Cyber Security Training Courses
Local, instructor-led live Cyber Security (also known as Cybersecurity, Internet Security or IT Security) training courses demonstrate through interactive discussion and hands-on practice how to understand, plan and implement an Cybersecurity strategy within their organization. Special focus is given to setting up the proper systems and procedures needed to detect and mitigate threats. Internet Security courses are available as interactive trainings and a number of them include a testing and certification component. Cybersecurity training is available as "onsite live training" or "remote live training". Onsite live training can be carried out locally on customer premises in the UK or in NobleProg corporate training centers in the UK. Remote live training is carried out by way of an interactive, remote desktop. NobleProg -- Your Local Training Provider
Client Testimonials
Subcategories
Course Outlines
| Code | Name | Duration | Overview |
|---|---|---|---|
| cissp | CISSP - Certified Information Systems Security Professional | 35 hours | Overview: Certified Information Systems Security Professional certification is recognised as a key qualification for developing a senior career in information security, audit and IT governance management. Held by over 30,000 qualified professionals worldwide, the Certified Information Systems Security Professional qualification shows proven knowledge and is the key to a higher earning potential in roles that include CISO, CSO and senior security manager. You will learn to: Use the knowledge gained in a practical manner beneficial to your organisation Protect your organisational assets using access control techniques and strengthen confidentiality and integrity controls from the world of cryptography Secure your network architecture and design (implement Cyber security) Achieve your organisational objectives such as legal & compliance, Information assurance, security and data governance Enhance IT services secure delivery via Security operations, architecture and design principles Implement business resiliency via Business Continuity Plan You will gain a thorough understanding of the 8 domains as prescribed by (ISC)2®. The Main Goal: To pass your CISSP examination first time. Target Audience: This training is intended for individuals preparing for the CISSP certification exam. |
| webap | WEBAP - Web Application Security | 28 hours | Description: This course will give the participants thorough understanding about security concepts, web application concepts and frameworks used by developers in order to be able to exploit and protect targeted application. In today’s world, that is changing rapidly and thus all the technologies used are also changed at a fast pace, web applications are exposed to hackers attacks 24/7. In order to protect the applications from external attackers one has to know all the bits and pieces that makes the web application, like frameworks, languages and technologies used in web application development, and much more than that. The problem is that attacker has to know only one way to break into the application and developer (or systems administrator) has to know all of the possible exploits in order to prevent this from happening. Because of that it is really difficult to have a bullet proof secured web application, and in most of the cases web application is vulnerable to something. This is regularly exploited by cyber criminals and casual hackers, and it can be minimized by correct planning, development, web application testing and configuration. Objectives: To give you the skill and knowledge needed to understand and identify possible exploits in live web applications, and to exploit identified vulnerabilities. Because of the knowledge gained through the identification and exploitation phase, you should be able to protect the web application against similar attacks. After this course the participant will be able to understand and identify OWASP top 10 vulnerabilities and to incorporate that knowledge in web application protection scheme. Audience: Developers, Police and other law enforcement personnel, Defense and Military personnel, e-Business Security professionals, Systems administrators, Banking, Insurance and other professionals, Government agencies, IT managers, CISO’s, CTO’s. |
| CL-CHS | Crypto Chip-Set Security | 14 hours | The biggest challenge for professionals working on design and development of crypto chip-sets is to be continuously up-to-date regarding the attack methods and their mitigation. Serving them, this course explains various physical and logical attacks on security chips, possible countermeasures and best practices. Regarding physical attacks, the passive attacks are detailed through optical reverse engineering and various side channel analysis methods, while active attacks are discussed with special emphasis on fault injection, Focused Ion Beams and hardware Trojans. The very powerful passive and active combined attack (PACA) type is introduced through the practical example of RSA implementations. Discussion of logical attacks not only covers practical attacks against specific cryptographic algorithm implementations, but also the relevant programming bugs and mitigation techniques like buffer overflow or integer problems are introduced. Finally, a set of guidelines is assembled to follow by engineers working in this field, and the testing methods are presented that can help to find and avoid the discussed security flaws and vulnerabilities. Participants attending this course will Understand basic concepts of security, IT security and secure coding Understand the requirements of secure communication Have a practical understanding of cryptography Understand essential security protocols Audience Professionals |
| cl-jwa | Java and Web Application Security | 21 hours | Description Beyond a solid knowledge in using Java components, even for experienced Java programmers it is essential to have a deep knowledge in web-related vulnerabilities both on server and client side, the different vulnerabilities that are relevant for web applications written in Java, and the consequences of the various risks. General web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained in the context of Java with the most important aim to avoid the associated problems. In addition, a special focus is given to client-side security tackling security issues of JavaScript, Ajax and HTML5. The course introduces security components of Standard Java Edition, which is preceded with the foundations of cryptography, providing a common baseline for understanding the purpose and the operation of the applicable components. The use of all components is presented through practical exercises, where participants can try out the discussed APIs and tools for themselves. Finally, the course explains the most frequent and severe programming flaws of the Java language and platform. Besides the typical bugs committed by Java programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques. Participants attending this course will Understand basic concepts of security, IT security and secure coding Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Learn client-side vulnerabilities and secure coding practices Learn to use various security features of the Java development environment Have a practical understanding of cryptography Learn about typical coding mistakes and how to avoid them Get information about some recent vulnerabilities in the Java framework Get practical knowledge in using security testing tools Get sources and further readings on secure coding practices Audience Developers |
| iast | Interactive Application Security Testing (IAST) | 14 hours | Interactive Application Security Testing (IAST) is a form of application security testing that combines Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) or Runtime Application Self-protection (RASP) techniques. IAST is able to report the specific lines of code responsible for a security exploit and replay the behaviors leading to and following such an exploit. In this instructor-led, live training, participants will learn how to secure an application by instrumenting runtime agents and attack inducers to simulate application behavior during an attack. By the end of this training, participants will be able to: Simulate attacks against applications and validate their detection and protection capabilities Use RASP and DAST to gain code-level visibility into the data path taken by an application under different runtime scenarios Quickly and accurately fix the application code responsible for detected vulnerabilities Prioritize the vulnerability findings from dynamic scans Use RASP real-time alerts to protect applications in production against attacks. Reduce application vulnerability risks while maintaining production schedule targets Devise an integrated strategy for overall vulnerability detection and protection Audience DevOps engineers Security engineers Developers Format of the course Part lecture, part discussion, exercises and heavy hands-on practice |
| cismp | CISMP - Certificate in Information Security Management Principles | 35 hours | A thorough, practical, 5 day course designed to provide the knowledge and skills required to manage information security, information assurance or information risk based processes. The CISMP course is aligned with the latest national information assurance frameworks (IAMM), as well as ISO/IEC 27002 & 27001; the code of practice and standard for information security. This course is a CESG Certified Training (CCT) course. The course follows the latest BCS syllabus and prepares delegates for the 2 hour multiple choice BCS examination which is sat on the afternoon of the last day of the course. This qualification provides delegates with detailed knowledge of the concepts relating to information security; (confidentiality, integrity, availability, vulnerability, threats, risks and countermeasures), along with an understanding of current legislation and regulations which impact information security management. Award holders will be able to apply the practical principles covered throughout the course ensuring normal business processes become robust and more secure. |
| datapro | Data Protection | 35 hours | This is an Instructor led course, and is the non-certification version of the "CDP - Certificate in Data Protection" course Those experienced in data protection issues, as well as those new to the subject, need to be trained so that their organisations are confident that legal compliance is continually addressed. It is necessary to identify issues requiring expert data protection advice in good time in order that organisational reputation and credibility are enhanced through relevant data protection policies and procedures. Objectives: The aim of the syllabus is to promote an understanding of how the data protection principles work rather than simply focusing on the mechanics of regulation. The syllabus places the Act in the context of human rights and promotes good practice within organisations. On completion you will have: an appreciation of the broader context of the Act. an understanding of the way in which the Act and the Privacy and Electronic Communications (EC Directive) Regulations 2003 work a broad understanding of the way associated legislation relates to the Act an understanding of what has to be done to achieve compliance Course Synopsis: The syllabus comprises three main parts, each sub-sections. Context - this will address the origins of and reasons for the Act together with consideration of privacy in general. Law – Data Protection Act - this will address the main concepts and elements of the Act and subordinate legislation. Application - this will consider how compliance is achieved and how the Act works in practice. |
| cl-beh | Beyond Ethical Hacking - Advanced Software Security | 35 hours | Beyond a solid knowledge in using security solutions of the applied technologies, even for experienced programmers it is essential to have a deep understanding of the typical attack techniques that are possible due the various vulnerabilities, i.e. security-relevant programming mistakes. This course approaches secure coding from the stand point of the attack techniques, but with the same purpose as any other course of SCADEMY Secure Coding Academy: to learn software security best practices. General web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained with the most important aim to avoid the associated problems. Besides server side issues (basically following the OWASP Top Ten), a special focus is given to client-side security tackling security issues of JavaScript, Ajax and HTML5, which is followed by discussing web services and XML security. A brief introduction to the foundations of cryptography provides a common practical baseline for understanding the purpose and the operation of various algorithms. Specifically for C and C++, we go into more details regarding the exploitation of buffer overflows on the stack and on the heap. After showing the attack techniques, we give an overview of practical protection methods that can be applied at different levels (hardware components, the operating system, programming languages, the compiler, the source code or in production) to prevent the occurrence of the various bugs, to detect them during development and before market launch, or to prevent their exploitation during system operation. Finally, we discuss counter attacks, and then counter-protection measures, highlighting the cat-and-mouse nature of hacking and protection. Finally, the course explains the most frequent and severe programming flaws in general, by bringing examples in Java, .NET, C and C++ languages and platforms. Besides the typical bugs committed by the programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment or the used libraries. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques. Finally, we present security testing techniques and tools that can be applied to reveal the discussed vulnerabilities, along with the various techniques for reconnaissance, configuration and hardening of the environment. Participants attending this course will Understand basic concepts of security, IT security and secure coding Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Learn client-side vulnerabilities and secure coding practices Understand security concepts of Web services Have a practical understanding of cryptography Realize the severe consequences of unsecure buffer handling Understand the architectural protection techniques and their weaknesses Learn about typical coding mistakes and how to exploit them Be informed about recent vulnerabilities in various platforms, frameworks and libraries Learn essential vulnerability analysis and testing techniques and tools Get sources and further readings on secure coding practices Audience Developers |
| cl-jsc | Standard Java Security | 14 hours | Description The Java language and the Runtime Environment (JRE) was designed to be free from the most problematic common security vulnerabilities experienced in other languages, like C/C++. Yet, software developers and architects should not only know how to use the various security features of the Java environment (positive security), but should also be aware of the numerous vulnerabilities that are still relevant for Java development (negative security). The introduction of security services is preceded with a brief overview of the foundations of cryptography, providing a common baseline for understanding the purpose and the operation of the applicable components. The use of these components is presented through several practical exercises, where participants can try out the discussed APIs for themselves. The course also goes through and explains the most frequent and severe programming flaws of the Java language and platform, covering both the typical bugs committed by Java programmers and the language- and environment-specific issues. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques. Participants attending this course will Understand basic concepts of security, IT security and secure coding Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Learn to use various security features of the Java development environment Have a practical understanding of cryptography Learn about typical coding mistakes and how to avoid them Get information about some recent vulnerabilities in the Java framework Get sources and further readings on secure coding practices Audience Developers |
| shadowsocks | Shadowsocks: Set up a proxy server | 7 hours | Shadowsocks is an open-source, secure socks5 proxy. In this instructor-led, live training, participants will learn how to secure an internet connection through a Shadowsocks proxy. By the end of this training, participants will be able to: Install and configure Shadowsocks on any of a number of supported platforms, including Windows, Linux, Mac, Android, iOS, and OpenWRT. Deploy Shadosocks with package manager systems, such as pip, aur, freshports and others. Run Shadowsocks on mobile devices and wireless networks. Understand how Shadowsocks encrypts messages and ensures integrity and authenticity. Optimize a Shadowsocks server Audience Network engineers System Administrators Computer technicians Format of the course Part lecture, part discussion, exercises and heavy hands-on practice |
| cism | CISM - Certified Information Security Manager | 28 hours | Description:; CISM® is the most prestigious and demanding qualification for Information Security Managers around the globe today. This qualification provides you with a platform to become part of an elite peer network who have the ability to constantly learn and relearn the growing opportunities/ challenges in Information Security Management. Our CISM training methodology provides an in-depth coverage of contents across the Four CISM domains with a clear focus on building concepts and solving ISACA released CISM exam questions. The course is an intense training and hard-core exam preparation for ISACA’s Certified Information Security Manager (CISM®) Examination. We have delivered more than 100+ CISM training events in the United Kingdom and Europe. Our instructors encourage all attending delegates to go through the ISACA released CISM QA&E (Questions, Answers and Explanations) as exam preparation - you get this FREE as part of our course. The QA&E is exceptional in helping delegates understand the ISACA style of questions, approach to solving these questions and it helps rapid memory assimilation of the CISM concepts during live classroom sessions. All our trainers have extensive experience in delivering CISM training. We will thoroughly prepare you for the CISM examination. If you do not pass first time, then join us again for exam preparation free of charge. Goal: The ultimate goal is to pass your CISM examination first time. Objectives: Use the knowledge gained in a practical manner beneficial to your organisation Establish and maintain an Information security governance framework to achieve your organization goals and objectives Manage Information risk to an acceptable level to meet the business and compliance requirements Establish and maintain information security architectures (people, process, technology) Integrate information security requirements into contracts and activities of third parties/ suppliers Plan, establish and manage the capability to detect, investigate, respond to and recover from information security incidents to minimize business impact Target Audience: Security professionals with 3-5 years of front-line experience; Information security managers or those with management responsibilities; Information security staff, information security assurance providers who require an in-depth understanding of information security management including: CISO's, CIO's, CSO's, privacy officers, risk managers, security auditors and compliance personnel, BCP / DR personnel, executive and operational managers responsible for assurance functions. |
| infosysa | Information Systems Auditor | 35 hours | Description: This course is the non-certifcation version of the "CISA - Certified Information Systems Auditor" course. CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting. Objectives: Use the knowledge gained to benefit your organisation Provide audit services in accordance with IT audit standards Provide assurance on leadership and organizational structure and processes Provide assurance on acquisition/ development, testing and implementation of IT assets Provide assurance on IT operations including service operations and third party Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets. Target Audience: Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals. |
| cl-jpw | Combined JAVA, PHP and Web Application Security | 28 hours | Even experienced programmers do not master by all means the various security services offered by their development platforms, and are likewise not aware of the different vulnerabilities that are relevant for their developments. This course targets developers using both Java and PHP, providing them essential skills necessary to make their applications resistant to contemporary attacks through the Internet. Levels of Java security architecture are walked through by tackling access control, authentication and authorization, secure communication and various cryptographic functions. Various APIs are also introduced that can be used to secure your code in PHP, like OpenSSL for cryptography or HTML Purifier for input validation. On server side, best practices are given for hardening and configuring the operating system, the web container, the file system, the SQL server and the PHP itself, while a special focus is given to client-side security through security issues of JavaScript, Ajax and HTML5. General web vulnerabilities are discussed by examples aligned to the OWASP Top Ten, showing various injection attacks, script injections, attacks against session handling, insecure direct object references, issues with file uploads, and many others. The various Java- and PHP-specific language problems and issues stemming from the runtime environment are introduced grouped into the standard vulnerability types of missing or improper input validation, improper use of security features, incorrect error and exception handling, time- and state-related problems, code quality issues and mobile code-related vulnerabilities. Participants can try out the discussed APIs, tools and the effects of configurations for themselves, while the introduction of vulnerabilities are all supported by a number of hands-on exercises demonstrating the consequences of successful attacks, showing how to correct the bugs and apply mitigation techniques, and introducing the use of various extensions and tools. Participants attending this course will Understand basic concepts of security, IT security and secure coding Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Learn client-side vulnerabilities and secure coding practices Learn to use various security features of the Java development environment Have a practical understanding of cryptography Learn to use various security features of PHP Understand security concepts of Web services Get practical knowledge in using security testing tools Learn about typical coding mistakes and how to avoid them Be informed about recent vulnerabilities in Java and PHP frameworks and libraries Get sources and further readings on secure coding practices Audience Developers |
| cl-csc | C/C++ Secure Coding | 14 hours | Description The training explains in details the mechanisms underlying typical C/C++ security relevant programming bugs – the common security vulnerabilities. The root causes of the problems are explained through a number of easy-to-understand source code examples, which at the same time make clear how to find and correct these problems in practice. The real strength of the course lays in numerous hands-one exercises, which help the participants understand how easy it is to exploit these vulnerabilities by the attackers. The course also gives an overview of practical protection methods that can be applied at different levels (hardware components, the operating system, programming languages, the compiler, the source code or in production) to prevent the occurrence of the various bugs, to detect them during development and before market launch, or to prevent their exploitation during system operation. Through exercises specially tailored to these mitigation techniques participants can learn how simple – and moreover cheap – it is to get rid of various security problems. Participants attending this course will Understand basic concepts of security, IT security and secure coding Realize the severe consequences of unsecure buffer handling Understand the architectural protection techniques and their weaknesses Learn about typical coding mistakes and how to avoid them Be informed about recent vulnerabilities in various platforms, frameworks and libraries Get sources and further readings on secure coding practices Audience Developers |
| shiro | Apache Shiro: Securing your Java application | 7 hours | Apache Shiro is a powerful Java security framework that performs authentication, authorization, cryptography, and session management. In this instructor-led, live training, participants will learn how to secure a web application with Apache Shiro. By the end of this training, participants will be able to: Use Shiro's API to secure various types of applications, including mobile, web and enterprise Enable logins from various data sources, including LDAP, JDBC, Active Directory, etc. Audience Developers Security engineers Format of the course Part lecture, part discussion, exercises and heavy hands-on practice |
| cisa | CISA - Certified Information Systems Auditor | 28 hours | Description: CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting. Our CISA course is an intense, very competitive and exam focused training course. With experience of delivering more than 150+ CISA trainings in Europe and around the world and training more than 1200+ CISA delegates, the Net Security CISA training material has been developed in house with the top priority of ensuring CISA delegates pass the ISACA CISA® Exam. The training methodology focuses on understanding the CISA IS auditing concepts and practicing large number of ISACA released question banks from the last three years. Over a period, CISA holders have been in huge demand with renowned accountings firms, global banks, advisory, assurance, and internal audit departments. Delegates may have years of experience in IT auditing but perspective towards solving CISA questionnaires will solely depend on their understanding to globally accepted IT assurance practices. CISA exam is very challenging because the possibility of a very tight clash between two possible answers exists and that is where ISACA tests you on your understanding in global IT auditing practices. To address these exam challenges, we always provide the best trainers who have extensive experience in delivering CISA training around the world. The Net Security CISA manual covers all exam-relevant concepts, case studies, Q&A's across CISA five domains. Further, the Trainer shares the key CISA supporting material like relevant CISA notes, question banks, CISA glossary, videos, revision documents, exam tips, and CISA mind maps during the course. Goal: The ultimate goal is to pass your CISA examination first time. Objectives: Use the knowledge gained in a practical manner beneficial to your organisation Provide audit services in accordance with IT audit standards Provide assurance on leadership and organizational structure and processes Provide assurance on acquisition/ development, testing and implementation of IT assets Provide assurance on IT operations including service operations and third party Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets. Target Audience: Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals. |
| infosecmp | Information Security Management Principles | 35 hours | Course Style: This is an Instructor led course, and is the non-certification version of the "CISMP - Certificate in Information Security Management Principles" course Description:; The course will provide you with the knowledge and understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role. It will also prepare individuals who are thinking of moving into information security or related functions. Objectives: To provide students with the skills and knowledge required to demonstrate the following: Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.) Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security; Understanding of the current business and technical environments in which information security management has to operate; Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics. |
| cl-cna | Combined C/C++/C#, ASP.NET and Web Application Security | 28 hours | Serving teams that use managed code (.NET and ASP.NET typically written in C#) together with native code development (typically C/C++), this training gives a comprehensive overview of the security issues in both environments. Concerning C/C++, common security vulnerabilities are discussed, backed by practical exercises about the attacking methods that exploit these vulnerabilities, with the focus on the mitigation techniques that can be applied to prevent the occurrences of these dangerous bugs, detect them before market launch or prevent their exploitation. The course also covers both the various general (like web services) and specific security solutions and tools, and the most frequent and severe security flaws of managed code, dealing with both language-specific issues and the problems stemming from the runtime environment. The vulnerabilities relevant to the ASP.NET platform are detailed along with the general web-related vulnerabilities following the OWASP Top Ten list. The course consists of a number of exercises through which attendees can easily understand and execute attacks and protection methods. Participants attending this course will Understand basic concepts of security, IT security and secure coding Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Learn client-side vulnerabilities and secure coding practices Learn to use various security features of the .NET development environment Have a practical understanding of cryptography Get information about some recent vulnerabilities in .NET and ASP.NET Realize the severe consequences of unsecure buffer handling in native code Understand the architectural protection techniques and their weaknesses Learn about typical coding mistakes and how to avoid them Get practical knowledge in using security testing tools Get sources and further readings on secure coding practices Audience Developers |
| cl-sdw | Web Application Security with SDL | 21 hours | Description The course gives an insight into secure software design, development and testing through Microsoft Secure Development Lifecycle (SDL) with a focus on web application security. It provides a level 100 overview of the fundamental building blocks of SDL, followed by design techniques to apply to detect and fix flaws in early stages of the development process of web applications. Dealing with the development phase, the course gives an overview of the typical security relevant programming bugs in web applications. In this it follows the OWASP Top Ten, but also introduces some client-side issues tackling Javascript security, Ajax and HTML5. Attack methods are presented for the discussed vulnerabilities along with the associated mitigation techniques, all explained through a number of hands-on exercises providing live hacking fun for the participants. Introduction of different security testing methods is followed by demonstrating the effectiveness of various testing tools. Participants can understand the operation of these tools through a number of practical exercises by applying the tools to the already discussed vulnerable code. Participants attending this course will Understand basic concepts of security, IT security and secure coding Get known to the essential steps of Microsoft Secure Development Lifecycle Learn secure design and development practices Learn about secure implementation principles Learn client-side vulnerabilities and secure coding practices Understand security testing methodology Get sources and further readings on secure coding practices Audience Developers, Managers |
| indy | Blockchain: Hyperledger Indy for Identity Management | 14 hours | Indy is a Hyperledger project for creating decentralized identity systems. It includes tools, libraries and reusable components for creating digital identities rooted in blockchains or other distributed ledgers. In this instructor-led, live training, participants will learn how to create an Indy-based decentralized identity system. By the end of this training, participants will be able to: Create and manage decentralized, self-sovereign identities using distributed ledgers. Enable interoperability of digital identities across domains, applications, and silos. Understand key concepts such as user-controlled exchange, revocation, Decentralized Identifiers (DIDs), off-ledger agents, data minimization, etc. Use Indy to enable identity owners to independently control their personal data and relationships. Audience Developers Format of the course Part lecture, part discussion, exercises and heavy hands-on practice |
| cybersecfun | Cybersecurity Fundamentals | 28 hours | Description: Cybersecurity skills are in high demand, as threats continue to plague enterprises around the world. An overwhelming majority of professionals surveyed by ISACA recognise this and plan to work in a position that requires cybersecurity knowledge. To fill this gap, ISACA has developed the Cybersecurity Fundamentals Certificate, which provides education and verification of skills in this area. Objectives: With cybersecurity threats continuing to rise and the shortage of appropriately-equipped security professionals growing worldwide, ISACA's Cybersecurity Fundamentals Certificate programme is the perfect way to quickly train entry-level employees and ensure they have the skills and knowledge they need to successfully operate in the Cyber arena. Target Audience: The certificate program is also one of the best ways to gain foundational knowledge in cybersecurity and begin to build your skills and knowledge in this crucial area. |
| grmcfun | Governance, Risk Management & Compliance (GRC) Fundamentals | 21 hours | Course goal: To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities. Overview: GRC Basic terms and definitions Principles of GRC Core components, practices and activities Relationship of GRC to other disciplines |
| cl-cjw | Combined C/C++, JAVA and Web Application Security | 28 hours | To serve in the best way heterogeneous development groups that are using various platforms simultaneously during their everyday work, we have merged various topics into a combined course that presents diverse secure coding subjects in didactic manner on a single training event. This course combines C/C++ and Java platform security to provide an extensive, cross-platform secure coding expertise. Concerning C/C++, common security vulnerabilities are discussed, backed by practical exercises about the attacking methods that exploit these vulnerabilities, with the focus on the mitigation techniques that can be applied to prevent the occurrences of these dangerous bugs, detect them before market launch or prevent their exploitation. Security components and service of Java are discussed by presenting the different APIs and tools through a number of practical exercises where participants can gain hands-on experience in using them. The course also covers security issues of web services and the related Java services that can be applied to prevent the most aching threats of the Internet based services. Finally, web- and Java-related security vulnerabilities are demonstrated by easy-to-understand exercises, which not only show the root cause of the problems, but also demonstrate the attack methods along with the recommended mitigation and coding techniques in order to avoid the associated security problems. Participants attending this course will Understand basic concepts of security, IT security and secure coding Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Learn client-side vulnerabilities and secure coding practices Learn to use various security features of the Java development environment Have a practical understanding of cryptography Realize the severe consequences of unsecure buffer handling Understand the architectural protection techniques and their weaknesses Learn about typical coding mistakes and how to avoid them Be informed about recent vulnerabilities in various platforms, frameworks and libraries Get sources and further readings on secure coding practices Audience Developers |
| cl-sdl | Microsoft SDL Core | 14 hours | The Combined SDL core training gives an insight into secure software design, development and testing through Microsoft Secure Development Lifecycle (SDL). It provides a level 100 overview of the fundamental building blocks of SDL, followed by design techniques to apply to detect and fix flaws in early stages of the development process. Dealing with the development phase, the course gives an overview of the typical security relevant programming bugs of both managed and native code. Attack methods are presented for the discussed vulnerabilities along with the associated mitigation techniques, all explained through a number of hands-on exercises providing live hacking fun for the participants. Introduction of different security testing methods is followed by demonstrating the effectiveness of various testing tools. Participants can understand the operation of these tools through a number of practical exercises by applying the tools to the already discussed vulnerable code. Participants attending this course will Understand basic concepts of security, IT security and secure coding Get known to the essential steps of Microsoft Secure Development Lifecycle Learn secure design and development practices Learn about secure implementation principles Understand security testing methodology Get sources and further readings on secure coding practices Audience Developers, Managers |
| GDPR1 | GDPR Workshop | 7 hours | This one-day course is for people looking for a brief outline of the GDPR – General Data Protection Regulations coming out May 25, 2018. This is ideal for managers, department heads, and employees who need to understand the basics of the GDPR. |
| pkiimpman | PKI: Implement and Manage | 21 hours | Overview This Public Key Infrastructure – Implement and Manage course helps any individual to gain knowledge in managing robust PKI and having better understanding of topics surrounding public key infrastructure. Moreover, the PKI course is a preparation for the increasingly critical component – which ensures confidentiality, integrity, and authentication in an enterprise. Our PKI course provides the knowledge and skills necessary to select, design and deploy PKI, to secure existing and future applications within your organization. It also gives a deeper look into the foundations of cryptography and the working principles of the algorithms being used. Throughout the whole course, participants will gain in-depth knowledge on the following topics: Legal aspects of a PKI Elements of a PKI PKI management Trust in a digital world Digital signature implementation Trust models After completing the PKI course, each individual will be able to successfully design, setup, deploy, and manage a public key infrastructure (PKI). This is a 3-day course is considered essential for anyone who needs to understand Public Key Infrastructure (PKI) and the issues surrounding its implementation. It covers the issues and technologies involved in PKI in-depth and gives hands-on practical experience of setting up and maintaining a variety of PKI solutions. Detailed knowledge of issues surrounding PKI helps to put recent attacks which have appeared in the news headlines into context and enable valid decisions to be made about their relevance to your organisation. Objectives To introduce the student to the theoretical aspects of the foundations and benefits of Public Key Infrastructure (PKI), including different types of encryption, digital signatures, digital certificates and Certificate Authorities. To give students hands on experience of implementing and using PKI solutions with a variety of applications. To give students an understanding of the concepts of evaluating and selecting PKI technologies Audience Anyone involved in Public Key Infrastructure | PKI decision-making, implementing and securing e-commerce and other Internet applications, including CIOs, Chief Security Officers, MIS Directors, Security Managers and Internal Auditors. |
| pki | Public Key Infrastructure | 21 hours | The training is directed to all operating systems administrators, who plan to implement a public key infrastructure based on MS Windows Server 2012 R2 and plan to use qualified electronic signature certificates. The participants will learn about the basic issues related to the implementation of public key infrastructure, and also with the idea of applying the latest cryptographic solutions for securing information systems. On the basis of MS Windows Server 2012 R2 are discussed possibilities of using certification services for the enterprise.During the training in a virtual environment is installed complete certification center and discuss the most important issues related to the management and administration of public key infrastructure in an Active Directory domain. The training includes theoretical and practical knowledge on the use of electronic signatures issued by certification centers in Poland under the "Act on Electronic Signatures." These are legal issues, legal requirements, as well as examples of the use of certificates of electronic signatures in Poland. The participants will gain the knowledge needed to create electronic correspondence relating to communication with the public authorities and other services that allow or require the use of a type of ID. |
| cl-jnw | Combined JAVA, .NET and Web Application Security | 21 hours | Both Java and .NET development environments provide powerful means for security development, but developers should know how to apply the various architecture- and coding-level programming techniques in order to implement the desired security functionality and avoid vulnerabilities. Providing hands-on knowledge, the course contains numerous exercises on how to use various APIs and tools to prevent untrusted code from performing privileged actions, protect resources through strong authentication and authorization, provide secured remote procedure calls, handle sessions, introduce different implementations for certain functionality, and many more. Most importantly, the course explains the most frequent and severe programming flaws typically committed by programmers. General web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained in the context of both development platforms. Besides the typical security-relevant Java and .NET bugs, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environments one should be aware of. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques. Participants attending this course will Understand basic concepts of security, IT security and secure coding Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them Have a practical understanding of cryptography Learn to use various security features of the Java development environment Learn to use various security features of the .NET development environment Get information about some recent vulnerabilities in .NET and ASP.NET Learn about typical coding mistakes and how to avoid them Get information about some recent vulnerabilities in the Java framework Get sources and further readings on secure coding practices Audience Developers |
| iso27005 | Building up information security according to ISO 27005 | 21 hours | This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001. |
| GDRPAd | GDPR Advanced | 21 hours | This is more in-depth and would be for those working a great deal with the GDPR and who may be appointed to the GDPR team. This would be ideal for IT, human resources and marketing employees and they will deal extensively with the GDPR. |
Upcoming Courses
| Course | Course Date | Course Price [Remote / Classroom] |
|---|---|---|
| Interactive Application Security Testing (IAST) - Portsmouth | Mon, 2018-07-09 09:30 | £2200 / £2500 |
| Security Analyst - Glasgow | Mon, 2018-07-09 09:30 | £6500 / £8250 |
| CAS: Setting up an single-sign-on authentication server - Southampton | Fri, 2018-07-13 09:30 | £1100 / £1350 |
Other regions
Other countries
Consulting
Weekend Cyber Security courses, Evening Cyber Security training, Cyber Security boot camp, Cyber Security instructor-led, Weekend Cyber Security training, Evening Cyber Security courses, Cyber Security coaching, Cyber Security instructor, Cyber Security trainer, Cyber Security training courses, Cyber Security classes, Cyber Security on-site, Cyber Security private courses, Cyber Security one on one training