Cyber Security Training Courses

Cyber Security Training Courses

Local, instructor-led live Cyber Security (also known as Cybersecurity, Internet Security or IT Security) training courses demonstrate through interactive discussion and hands-on practice how to understand, plan and implement an Cybersecurity strategy within their organization. Special focus is given to setting up the proper systems and procedures needed to detect and mitigate threats. Internet Security courses are available as interactive trainings and a number of them include a testing and certification component.

Cybersecurity training is available as "onsite live training" or "remote live training". South Africa onsite live Cyber Security trainings can be carried out locally on customer premises or in NobleProg corporate training centers. Remote live training is carried out by way of an interactive, remote desktop.

NobleProg -- Your Local Training Provider

Testimonials

★★★★★
★★★★★

Cybersecurity Course Outlines

Title
Duration
Overview
Title
Duration
Overview
7 hours
Overview
This is a one day Introduction to ISO27001
35 hours
Overview
Course Style:

This is an Instructor led course, and is the non-certification version of the "[CISMP - Certificate in Information Security Management Principles](/cc/cismp)" course

Description:;

The course will provide you with the knowledge and understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role. It will also prepare individuals who are thinking of moving into information security or related functions.

Objectives:

To provide students with the skills and knowledge required to demonstrate the following:

- Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.)
- Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security;
- Understanding of the current business and technical environments in which information security management has to operate;
- Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.
21 hours
Overview
Protecting applications that are accessible via the web requires well-prepared security professional who are at all time aware of current attack methods and trends. Plethora of technologies and environments exist that allow comfortable development of web applications. One should not only be aware of the security issues relevant to these platforms, but also of all general vulnerabilities that apply regardless of the used development tools.

The course gives an overview of the applicable security solutions in web applications, with a special focus on understanding the most important cryptographic solutions to be applied. The various web application vulnerabilities are presented both on the server side (following the OWASP Top Ten) and the client side, demonstrated through the relevant attacks, and followed by the recommended coding techniques and mitigation methods to avoid the associated problems. The subject of secure coding is wrapped up by discussing some typical security-relevant programming mistakes in the domain of input validation, improper use of security features and code quality.

Testing plays a very important role in ensuring security and robustness of web applications. Various approaches – from high level auditing through penetration testing to ethical hacking – can be applied to find vulnerabilities of different types. However, if you want to go beyond the easy-to-find low-hanging fruits, security testing should be well planned and properly executed. Remember: security testers should ideally find all bugs to protect a system, while for adversaries it is enough to find one exploitable vulnerability to penetrate into it.

Practical exercises will help understanding web application vulnerabilities, programming mistakes and most importantly the mitigation techniques, together with hands-on trials of various testing tools from security scanners, through sniffers, proxy servers, fuzzing tools to static source code analyzers, this course gives the essential practical skills that can be applied on the next day at the workplace.

Participants attending this course will

- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn client-side vulnerabilities and secure coding practices
- Have a practical understanding of cryptography
- Understand security testing approaches and methodologies
- Get practical knowledge in using security testing techniques and tools
- Be informed about recent vulnerabilities in various platforms, frameworks and libraries
- Get sources and further readings on secure coding practices

Audience

Developers, Testers
14 hours
Overview
Protecting applications that are accessible via the web requires well-prepared security professional who are at all time aware of current attack methods and trends. Plethora of technologies and environments exist that allow comfortable development of web applications (like Java, ASP.NET or PHP, as well as Javascript or Ajax on the client side). One should not only be aware of the security issues relevant to these platforms, but also of all general vulnerabilities that apply regardless of the used development tools.

The course gives an overview of the applicable security solutions in web applications, focusing on the most important technologies like secure communication and web services, tackling both transport-layer security and end-to-end security solutions and standards like Web Services Security and XML. It also gives a brief overview of the typical programming mistakes, above all connected to missing or improper input validation.

The web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained to avoid the associated problems. Exercises can be easily followed by programmers using different programming languages, thus the web application-related topics can be easily combined with other secure coding subjects, and can thus effectively satisfy the needs of corporate development groups, who typically deal with various languages and development platforms to develop web applications.

Participants attending this course will

- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn client-side vulnerabilities and secure coding practices
- Have a practical understanding of cryptography
- Understand security concepts of Web services
- Get practical knowledge in using security testing tools
- Get sources and further readings on secure coding practices

Audience

Developers
14 hours
Overview
Network security begins at the physical level. In this instructor-led, live training in South Africa, participants will learn the security risks related to computer server rooms and how to tighten security through smart practices, planning and technology implementation.

By the end of this training, participants will be able to:

- Assess their organization's security risk, as it relates to computer server rooms.
- Set up control and monitoring systems to restrict physical access to infrastructure.
- Design access policies for different members.
- Effectively communicate security policies with team members.
21 hours
Overview
Description:

This class is intended as intense and hard core exam preparation for ISACA’s Certified Information Systems Auditor (CRISC) Examination. The five (5) domains of ISACA’s CRISC syllabus will be covered with a big focus on the Examination. The Official ISACA CIRSC Review Manual and Question, Answer and Explanation, (Q,A&E), supplements will ALSO be provided when attending. The Q,A&E is exceptional in helping delegates understand the ISACA style of questions, the type of answers ISACA are looking for and it helps rapid memory assimilation of the material.

The technical skills and practices that ISACA promotes and evaluates within the CRISC certification are the building blocks of success in the field. Possessing the CRISC certification demonstrates your skill within the profession. With a growing demand for professionals holding risk and control expertise, ISACA’s CRISC has positioned itself to be the preferred certification program by individuals and enterprises around the world. The CRISC certification signifies commitment to serving an enterprise and the chosen profession with distinction.

Objectives:

- To help you pass the CRISC examination first time
- possessing this certification will signify your commitment to serving an enterprise with distinction
- the growing demand for professionals with risk and control skills will allow holders of this certification to command better
positions and salary

You will learn:

- To help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based,
efficient and effective IS controls.
- The technical skills and practices that CRISC promotes, these are the building blocks of success in the field
28 hours
Overview
Description:

Cybersecurity skills are in high demand, as threats continue to plague enterprises around the world. An overwhelming majority of professionals surveyed by ISACA recognise this and plan to work in a position that requires cybersecurity knowledge.
To fill this gap, ISACA has developed the Cybersecurity Fundamentals Certificate, which provides education and verification of skills in this area.

Objectives:

With cybersecurity threats continuing to rise and the shortage of appropriately-equipped security professionals growing worldwide, ISACA's Cybersecurity Fundamentals Certificate programme is the perfect way to quickly train entry-level employees and ensure they have the skills and knowledge they need to successfully operate in the Cyber arena.

Target Audience:

The certificate program is also one of the best ways to gain foundational knowledge in cybersecurity and begin to build your skills and knowledge in this crucial area.
14 hours
Overview
Audience

- Cyber security specialists
- System administrators
- Cyber security managers
- Cyber security auditors
- CIOs

Format of the course

- Heavy emphasis on hands-on practice. Most of the concepts are learned through samples, exercises and hands-on development.
7 hours
Overview
DevOps is a software development approach that aligns application development with IT operations. Some of the tools that have emerged to support DevOps include: automation tools, containerization and orchestration platforms. Security has not kept up with these developments.

In this course, participants will learn how to formulate the proper security strategy to face the DevOps security challenge.

Audience

- Devops engineers
- Security engineers

Format of the course

- Part lecture, part discussion, some hands-on practice
35 hours
Overview
Description:

This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defences work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how Intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

Target Audience:

This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.
21 hours
Overview
This training introduces the system architectures, operating systems, networking, storage, and cryptographic issues that should be considered when designing secure embedded systems.

By the end of this course, participants will have a solid understanding of security principles, concerns, and technologies. More importantly, participants will be equipped with the techniques needed for developing safe and secure embedded software.

Audience

- Embedded systems professionals
- Security professionals

Format of the course

- Part lecture, part discussion, hands-on practice
35 hours
Overview
This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

The purpose of the Ethical Hacking Training is to:

- Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
- Inform the public that credentialed individuals meet or exceed the minimum standards.
- Reinforce ethical hacking as a unique and self-regulating profession.

Audience:

The Course is ideal for those working in positions such as, but not limited to:

- Security Engineers
- Security Consultants
- Security Managers
- IT Director/Managers
- Security Auditors
- IT Systems Administrators
- IT Network Administrators
- Network Architects
- Developers
21 hours
Overview
Course goal:

To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

- GRC Basic terms and definitions
- Principles of GRC
- Core components, practices and activities
- Relationship of GRC to other disciplines
14 hours
Overview
Interactive Application Security Testing (IAST) is a form of application security testing that combines Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) or Runtime Application Self-protection (RASP) techniques. IAST is able to report the specific lines of code responsible for a security exploit and replay the behaviors leading to and following such an exploit.

In this instructor-led, live training, participants will learn how to secure an application by instrumenting runtime agents and attack inducers to simulate application behavior during an attack.

By the end of this training, participants will be able to:

- Simulate attacks against applications and validate their detection and protection capabilities
- Use RASP and DAST to gain code-level visibility into the data path taken by an application under different runtime scenarios
- Quickly and accurately fix the application code responsible for detected vulnerabilities
- Prioritize the vulnerability findings from dynamic scans
- Use RASP real-time alerts to protect applications in production against attacks.
- Reduce application vulnerability risks while maintaining production schedule targets
- Devise an integrated strategy for overall vulnerability detection and protection

Audience

- DevOps engineers
- Security engineers
- Developers

Format of the course

- Part lecture, part discussion, exercises and heavy hands-on practice
14 hours
Overview
In this instructor-led, live training in South Africa, participants will learn how to create an Indy-based decentralized identity system.

By the end of this training, participants will be able to:

- Create and manage decentralized, self-sovereign identities using distributed ledgers.
- Enable interoperability of digital identities across domains, applications, and silos.
- Understand key concepts such as user-controlled exchange, revocation, Decentralized Identifiers (DIDs), off-ledger agents, data minimization, etc.
- Use Indy to enable identity owners to independently control their personal data and relationships.
35 hours
Overview
Description:

This course is the non-certifcation version of the "[CISA - Certified Information Systems Auditor](/cc/cisa)" course. CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting.

Objectives:

- Use the knowledge gained to benefit your organisation
- Provide audit services in accordance with IT audit standards
- Provide assurance on leadership and organizational structure and processes
- Provide assurance on acquisition/ development, testing and implementation of IT assets
- Provide assurance on IT operations including service operations and third party
- Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.

Target Audience:

Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.
14 hours
Overview
The Combined SDL core training gives an insight into secure software design, development and testing through Microsoft Secure Development Lifecycle (SDL). It provides a level 100 overview of the fundamental building blocks of SDL, followed by design techniques to apply to detect and fix flaws in early stages of the development process.

Dealing with the development phase, the course gives an overview of the typical security relevant programming bugs of both managed and native code. Attack methods are presented for the discussed vulnerabilities along with the associated mitigation techniques, all explained through a number of hands-on exercises providing live hacking fun for the participants. Introduction of different security testing methods is followed by demonstrating the effectiveness of various testing tools. Participants can understand the operation of these tools through a number of practical exercises by applying the tools to the already discussed vulnerable code.

Participants attending this course will

-

Understand basic concepts of security, IT security and secure coding

-

Get known to the essential steps of Microsoft Secure Development Lifecycle

-

Learn secure design and development practices

-

Learn about secure implementation principles

-

Understand security testing methodology

- Get sources and further readings on secure coding practices

Audience

Developers, Managers
14 hours
Overview
In this instructor-led, live training in South Africa, participants will understand Internet of Things (IoT) architectures and learn the different IoT security solutions applicable to their organization.

By the end of this training, participants will be able to:

- Understand IoT architectures.
- Understand emerging IoT security threats and solutions.
- Implement technologies for IoT security in their organization.
21 hours
Overview
This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.
7 hours
Overview
In this instructor-led, live training in South Africa, participants will learn about the various aspects of NB-IoT (also known as LTE Cat NB1) as they develop and deploy a sample NB-IoT based application.

By the end of this training, participants will be able to:

- Identify the different components of NB-IoT and how to fit together to form an ecosystem.
- Understand and explain the security features built into NB-IoT devices.
- Develop a simple application to track NB-IoT devices.
7 hours
Overview
NetNORAD is a system built by Facebook to troubleshoot network problems via end-to-end probing, independent of device polling.

In this instructor-led, live training, participants will learn how NetNORAD and active path testing can help them improve their network troubleshooting methods.

By the end of this training, participants will be able to:

- Understand how NetNORAD works
- Learn the design principles behind NetNORAD
- Use open-source NetNORAD tools with their own code to implement a fault detection system

Audience

- Network engineers
- Developers
- System engineers

Format of the course

- Part lecture, part discussion, exercises and heavy hands-on practice
35 hours
Overview
This class will help the attendees to scan, test, hack and secure their own systems. To gain an in-depth knowledge and practical experience with the current essential security systems. The attendees will get to know how perimeter defences work and then be led into scanning and attacking their own networks, no real network is harmed. The attendees then will learn how intruders escalate privileges and what steps can be taken to secure a system, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.
28 hours
Overview
The Open Web Application Security Project is an online community which creates freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.

OWASP offers testing frameworks and tools for identifying vulnerabilities in web applications and services

Audience

This course is directed at Developers, Engineers and Architects seeking to secure their web apps and services
35 hours
Overview
Description:

This is a 'Practitioner' course and leans heavily on practical exercises designed to reinforce the concepts being taught and to build the delegates' confidence in implementing business continuity management. The course is also designed to encourage debate, and the sharing of knowledge and experience between students.
Delegates will benefit from the practical and extensive experiences of ours trainers who are practicing business continuity management and ISO 22301:2012 specialists.

Delegates will learn how to:

- Explain the need for business continuity management (BCM) in all organisations
- Define the business continuity lifecycle
- Conducting business continuity programme management
- Understand their organisation sufficiently to identify mission-critical impact areas
- Determine their organisation's business continuity strategy
- Establish a business continuity response
- Exercise, maintain and review plans
- Embed business continuity in an organisation
- Define terms and definitions appropriate to business continuity

By the end of the course, delegates will have a detailed understanding of all the key components of business continuity management and be able to return to their work, making a significant contribution to the business continuity management process.
21 hours
Overview
The training is directed to all operating systems administrators, who plan to implement a public key infrastructure based on MS Windows Server 2012 R2 and plan to use qualified electronic signature certificates.

The participants will learn about the basic issues related to the implementation of public key infrastructure, and also with the idea of ​​applying the latest cryptographic solutions for securing information systems.

On the basis of MS Windows Server 2012 R2 are discussed possibilities of using certification services for the enterprise.During the training in a virtual environment is installed complete certification center and discuss the most important issues related to the management and administration of public key infrastructure in an Active Directory domain.

The training includes theoretical and practical knowledge on the use of electronic signatures issued by certification centers in Poland under the "Act on Electronic Signatures." These are legal issues, legal requirements, as well as examples of the use of certificates of electronic signatures in Poland.

The participants will gain the knowledge needed to create electronic correspondence relating to communication with the public authorities and other services that allow or require the use of a type of ID.
21 hours
Overview
Overview

This Public Key Infrastructure – Implement and Manage course helps any individual to gain knowledge in managing robust PKI and having better understanding of topics surrounding public key infrastructure. Moreover, the PKI course is a preparation for the increasingly critical component – which ensures confidentiality, integrity, and authentication in an enterprise. Our PKI course provides the knowledge and skills necessary to select, design and deploy PKI, to secure existing and future applications within your organization. It also gives a deeper look into the foundations of cryptography and the working principles of the algorithms being used.

Throughout the whole course, participants will gain in-depth knowledge on the following topics:

- Legal aspects of a PKI
- Elements of a PKI
- PKI management
- Trust in a digital world
- Digital signature implementation
- Trust models

After completing the PKI course, each individual will be able to successfully design, setup, deploy, and manage a public key infrastructure (PKI).

This is a 3-day course is considered essential for anyone who needs to understand Public Key Infrastructure (PKI) and the issues surrounding its implementation. It covers the issues and technologies involved in PKI in-depth and gives hands-on practical experience of setting up and maintaining a variety of PKI solutions. Detailed knowledge of issues surrounding PKI helps to put recent attacks which have appeared in the news headlines into context and enable valid decisions to be made about their relevance to your organisation.

Objectives

To introduce the student to the theoretical aspects of the foundations and benefits of Public Key Infrastructure (PKI), including different types of encryption, digital signatures, digital certificates and Certificate Authorities.

To give students hands on experience of implementing and using PKI solutions with a variety of applications.

To give students an understanding of the concepts of evaluating and selecting PKI technologies

Audience

Anyone involved in Public Key Infrastructure | PKI decision-making, implementing and securing e-commerce and other Internet applications, including CIOs, Chief Security Officers, MIS Directors, Security Managers and Internal Auditors.
35 hours
Overview


Target Audience would be - Network server administrators, firewall administrators, information security analysts, system administrators, and risk assessment professionals
35 hours
Overview
After the major attacks against national infrastructures, Security Professionals found that the majority of the vulnerabilities that caused the attacks came from poor and vulnerable code that the developers write.

Developers now need to master the techniques of how to write Secure Code, because we are in a situation where anyone can use availble tools to write a script that can effectivly disable a large organization's systems because the developers have written poor code.

This Course aims to help in the following:

- Help Developers to master the techniques of writing Secure Code
- Help Software Testers to test the security of the application before publishing to the production environment
- Help Software Architects to understand the risks surrounding the applications
- Help Team Leaders to set the security base lines for the developers
- Help Web Masters to configure the Servers to avoid miss-configurations

In this course you will also see details of the latest cyber attacks that have been used and the countermeasures used to stop and prevent these attacks.

You will see for yourself how developers mistakes led to catastrophic attacks, and by participatig in the labs during the course you will be able to put into practise the security controls and gain the experience and knowledge to produce secure coding.

Who should Attend this Course?

This Secure Code Training is ideal for those working in positions such as, but not limited to:

- Web Developers
- Mobile Developers
- Java Developers
- Dot Net Developers
- Software Architects
- Software Tester
- Security Professionals
- Web Masters
7 hours
Overview
Shadowsocks is an open-source, secure socks5 proxy.

In this instructor-led, live training, participants will learn how to secure an internet connection through a Shadowsocks proxy.

By the end of this training, participants will be able to:

- Install and configure Shadowsocks on any of a number of supported platforms, including Windows, Linux, Mac, Android, iOS, and OpenWrt.
- Deploy Shadosocks with package manager systems, such as pip, aur, freshports and others.
- Run Shadowsocks on mobile devices and wireless networks.
- Understand how Shadowsocks encrypts messages and ensures integrity and authenticity.
- Optimize a Shadowsocks server

Audience

- Network engineers
- System Administrators
- Computer technicians

Format of the course

- Part lecture, part discussion, exercises and heavy hands-on practice
7 hours
Overview
Apache Shiro is a powerful Java security framework that performs authentication, authorization, cryptography, and session management.

In this instructor-led, live training, participants will learn how to secure a web application with Apache Shiro.

By the end of this training, participants will be able to:

- Use Shiro's API to secure various types of applications, including mobile, web and enterprise
- Enable logins from various data sources, including LDAP, JDBC, Active Directory, etc.

Audience

- Developers
- Security engineers

Format of the course

- Part lecture, part discussion, exercises and heavy hands-on practice
Weekend Cyber Security courses, Evening Cyber Security training, Cybersecurity boot camp, Cybersecurity instructor-led, Weekend Cyber Security training, Evening Cybersecurity courses, Cybersecurity coaching, Cyber Security instructor, Cybersecurity trainer, Cyber Security training courses, Cybersecurity classes, Cyber Security on-site, Cyber Security private courses, Cybersecurity one on one training

Course Discounts Newsletter

We respect the privacy of your email address. We will not pass on or sell your address to others.
You can always change your preferences or unsubscribe completely.

Some of our clients

is growing fast!

We are looking to expand our presence in South Africa!

As a Business Development Manager you will:

  • expand business in South Africa
  • recruit local talent (sales, agents, trainers, consultants)
  • recruit local trainers and consultants

We offer:

  • Artificial Intelligence and Big Data systems to support your local operation
  • high-tech automation
  • continuously upgraded course catalogue and content
  • good fun in international team

If you are interested in running a high-tech, high-quality training and consulting business.

Apply now!