition/ development, testing and implementation of IT assets
- Provide assurance on IT operations including service operations and third party
- Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.
Target Audience:
Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.
This is an Instructor led course, and is the non-certification version of the "[CISMP - Certificate in Information Security Management Principles](/cc/cismp)" course
Description:;
The course will provide you with the knowledge and understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role. It will also prepare individuals who are thinking of moving into information security or related functions.
Objectives:
To provide students with the skills and knowledge required to demonstrate the following:
- Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.)
- Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security;
- Understanding of the current business and technical environments in which information security management has to operate;
- Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.
By the end of this training, participants will be able to:
- Create and manage decentralized, self-sovereign identities using distributed ledgers.
- Enable interoperability of digital identities across domains, applications, and silos.
- Understand key concepts such as user-controlled exchange, revocation, Decentralized Identifiers (DIDs), off-ledger agents, data minimization, etc.
- Use Indy to enable identity owners to independently control their personal data and relationships.
To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities.
Overview:
- GRC Basic terms and definitions
- Principles of GRC
- Core components, practices and activities
- Relationship of GRC to other disciplines
The Certified Lead Ethical Hacker training course enables you to develop the necessary expertise to perform information system penetration tests by applying recognized principles, procedures and penetration testing techniques, in order to identify potential threats on a computer network. During this training course, you will gain the knowledge and skills to manage a penetration testing project or team, as well as plan and perform internal and external pentests, in accordance with various standards such as the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM). Moreover, you will also gain a thorough understanding on how to draft reports and countermeasure proposals. Additionally, through practical exercises, you will be able to master penetration testing techniques and acquire the skills needed to manage a pentest team, as well as customer communication and conflict resolution.
The Certified Lead Ethical Hacking training course provides a technical vision of information security through ethical hacking, using common techniques such as information gathering and vulnerability detection, both inside and outside of a business network.
The training is also compatible with the NICE (The National Initiative for Cybersecurity Education) Protect and Defend framework.
After mastering the necessary knowledge and skills in ethical hacking, you can take the exam and apply for the "PECB Certified Lead Ethical Hacker" credential. By holding a PECB Lead Ethical Hacker certificate, you will be able to demonstrate that you have acquired the practical skills for performing and managing penetration tests according to best practices.
Who should attend?
- Individuals interested in IT Security, and particularly in Ethical Hacking, to either learn more about the topic or to start a process of professional reorientation.
- Information security officers and professionals seeking to master ethical hacking and penetration testing techniques.
- Managers or consultants wishing to learn how to control the penetration testing process.
- Auditors wishing to perform and conduct professional penetration tests.
- Persons responsible for maintaining the security of information systems in an organization.
- Technical experts who want to learn how to prepare a pentest.
- Cybersecurity professionals and information security team members.
Leaders will receive information in various topics that will build their knowledge and hone executive decision-making in regard to the cybersecurity threat.
The purpose of the Ethical Hacking Training is to:
- Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
- Inform the public that credentialed individuals meet or exceed the minimum standards.
- Reinforce ethical hacking as a unique and self-regulating profession.
Audience:
The Course is ideal for those working in positions such as, but not limited to:
- Security Engineers
- Security Consultants
- Security Managers
- IT Director/Managers
- Security Auditors
- IT Systems Administrators
- IT Network Administrators
- Network Architects
- Developers
By the end of this course, participants will have a solid understanding of security principles, concerns, and technologies. More importantly, participants will be equipped with the techniques needed for developing safe and secure embedded software.
This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defences work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how Intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.
Target Audience:
This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.
organization or who, for other reasons, wish to achieve and demonstrate a broad
understanding of the law, including the EU General Data Protection Regulation (GDPR) and
the UK Data Protection Bill and their practical application. It is recognized that those with
overall responsibility for data protection within an organization will need to develop a detailed
understanding of the law"
This course is designed for a wide range of people such as law enforcers, crime investigators, managers in larger organizations, technical personnel in larger organizations, and anyone else interested in a general background of digital forensics.
By the end of this training, participants will be able to:
- Understand, evaluate and adopt different approaches to managing usernames and passwords.
- Setup a single login system that works across all applications used in a telecom environment.
- Use identity technology to get a clear understanding of their customers and their needs.
- Implement an authentication system that works across different platforms (laptop, mobile, etc.).
You will learn how to perform a forensic investigation on both Unix/Linux and Windows systems with different file systems. with many advanced topics like wireless, network, web, DB and Mobile crimes investigation
By the end of this training, participants will be able to:
- Set up the necessary development environment to start implementing MITRE ATT&CK.
- Classify how attackers interact with systems.
- Document adversary behaviors within systems.
- Track attacks, decipher patterns, and rate defense tools already in place.
By the end of this training, participants will be able to:
- Set up the necessary development environment to start creating custom malware.
- Backdoor legitimate web applications undetected.
- Deliver evil files as normal file types.
- Use social engineering techniques to lead targets into a fake website.
.png "university college london (ucl)")
.jpg "defence science and technology laboratory (dstl)")
.png "universities and colleges admissions service (ucas)")
.png "national health service (nhs)")
.png "chartered institute of marketing (cim)")
