Local, instructor-led live Cyber Security (also known as Cybersecurity, Internet Security or IT Security) training courses demonstrate through interactive discussion and hands-on practice how to understand, plan and implement an Cybersecurity strategy within their organization. Special focus is given to setting up the proper systems and procedures needed to detect and mitigate threats. Internet Security courses are available as interactive trainings and a number of them include a testing and certification component.

Cybersecurity training is available as "onsite live training" or "remote live training". South Africa onsite live Cyber Security trainings can be carried out locally on customer premises or in NobleProg corporate training centers. Remote live training is carried out by way of an interactive, remote desktop.

NobleProg -- Your Local Training Provider

Testimonials

★★★★★

What did you like the most about the training?: Structured, brought in lots of examples, listened to other peoples experiences.

Mark de Munk - Coutts & Co Ltd

Course: Certified Information System Security Professional (CISSP) CBK Review

I liked the in-depth knowledge about the subject of the trainer, good explanation, highlighting important things!.

Andreas Rhein

Course: Certified Information System Security Professional (CISSP) CBK Review

Crypto

Carlos Ibarra

Course: Advanced Java, JEE and Web Application Security

I genuinely was benefit from the communication skills of the trainer.

Flavio Guerrieri

Course: CISM - Certified Information Security Manager

I liked he was passionate about the subject and very convincing too.

Diana Vladulescu

Course: Secure Web Application Development and Testing

Deep knowledge, real examples, the fact that trainer is also a practitioner.

18 Wojskowy Oddział Gospodarczy

Course: CRISC - Certified in Risk and Information Systems Control

I mostly liked the knowledge,.

18 Wojskowy Oddział Gospodarczy

Course: CRISC - Certified in Risk and Information Systems Control

I mostly was benefit from the hands-on examples.

Trading Point of Financial Instruments (XM

Course: Secure coding in PHP

The subject of the course was very interesting and gave us many ideas.

Anastasios Manios

Course: Secure coding in PHP

I generally enjoyed the interaction.

Andreas Hadjidemetris

Course: Secure coding in PHP

Most of the known subjects related with secure coding covered and explained well Nice presentations Easy to watch, not boring.

Trading Point of Financial Instruments (XM

Course: Secure coding in PHP

The way and its approach on each different section.

Trading Point of Financial Instruments (XM

Course: Secure coding in PHP

The trainer has very good communication skills and can easily get & hold audience's attention. He can explain the matter in a very easy and detailed way so that each person can understand it.

Trading Point of Financial Instruments (XM

Course: Secure coding in PHP

All topics were well covered and presented with a lot of examples. Ahmed was very efficient and managed to keep us focused and attracted at all times.

Kostas Bastas

Course: Secure coding in PHP

Everything! I didn't have any experience with Secure Coding and the whole training was interesting and helpful.

Trading Point of Financial Instruments (XM

Course: Secure coding in PHP

I genuinely enjoyed the real life examples.

Marios Prokopiou

Course: Secure coding in PHP

I loved the delivery from the trainer's side. Very enthusiastic and made the training really pleasant and interesting. Also, very clear about the content he was delivering.

Trading Point of Financial Instruments (XM

Course: Secure coding in PHP

I genuinely liked the real world scenarios.

Michail Alvanos

Course: Java and Web Application Security

I genuinely liked the organization.

Panagiotis Foutros

Course: Java and Web Application Security

Very good knowledge and character.

Constantinos Michael

Course: Java and Web Application Security

I was benefit from the exercises (SQL injection, XSS, CRSF. .).

David Lemoine - Statistical Solutions

Course: .NET, C# and ASP.NET Security Development

I liked the blend of theory/fundamentals/principles and activity/interactive-web-apps. Excellent mix.

Statistical Solutions

Course: .NET, C# and ASP.NET Security Development

Good pacing, by switching between lectures and activities the trainer was able to hold my attention, good variety of topics covered, trainer was very knowledgeable and able to adapt the subject matter to what was required.

Statistical Solutions

Course: .NET, C# and ASP.NET Security Development

I genuinely was benefit from the knowledge.

Luis Miguel Lara - Blue Indico Investments, S.L.U.

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

The way in which he explained to us during the 2 days and his way of being, which makes learning enjoyable.

Víctor Miguel Prado Saster - Blue Indico Investments, S.L.U.

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

I really liked the teacher's knowledge.

Ariany Auxiliadora Pulido Gonzalez - Blue Indico Investments, S.L.U.

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

The trainer was very nice and available. I appreciated his knowledge, skills and preparation about the subject. Furthermore, he provided us extra content about IoT, very interesting.

Giuseppe Fiorita - Blue Indico Investments, S.L.U.

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

Ahmed was always trying to keep attention of us.

Alberto Brezmes - Blue Indico Investments, S.L.U.

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

I enjoyed the trainer methods to attract our attention.

Antonio Osuna Sánchez - Blue Indico Investments, S.L.U.

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

Trainers command in his field

Adnan ul Husnain Hashmi - TDM GROUP

Course: Web Application Security

The hands-on labs were excellent.

Dr. Farhan Hassan Khan - TDM GROUP

Course: Web Application Security

The trainer always ensured me fully understand what he had taught and do not hesitate to repeat again if I am still not clear about it. He is committed to preparing more samples to show me to answer the extra questions from me.

Kenny, Jiun Ming Wee

Course: PKI: Implement and Manage

Very knowledgeable and approachable trainer.

Trainocate (S) Pte. Ltd.

Course: PKI: Implement and Manage

Ann is very knowledgeable on the subject. She is constantly varying pace according to the feedback. There is a lot of room for discussing attendee's own experiences. It was a great joy !.

Sjoerd Hulzinga - KPN p/a Bloomville

Course: IoT Security Architecture

It was quite informal.

Capita Business Services Ltd

Course: Understanding Modern Information Communication Technology

Trainer covered a lot of ground over a relatively short period.

Capita Business Services Ltd

Course: Understanding Modern Information Communication Technology

I enjoyed the practical exercises. Hands-on is the best way to learn.

W L Gore & Associates (UK) Ltd

Course: PKI: Implement and Manage

Interactive demos

Juan Pablo Camps Gonzalez - Banco de Credito e Inversiones

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

Translated by

The examples of real cases.

Jorge De la Cruz - BEEVA TEC OPERADORA S.A. de C.V.

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

Translated by

The dynamics

Felipe Juarez Ramirez - BEEVA TEC OPERADORA S.A. de C.V.

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

Translated by

The way to take the course because it lent itself to something tedious but he knew how to develop it in a good way

Williams Feliciano Dominguez Aries - BEEVA TEC OPERADORA S.A. de C.V.

Course: CCSK - Certificate of Cloud Security Knowledge - Plus

Translated by

The instructor prepared the material for his course.

Instituto nacional de astrofísica, óptica y electrónica

Course: Microsoft SDL Core

Translated by

Information about the cold boot attack and how to protect against this attack.

Marcin Piliszczuk - Diebold Nixdorf

Course: Application Security in the Cloud

Translated by

Loose way of driving

Course: NB-IoT for Developers

Translated by

Loose way of driving

Course: NB-IoT for Developers

Translated by

Cybersecurity Subcategories

Cybersecurity Course Outlines

Title

Duration

Overview

Title

Duration

Overview

Introduction to ISO27001

7 hours

Overview

This is a one day Introduction to ISO27001

Information Security Management Principles

35 hours

Overview

Course Style:

This is an Instructor led course, and is the non-certification version of the "[CISMP - Certificate in Information Security Management Principles](/cc/cismp)" course

Description:;

The course will provide you with the knowledge and understanding of the main principals required to be an effective member of an information security team with security responsibilities as part of your day to day role. It will also prepare individuals who are thinking of moving into information security or related functions.

Objectives:

To provide students with the skills and knowledge required to demonstrate the following:

- Knowledge of the concepts relating to information security management (confidentiality, availability, vulnerability, threats, risks and countermeasures etc.)
- Understanding of current legislation and regulations which impact upon information security management in the UK; Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security;
- Understanding of the current business and technical environments in which information security management has to operate;
- Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.

Secure Web Application Development and Testing

21 hours

Overview

Protecting applications that are accessible via the web requires well-prepared security professional who are at all time aware of current attack methods and trends. Plethora of technologies and environments exist that allow comfortable development of web applications. One should not only be aware of the security issues relevant to these platforms, but also of all general vulnerabilities that apply regardless of the used development tools.

The course gives an overview of the applicable security solutions in web applications, with a special focus on understanding the most important cryptographic solutions to be applied. The various web application vulnerabilities are presented both on the server side (following the OWASP Top Ten) and the client side, demonstrated through the relevant attacks, and followed by the recommended coding techniques and mitigation methods to avoid the associated problems. The subject of secure coding is wrapped up by discussing some typical security-relevant programming mistakes in the domain of input validation, improper use of security features and code quality.

Testing plays a very important role in ensuring security and robustness of web applications. Various approaches – from high level auditing through penetration testing to ethical hacking – can be applied to find vulnerabilities of different types. However, if you want to go beyond the easy-to-find low-hanging fruits, security testing should be well planned and properly executed. Remember: security testers should ideally find all bugs to protect a system, while for adversaries it is enough to find one exploitable vulnerability to penetrate into it.

Practical exercises will help understanding web application vulnerabilities, programming mistakes and most importantly the mitigation techniques, together with hands-on trials of various testing tools from security scanners, through sniffers, proxy servers, fuzzing tools to static source code analyzers, this course gives the essential practical skills that can be applied on the next day at the workplace.

Participants attending this course will

- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn client-side vulnerabilities and secure coding practices
- Have a practical understanding of cryptography
- Understand security testing approaches and methodologies
- Get practical knowledge in using security testing techniques and tools
- Be informed about recent vulnerabilities in various platforms, frameworks and libraries
- Get sources and further readings on secure coding practices

Audience

Developers, Testers

Web Application Security

14 hours

Overview

Protecting applications that are accessible via the web requires well-prepared security professional who are at all time aware of current attack methods and trends. Plethora of technologies and environments exist that allow comfortable development of web applications (like Java, ASP.NET or PHP, as well as Javascript or Ajax on the client side). One should not only be aware of the security issues relevant to these platforms, but also of all general vulnerabilities that apply regardless of the used development tools.

The course gives an overview of the applicable security solutions in web applications, focusing on the most important technologies like secure communication and web services, tackling both transport-layer security and end-to-end security solutions and standards like Web Services Security and XML. It also gives a brief overview of the typical programming mistakes, above all connected to missing or improper input validation.

The web-based vulnerabilities are demonstrated through presenting the relevant attacks, while the recommended coding techniques and mitigation methods are explained to avoid the associated problems. Exercises can be easily followed by programmers using different programming languages, thus the web application-related topics can be easily combined with other secure coding subjects, and can thus effectively satisfy the needs of corporate development groups, who typically deal with various languages and development platforms to develop web applications.

Participants attending this course will

- Understand basic concepts of security, IT security and secure coding
- Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
- Learn client-side vulnerabilities and secure coding practices
- Have a practical understanding of cryptography
- Understand security concepts of Web services
- Get practical knowledge in using security testing tools
- Get sources and further readings on secure coding practices

Audience

Developers

Computer Room Security and Maintenance

14 hours

Overview

Network security begins at the physical level. In this instructor-led, live training in South Africa, participants will learn the security risks related to computer server rooms and how to tighten security through smart practices, planning and technology implementation.

By the end of this training, participants will be able to:

- Assess their organization's security risk, as it relates to computer server rooms.
- Set up control and monitoring systems to restrict physical access to infrastructure.
- Design access policies for different members.
- Effectively communicate security policies with team members.

CRISC - Certified in Risk and Information Systems Control

21 hours

Overview

Description:

This class is intended as intense and hard core exam preparation for ISACA’s Certified Information Systems Auditor (CRISC) Examination. The five (5) domains of ISACA’s CRISC syllabus will be covered with a big focus on the Examination. The Official ISACA CIRSC Review Manual and Question, Answer and Explanation, (Q,A&E), supplements will ALSO be provided when attending. The Q,A&E is exceptional in helping delegates understand the ISACA style of questions, the type of answers ISACA are looking for and it helps rapid memory assimilation of the material.

The technical skills and practices that ISACA promotes and evaluates within the CRISC certification are the building blocks of success in the field. Possessing the CRISC certification demonstrates your skill within the profession. With a growing demand for professionals holding risk and control expertise, ISACA’s CRISC has positioned itself to be the preferred certification program by individuals and enterprises around the world. The CRISC certification signifies commitment to serving an enterprise and the chosen profession with distinction.

Objectives:

- To help you pass the CRISC examination first time
- possessing this certification will signify your commitment to serving an enterprise with distinction
- the growing demand for professionals with risk and control skills will allow holders of this certification to command better
positions and salary

You will learn:

- To help enterprises accomplish business objectives by designing, implementing, monitoring and maintaining risk-based,
efficient and effective IS controls.
- The technical skills and practices that CRISC promotes, these are the building blocks of success in the field

Cybersecurity Fundamentals

28 hours

Overview

Description:

Cybersecurity skills are in high demand, as threats continue to plague enterprises around the world. An overwhelming majority of professionals surveyed by ISACA recognise this and plan to work in a position that requires cybersecurity knowledge.
To fill this gap, ISACA has developed the Cybersecurity Fundamentals Certificate, which provides education and verification of skills in this area.

Objectives:

With cybersecurity threats continuing to rise and the shortage of appropriately-equipped security professionals growing worldwide, ISACA's Cybersecurity Fundamentals Certificate programme is the perfect way to quickly train entry-level employees and ensure they have the skills and knowledge they need to successfully operate in the Cyber arena.

Target Audience:

The certificate program is also one of the best ways to gain foundational knowledge in cybersecurity and begin to build your skills and knowledge in this crucial area.

Fundamentals of Corporate Cyber Warfare

14 hours

Overview

Audience

- Cyber security specialists
- System administrators
- Cyber security managers
- Cyber security auditors
- CIOs

Format of the course

- Heavy emphasis on hands-on practice. Most of the concepts are learned through samples, exercises and hands-on development.

DevOps Security: Creating a DevOps Security Strategy

7 hours

Overview

DevOps is a software development approach that aligns application development with IT operations. Some of the tools that have emerged to support DevOps include: automation tools, containerization and orchestration platforms. Security has not kept up with these developments.

In this course, participants will learn how to formulate the proper security strategy to face the DevOps security challenge.

Audience

- Devops engineers
- Security engineers

Format of the course

- Part lecture, part discussion, some hands-on practice

Ethical Hacking and Countermeasures

35 hours

Overview

Description:

This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defences work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how Intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

Target Audience:

This course will significantly benefit security officers, auditors, security professionals, site administrators, and anyone who is concerned about the integrity of the network infrastructure.

Embedded Systems Security

21 hours

Overview

This training introduces the system architectures, operating systems, networking, storage, and cryptographic issues that should be considered when designing secure embedded systems.

By the end of this course, participants will have a solid understanding of security principles, concerns, and technologies. More importantly, participants will be equipped with the techniques needed for developing safe and secure embedded software.

Audience

- Embedded systems professionals
- Security professionals

Format of the course

- Part lecture, part discussion, hands-on practice

Ethical Hacker

35 hours

Overview

This class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems. The lab intensive environment gives each student in-depth knowledge and practical experience with the current essential security systems. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure a system. Students will also learn about Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation. When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

The purpose of the Ethical Hacking Training is to:

- Establish and govern minimum standards for credentialing professional information security specialists in ethical hacking measures.
- Inform the public that credentialed individuals meet or exceed the minimum standards.
- Reinforce ethical hacking as a unique and self-regulating profession.

Audience:

The Course is ideal for those working in positions such as, but not limited to:

- Security Engineers
- Security Consultants
- Security Managers
- IT Director/Managers
- Security Auditors
- IT Systems Administrators
- IT Network Administrators
- Network Architects
- Developers

Governance, Risk Management & Compliance (GRC) Fundamentals

21 hours

Overview

Course goal:

To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

- GRC Basic terms and definitions
- Principles of GRC
- Core components, practices and activities
- Relationship of GRC to other disciplines

Interactive Application Security Testing (IAST)

14 hours

Overview

Interactive Application Security Testing (IAST) is a form of application security testing that combines Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST) or Runtime Application Self-protection (RASP) techniques. IAST is able to report the specific lines of code responsible for a security exploit and replay the behaviors leading to and following such an exploit.

In this instructor-led, live training, participants will learn how to secure an application by instrumenting runtime agents and attack inducers to simulate application behavior during an attack.

By the end of this training, participants will be able to:

- Simulate attacks against applications and validate their detection and protection capabilities
- Use RASP and DAST to gain code-level visibility into the data path taken by an application under different runtime scenarios
- Quickly and accurately fix the application code responsible for detected vulnerabilities
- Prioritize the vulnerability findings from dynamic scans
- Use RASP real-time alerts to protect applications in production against attacks.
- Reduce application vulnerability risks while maintaining production schedule targets
- Devise an integrated strategy for overall vulnerability detection and protection

Audience

- DevOps engineers
- Security engineers
- Developers

Format of the course

- Part lecture, part discussion, exercises and heavy hands-on practice

Blockchain: Hyperledger Indy for Identity Management

14 hours

Overview

In this instructor-led, live training in South Africa, participants will learn how to create an Indy-based decentralized identity system.

By the end of this training, participants will be able to:

- Create and manage decentralized, self-sovereign identities using distributed ledgers.
- Enable interoperability of digital identities across domains, applications, and silos.
- Understand key concepts such as user-controlled exchange, revocation, Decentralized Identifiers (DIDs), off-ledger agents, data minimization, etc.
- Use Indy to enable identity owners to independently control their personal data and relationships.

Information Systems Auditor

35 hours

Overview

Description:

This course is the non-certifcation version of the "[CISA - Certified Information Systems Auditor](/cc/cisa)" course. CISA® is the world-renowned and most popular certification for professionals working in the field of IS audit and IT risk consulting.

Objectives:

- Use the knowledge gained to benefit your organisation
- Provide audit services in accordance with IT audit standards
- Provide assurance on leadership and organizational structure and processes
- Provide assurance on acquisition/ development, testing and implementation of IT assets
- Provide assurance on IT operations including service operations and third party
- Provide assurance on organization’s security policies, standards, procedures, and controls to ensure confidentiality, integrity, and availability of information assets.

Target Audience:

Finance/CPA professionals, I.T. professionals, Internal & External auditors, Information security, and risk consulting professionals.

Microsoft SDL Core

14 hours

Overview

The Combined SDL core training gives an insight into secure software design, development and testing through Microsoft Secure Development Lifecycle (SDL). It provides a level 100 overview of the fundamental building blocks of SDL, followed by design techniques to apply to detect and fix flaws in early stages of the development process.

Dealing with the development phase, the course gives an overview of the typical security relevant programming bugs of both managed and native code. Attack methods are presented for the discussed vulnerabilities along with the associated mitigation techniques, all explained through a number of hands-on exercises providing live hacking fun for the participants. Introduction of different security testing methods is followed by demonstrating the effectiveness of various testing tools. Participants can understand the operation of these tools through a number of practical exercises by applying the tools to the already discussed vulnerable code.

Participants attending this course will

-

Understand basic concepts of security, IT security and secure coding

-

Get known to the essential steps of Microsoft Secure Development Lifecycle

-

Learn secure design and development practices

-

Learn about secure implementation principles

-

Understand security testing methodology

- Get sources and further readings on secure coding practices

Audience

Developers, Managers

IoT Security Architecture

14 hours

Overview

In this instructor-led, live training in South Africa, participants will understand Internet of Things (IoT) architectures and learn the different IoT security solutions applicable to their organization.

By the end of this training, participants will be able to:

- Understand IoT architectures.
- Understand emerging IoT security threats and solutions.
- Implement technologies for IoT security in their organization.

Building up information security according to ISO 27005

21 hours

Overview

This course will give you the skills to build up information security according to ISO 27005, which is dedicated to information security risk management based on ISO 27001.

NB-IoT for Developers

7 hours

Overview

In this instructor-led, live training in South Africa, participants will learn about the various aspects of NB-IoT (also known as LTE Cat NB1) as they develop and deploy a sample NB-IoT based application.

By the end of this training, participants will be able to:

- Identify the different components of NB-IoT and how to fit together to form an ecosystem.
- Understand and explain the security features built into NB-IoT devices.
- Develop a simple application to track NB-IoT devices.

NetNORAD

7 hours

Overview

NetNORAD is a system built by Facebook to troubleshoot network problems via end-to-end probing, independent of device polling.

In this instructor-led, live training, participants will learn how NetNORAD and active path testing can help them improve their network troubleshooting methods.

By the end of this training, participants will be able to:

- Understand how NetNORAD works
- Learn the design principles behind NetNORAD
- Use open-source NetNORAD tools with their own code to implement a fault detection system

Audience

- Network engineers
- Developers
- System engineers

Format of the course

- Part lecture, part discussion, exercises and heavy hands-on practice

Network Penetration Testing

35 hours

Overview

This class will help the attendees to scan, test, hack and secure their own systems. To gain an in-depth knowledge and practical experience with the current essential security systems. The attendees will get to know how perimeter defences work and then be led into scanning and attacking their own networks, no real network is harmed. The attendees then will learn how intruders escalate privileges and what steps can be taken to secure a system, Intrusion Detection, Policy Creation, Social Engineering, DDoS Attacks, Buffer Overflows and Virus Creation.

Web Security with the OWASP Testing Framework

28 hours

Overview

The Open Web Application Security Project is an online community which creates freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.

OWASP offers testing frameworks and tools for identifying vulnerabilities in web applications and services

Audience

This course is directed at Developers, Engineers and Architects seeking to secure their web apps and services

Business Continuity Management

35 hours

Overview

Description:

This is a 'Practitioner' course and leans heavily on practical exercises designed to reinforce the concepts being taught and to build the delegates' confidence in implementing business continuity management. The course is also designed to encourage debate, and the sharing of knowledge and experience between students.
Delegates will benefit from the practical and extensive experiences of ours trainers who are practicing business continuity management and ISO 22301:2012 specialists.

Delegates will learn how to:

- Explain the need for business continuity management (BCM) in all organisations
- Define the business continuity lifecycle
- Conducting business continuity programme management
- Understand their organisation sufficiently to identify mission-critical impact areas
- Determine their organisation's business continuity strategy
- Establish a business continuity response
- Exercise, maintain and review plans
- Embed business continuity in an organisation
- Define terms and definitions appropriate to business continuity

By the end of the course, delegates will have a detailed understanding of all the key components of business continuity management and be able to return to their work, making a significant contribution to the business continuity management process.

Public Key Infrastructure

21 hours

Overview

The training is directed to all operating systems administrators, who plan to implement a public key infrastructure based on MS Windows Server 2012 R2 and plan to use qualified electronic signature certificates.

The participants will learn about the basic issues related to the implementation of public key infrastructure, and also with the idea of applying the latest cryptographic solutions for securing information systems.

On the basis of MS Windows Server 2012 R2 are discussed possibilities of using certification services for the enterprise.During the training in a virtual environment is installed complete certification center and discuss the most important issues related to the management and administration of public key infrastructure in an Active Directory domain.

The training includes theoretical and practical knowledge on the use of electronic signatures issued by certification centers in Poland under the "Act on Electronic Signatures." These are legal issues, legal requirements, as well as examples of the use of certificates of electronic signatures in Poland.

The participants will gain the knowledge needed to create electronic correspondence relating to communication with the public authorities and other services that allow or require the use of a type of ID.

PKI: Implement and Manage

21 hours

Overview

Overview

This Public Key Infrastructure – Implement and Manage course helps any individual to gain knowledge in managing robust PKI and having better understanding of topics surrounding public key infrastructure. Moreover, the PKI course is a preparation for the increasingly critical component – which ensures confidentiality, integrity, and authentication in an enterprise. Our PKI course provides the knowledge and skills necessary to select, design and deploy PKI, to secure existing and future applications within your organization. It also gives a deeper look into the foundations of cryptography and the working principles of the algorithms being used.

Throughout the whole course, participants will gain in-depth knowledge on the following topics:

- Legal aspects of a PKI
- Elements of a PKI
- PKI management
- Trust in a digital world
- Digital signature implementation
- Trust models

After completing the PKI course, each individual will be able to successfully design, setup, deploy, and manage a public key infrastructure (PKI).

This is a 3-day course is considered essential for anyone who needs to understand Public Key Infrastructure (PKI) and the issues surrounding its implementation. It covers the issues and technologies involved in PKI in-depth and gives hands-on practical experience of setting up and maintaining a variety of PKI solutions. Detailed knowledge of issues surrounding PKI helps to put recent attacks which have appeared in the news headlines into context and enable valid decisions to be made about their relevance to your organisation.

Objectives

To introduce the student to the theoretical aspects of the foundations and benefits of Public Key Infrastructure (PKI), including different types of encryption, digital signatures, digital certificates and Certificate Authorities.

To give students hands on experience of implementing and using PKI solutions with a variety of applications.

To give students an understanding of the concepts of evaluating and selecting PKI technologies

Audience

Anyone involved in Public Key Infrastructure | PKI decision-making, implementing and securing e-commerce and other Internet applications, including CIOs, Chief Security Officers, MIS Directors, Security Managers and Internal Auditors.

Security Analyst

35 hours

Overview

Target Audience would be - Network server administrators, firewall administrators, information security analysts, system administrators, and risk assessment professionals

How to Write Secure Code

35 hours

Overview

After the major attacks against national infrastructures, Security Professionals found that the majority of the vulnerabilities that caused the attacks came from poor and vulnerable code that the developers write.

Developers now need to master the techniques of how to write Secure Code, because we are in a situation where anyone can use availble tools to write a script that can effectivly disable a large organization's systems because the developers have written poor code.

This Course aims to help in the following:

- Help Developers to master the techniques of writing Secure Code
- Help Software Testers to test the security of the application before publishing to the production environment
- Help Software Architects to understand the risks surrounding the applications
- Help Team Leaders to set the security base lines for the developers
- Help Web Masters to configure the Servers to avoid miss-configurations

In this course you will also see details of the latest cyber attacks that have been used and the countermeasures used to stop and prevent these attacks.

You will see for yourself how developers mistakes led to catastrophic attacks, and by participatig in the labs during the course you will be able to put into practise the security controls and gain the experience and knowledge to produce secure coding.

Who should Attend this Course?

This Secure Code Training is ideal for those working in positions such as, but not limited to:

- Web Developers
- Mobile Developers
- Java Developers
- Dot Net Developers
- Software Architects
- Software Tester
- Security Professionals
- Web Masters

Shadowsocks: Set Up a Proxy Server

7 hours

Overview

Shadowsocks is an open-source, secure socks5 proxy.

In this instructor-led, live training, participants will learn how to secure an internet connection through a Shadowsocks proxy.

By the end of this training, participants will be able to:

- Install and configure Shadowsocks on any of a number of supported platforms, including Windows, Linux, Mac, Android, iOS, and OpenWrt.
- Deploy Shadosocks with package manager systems, such as pip, aur, freshports and others.
- Run Shadowsocks on mobile devices and wireless networks.
- Understand how Shadowsocks encrypts messages and ensures integrity and authenticity.
- Optimize a Shadowsocks server

Audience

- Network engineers
- System Administrators
- Computer technicians

Format of the course

- Part lecture, part discussion, exercises and heavy hands-on practice

Apache Shiro: Securing Your Java Application

7 hours

Overview

Apache Shiro is a powerful Java security framework that performs authentication, authorization, cryptography, and session management.

In this instructor-led, live training, participants will learn how to secure a web application with Apache Shiro.

By the end of this training, participants will be able to:

- Use Shiro's API to secure various types of applications, including mobile, web and enterprise
- Enable logins from various data sources, including LDAP, JDBC, Active Directory, etc.

Audience

- Developers
- Security engineers

Format of the course

- Part lecture, part discussion, exercises and heavy hands-on practice

Other regions

Pretoria Cape Town Johannesburg

Other countries

These courses are also available in other countries ››

Consulting

Cyber Security Consulting

Weekend Cyber Security courses, Evening Cyber Security training, Cybersecurity boot camp, Cybersecurity instructor-led, Weekend Cyber Security training, Evening Cybersecurity courses, Cybersecurity coaching, Cyber Security instructor, Cybersecurity trainer, Cyber Security training courses, Cybersecurity classes, Cyber Security on-site, Cyber Security private courses, Cybersecurity one on one training