Information Security. Training

Similar documents
Security Training-as-a-Service (STr-aaS) Service Details & Features

College Training Program

Security-as-a-Service (Sec-aaS) Framework. Service Introduction

Vulnerability Assessment and Penetration Testing

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

INFORMATION SECURITY TRAINING CATALOG (2015)

CRYPTUS DIPLOMA IN IT SECURITY

COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM

The purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.

Course Content Summary ITN 261 Network Attacks, Computer Crime and Hacking (4 Credits)

Certified Ethical Hacker (CEH)

Overview of Network Security The need for network security Desirable security properties Common vulnerabilities Security policy designs


PTSv2 in pills: The Best First for Beginners who want to become Penetration Testers. Self-paced, online, flexible access

2016 TÜBİTAK BİLGEM Cyber Security Institute

INFORMATION SECURITY TRAINING CATALOG (2016)

Penetration Testing with Kali Linux

CYBERTRON NETWORK SOLUTIONS

Computer Forensics Training - Digital Forensics and Electronic Discovery (Mile2)

Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Ethical Hacking as a Professional Penetration Testing Technique

Excellence Doesn t Need a Certificate. Be an. Believe in You AMIGOSEC Consulting Private Limited

Web App Security Audit Services

Description: Course Details:

Web application testing

Certified Ethical Hacker Exam Version Comparison. Version Comparison

Learn Ethical Hacking, Become a Pentester

Where every interaction matters.

Security of IPv6 and DNSSEC for penetration testers

Malicious Network Traffic Analysis

Course Title: Penetration Testing: Security Analysis

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

Professional Penetration Testing Techniques and Vulnerability Assessment ...

Application Security Testing

Thick Client Application Security

1. LAB SNIFFING LAB ID: 10

Topics in Network Security

CompTIA Security+ (Exam SY0-410)

EC-Council Certified Security Analyst / License Penetration Tester (ECSA/LPT) v4.0 Bootcamp

Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led

CS5008: Internet Computing

ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST

TESTING OUR SECURITY DEFENCES

Information Security Services

Web Application Hacking (Penetration Testing) 5-day Hands-On Course

Description: Objective: Attending students will learn:

SAST, DAST and Vulnerability Assessments, = 4

Linux Network Security

Make a folder named Lab3. We will be using Unix redirection commands to create several output files in that folder.

How to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering

Web Application Penetration Testing

NSA/DHS CAE in IA/CD 2014 Mandatory Knowledge Unit Checklist 4 Year + Programs

The Top Web Application Attacks: Are you vulnerable?

EC-Council Certified Security Analyst (ECSA)

Adobe Systems Incorporated

Build Your Own Security Lab

90% of data breaches are caused by software vulnerabilities.

Rational AppScan & Ounce Products

EUCIP - IT Administrator. Module 5 IT Security. Version 2.0

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Web Application Vulnerability Testing with Nessus

CH ENSA EC-Council Network Security Administrator Detailed Course Outline

North Dakota 2013 IT Security Audit Vulnerability Assessment & Penetration Test Project Briefing

Sitefinity Security and Best Practices

CS 665: Computer System Security. Network Security. Usage environment. Sources of vulnerabilities. Information Assurance Module

Securing Your Web Application against security vulnerabilities. Ong Khai Wei, IT Specialist, Development Tools (Rational) IBM Software Group

EC-Council Network Security Administrator (ENSA) Duration: 5 Days Method: Instructor-Led

CEH Version8 Course Outline

EC Council Certified Ethical Hacker V8

National Cyber League Certified Ethical Hacker (CEH) TM Syllabus

Who is Watching You? Video Conferencing Security

Information Technology Career Cluster Introduction to Cybersecurity Course Number:

Venue. Dates. Certified Ethical Hacker (CEH) boot camp. Inovatec College. Nairobi Kenya (exact hotel name to be confirmed

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS

IINS Implementing Cisco Network Security 3.0 (IINS)

Network Security Administrator

Cyber Essentials. Test Specification

CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE

FINAL DoIT v.4 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS APPLICATION DEVELOPMENT AND MAINTENANCE PROCEDURES

locuz.com Professional Services Security Audit Services

WEB SITE SECURITY. Jeff Aliber Verizon Digital Media Services

Implementing Cisco IOS Network Security

Achieving PCI Compliance Using F5 Products

April 11, (Revision 2)

Strategic Information Security. Attacking and Defending Web Services

Security and Vulnerability Testing How critical it is?

Audience. Pre-Requisites

CNS-301-3I ~ Citrix NetScaler 11 Advanced Implementation

Cloud Security:Threats & Mitgations

Detecting Web Application Vulnerabilities Using Open Source Means. OWASP 3rd Free / Libre / Open Source Software (FLOSS) Conference 27/5/2008

Windows Remote Access

ASP.NET MVC Secure Coding 4-Day hands on Course. Course Syllabus

CYBER ATTACKS EXPLAINED: PACKET CRAFTING

Application Security Best Practices. Wally LEE Principal Consultant

Network Security Fundamentals

Magento Security and Vulnerabilities. Roman Stepanov

ITEC441- IS Security. Chapter 15 Performing a Penetration Test

IDS 4.0 Roadshow. Module 1- IDS Technology Overview. 2003, Cisco Systems, Inc. All rights reserved. IDS Roadshow

Transcription:

Information Security Training

Importance of Information Security Training There is only one way to keep your product plans safe and that is by having a trained, aware and a conscientious workforce. - Kevin Mitnick, The Art of Deception A major challenge within Information Security is the pace at which technology changes, causing threats and attacks to emerge out of no-where. Security risks continue to affect all types and scales of businesses. People or Companies who loose sensitive information can result in risk of large losses, legal liabilities, bad reputation and future loss of earnings. Provided number of serious information security attacks and breaches, security training is the first line of defence required for all roles from Employees to Executives based on type of work they are indulged in.

How Organizations are benefited Reduces devaluation Organization s Risk profile Reduce Direct and Indirect costs Reduces technology leakage risk Build compline and Secure Product How Professionals are benefited Knowledge Development to stay on top of trends Job Security Better Career Growth and Opportunities Domain Specialization Strong Security Leadership How College Students are benefited Better Job Opportunities In-tune with Current and Upcoming trends Evidence of your Abilities

Why Hack2Secure for Information Security Training Hack2Secure excels in providing intensive, immersion training designed to master the practical steps necessary for defending systems against the dangerous security threats like identity theft, phishing scams, virus and backdoors, loss of confidential information, hacking attacks etc. We strive to scale up to highest benchmark standards established in the industry. Our wide range of courses cover various aspects of Information Security with hands-on training that allow an individual to easily get ready for the practice. Hack2Secure provides customized IT Security Training per specific requirements through a most suitable mode of delivery. One can choose to attend courses Online (On-demand or Live) or with our Instructor-Led-Training programs scheduled either at your premise or externally at pre-defined venue.

Customised Training Programs Customizable Security Training Programs based on client requirement. Security Tools & Techniques Security Processes & Policies Corporate Training College Training Program Summer Training Program Certificate Training Multiple Training Modes Different Training Levels Advance Level Intermediate Level Intermediate Level Self-Paced Training Live Online Training Instructor-Led

Beginner Level Training Programs Security Awareness Training Information Security Fundamentals Introduction to Cryptography Using Google Effectively for Security Testing OWASP Top10: Attacks & Countermeasures Buffer Overflow: Attacks & Countermeasures Performing Effective Application Security Testing Penetration Testing & Vulnerability Assessment Cloud Security: Existing Security Risk & Vulnerabilities Integrating Security in Software Development Lifecycle

Intermediate and Advance Level Training Programs Security Essentials Using NMAP Effectively Common causes of Security Defects Network Packet Crafting with SCAPY Web Application Security with BurpSuite Ensuring Application Security with TLS/SSL Network Packet & Traffic Analysis with WIRESHARK Breaking Web Software Security Using NESSUS for Vulnerability Scanning Essential checks for Application Security Threat Modeling for Application Security Attacking Systems with Metasploit Framework

Security Awareness Training Level # Beginner Objective: This Security Awareness program deals with day-to-day secure practices to be considered by a person using Internet and Computer Systems. Audience: Any Computer System User Pre-Requisites: Basic understanding of Computer Systems and Internet Security considerations for a Computer Systems How to create a Secure Password Identify and Avoid Fake Emails, Web Pages & Downloads Secure Browsing, E-Commerce & Bank Transactions Social Media Security, Social Engineering and Network Eavesdropping Data Security, Malicious Softwares & Backups Information Security Fundamentals Level # Beginner Objective: This course provides a walk-through in basic Security Concepts and Secure Software Design Considerations Audience: Who wants to learn basics of Information Security Pre-Requisites: Basic understanding of Computer Systems and Internet About CIA (Confidentiality, Integrity & Availability) & related attacks Overview on Cryptography, SSL/TLS, Certificates & Digital Signatures Authentication, Authorization & Accountability Overview on Access Control, Password Security Security Design Principles

Introduction to Cryptography Level # Beginner Objective: This course provides overview on Cryptography and Public key Infrastructure, its usage in everyday life and common possible attacks on same. Audience: Security Enthusiastic, Security Professionals Pre-Requisites: Basic understanding of Computer Systems and Internet What is Cryptography, Processes and Types Public Key infrastructure with SSL/TLS Cryptography in everyday life Attacks to Cryptography Using Google Effectively for Security Testing Level # Beginner Objective: This course provides deep-dive to Google usage as Search Engine and Information Gathering tools Audience: Security Enthusiastic, Security Professionals Pre-Requisites: Basic understanding of Computer Systems and Internet Using Google as Search engine, its Operators and Building Queries Google Cache, Directories and Traversal Data Mining & Document digging Finding Sensitive Data, Exploit Code and Executables

OWASP Top10: Attacks & Countermeasures Level # Beginner Objective: This course provides basic overview to OWASP Top 10 vulnerabilities and possible measures to avoid these. Audience: Security Enthusiastic & Professionals, Software Testers & Developers Pre-Requisites: Basic understanding of Web Technologies About OWASP OWASP Top10 Vulnerabilities o Injection Attacks, Broken Authentication & Session Management o Cross Site Scripting, Insecure direct object References o Security Misconfiguration, Sensitive data Exposure o Missing function level Access Control, Cross Site request forgery o Using Components with known vulnerabilities o Un-validated redirects and forwards Buffer Overflow: Attacks & Countermeasures Level # Beginner Objective: This course deals with Buffer overflow concepts and possible available mitigation methods Audience: Software Testers & Developers, Security Enthusiastic & Professionals Pre-Requisites: Basic Operating System Concepts About Buffer Overflow: Stack-based and Heap-based Format String Vulnerability Buffer Overflow Mitigation methods

Performing Effective Application Security Testing Level # Beginner Objective: This course deals with methodologies, process and scenarios for effective security testing. Audience: Software Testers, Security Enthusiastic & Professionals Pre-Requisites: Software Testing concepts, Working knowledge of Linux OS Importance of Security Testing, Security Principles Analysing product for Security Testing Security Testing o OWASP Top10 o Environment Binaries, Input checks, Data & Logic o Some more attack testing: Threat Modeling overview Penetration Testing & Vulnerability Assessment Level # Beginner Objective: This course deals with process, tools and techniques for Penetration Testing and Vulnerability Assessment Audience: Security Enthusiastic & Professionals Pre-Requisites: Working knowledge of Linux OS, Networking concepts About Ethical hacking, Penetration Testing and Vulnerability Assessment Information Gathering Scan, Sniff & Enumeration Vulnerability Assessment Exploit it!! Holding the fort & Cleaning-up the mess

Cloud Security: Existing Security Risk & Vulnerabilities Level # Beginner Objective: This course provides overview on Cloud Computing, Existing risk and vulnerabilities causing main hindrance in its adoption Audience: Software Engineers, Managers, Security Enthusiastic & Professionals Pre-Requisites: Basic Networking & Security concepts, Introduction to Cloud computing and Security Secure Cloud Computing Architecture Data security in Cloud Computing Secure Practices in Cloud Computing Integrating Security in Software Development Life Cycle Level # Beginner Objective: This course provides overview on integrating Security in Software Development Lifecycle Audience: Software Testers, Developers & Managers, Security Enthusiastic Pre-Requisites: Knowledge of Software Development Life Cycle Challenges in Software Security Mapping Security in Software Development Lifecycle Security Impact Assessment Ensuring Secure Design and Coding Methodology Static Analysis for Code Security Performing Vulnerability Testing

Security Essentials Level # Intermediate Objective: This course provides overview on Essential Security concepts, tools and techniques. Audience: Security Enthusiastic & Professionals Pre-Requisites: Basic Web and Networking concepts Security Concepts and Principles Network Security : Concepts and Attacks Network Security : Scanning and Sniffing Web Security : OWASP Top10 Vulnerabilities Using NMAP Effectively Level # Intermediate Objective: This course provides in-depth working and features of NMAP as Security Testing tool Audience: Security Enthusiastic & Professionals Pre-Requisites: Basic Networking & Operating System concepts About NMAP & How it Works NMAP Ping & Port Scans NMAP Scripting Engine (NSE) NMAP for Security Testing : Auditing, Vulnerability Assessment & Compliance testing Advance NMAP Options

Common causes of security Defects Level # Intermediate Objective: This course provides details and testing guidelines for vulnerabilities which are primary cause of Security flaw in any Software/Application. Audience: Software Tester & Developer, Security Enthusiastic & Professionals Pre-Requisites: Basic Web, Networking & Operating System concepts OWASP Top10 Vulnerabilities Flaws in Authentication, Authorization, Accountability Information leakage, Weak Data Protection Improper usage of SSL/TLS Overflow problems, Race conditions and more. Network Packet crafting with SCAPY Level # Intermediate Objective: This course provides in-depth working and features of SCAPY as Network packet crafting tool Audience: Security Enthusiastic & Professionals, Software Engineers Pre-Requisites: Basic Networking & Operating System concepts Limitations of Packet Crafting and Forging tools Scapy overview and usage details Sniff, Filter and Re-send packets with Scapy Advance Scapy options Protocol Security Testing o Ether, ARP, ICMP, IP, TCP, UDP o NTP, DNS, SNMP o IPv6, SSL

Web Application Security with Burp Suite Level # Intermediate Objective: This course provides in-depth working and features of Burp Suite for Web Application Security Testing Audience: Security Enthusiastic & Professionals, Software Engineers Pre-Requisites: Basic Web Application concepts About Burp Suite and configuration overview Using Burp Suite o Target, Scope and Proxy o Spider and Discover o Scanner and Intruder o Repeater and Sequencer o Decoder and Comparer Burp Suite Extensions Advance burp Suite Options Ensuring Application Security with TLS/SSL Level # Intermediate Objective: This course provides details on TLS/SSL protocol, Common Attacks and Testing tools and techniques Audience: Software Tester & Developers, Security Enthusiastic & Professionals Pre-Requisites: Basic Networking & Operating System concepts About TLS/SSL protocol, Handshake process Cryptographic Attacks, Improper usage of PKI Testing effective TLS/SSL functionality Decrypting TLS/SSL traffic with Wireshark

Network Packet & Traffic Analysis with WIRESHARK Level # Intermediate Objective: This course provides in-depth working and features of WIRESHARK as Network Sniffing and Traffic Analysis tool Audience: Security Enthusiastic & Professionals, Software Engineers Pre-Requisites: Basic Networking & Operating System concepts Methods & Requirements of Sniffing Network Packets About Wireshark, features and functional overview Capture and Display filters, Protocol dissection Analysing protocol traffic o ARP, ICMP, IP, TCP, UDP o DHCP, DNS, NTP o HTTP, SSL Analysing Common Security Attacks from captured network traffic Breaking Web Software Security Level # Advanced Objective: This course provides in-depth understanding of Web Security flaws and tools and techniques to test them Audience: Security Enthusiastic & Professionals, Software Engineers Pre-Requisites: Basic understanding of Web technologies and application WWW: Then & Now, Architecture Attacking application from all ends o Authentication, Access Controls, Session Management o Front-end & back-end Attacks, Server & Client side attacks o Logs, Storage and Source code Security o Fuzzing, Overflow attacks and much more

Using NESSUS for Vulnerability Scanning Level # Advanced Objective: This course provides in-depth working and features of NESSUS as Vulnerability Scanner, its policy configuration and overview on Nessus Attack Scripting Language. Audience: Security Enthusiastic & Professionals Pre-Requisites: Basic Networking & Operating System concepts About Nessus and Features overview Creating Policy & Interpreting Result Nessus Attack Scripting Language Essential checks for Application Security Level # Advanced Objective: This course provides overview on minimum considerations, checks and test to ensure Security of any product. Audience: Software Testers & Developers, Security Enthusiastic & Professionals Pre-Requisites: Basic Networking & Operating System concepts Operating System & Platform Infrastructure o System Processes, Software and Configuration Management o Logging & Auditing, Authentication, Authorization etc. Locally Implemented protocols o TCP/IP Infrastructure, Stream and Session Management, SNMP etc. Encryption & certificates Forwarding devices: Access Control List, Routers, Bridges etc. Assurance & Process o Design Assumptions, 3 rd party Softwares, Static Analysis etc. Miscellaneous

Threat Modeling for Application Security Level # Advanced Objective: This course provides overview on Threat Model, its design considerations, determining attributes and Analysing identified threats Audience: Security Enthusiastic & Professionals, Software Engineers Pre-Requisites: Basic understanding of different Security Principles, Vulnerabilities and Attack scenarios About threat Model, Goals & Scope Gathering Information about Target Determining attributes or Attack vectors Analysing threats and providing countermeasures Attacking Systems with Metasploit Framework Level # Advanced Objective: This course provides in-depth working and features of METASPLOIT FRAMEWORK, Writing and Porting exploits and its usage in Security testing Audience: Security Enthusiastic & Professionals Pre-Requisites: Basic understanding of different Security Principles, Vulnerabilities and Attack scenarios Metasploit Fundamentals: About exploits, Payloads & Auxiliary Using Payloads and Meterpreter Advance Metasploit usage Writing and Porting exploits to Metasploit Metasploit for Security Testing

Hack2Secure Certified Security Professional Program Audience: Security Enthusiastic & Professionals Duration: 10 Days Security Essentials Penetration Testing & Vulnerability Assessment Using Google Effectively for Security Testing Buffer overflow: Attacks & Countermeasures Using NMAP Effectively Network Packet Crafting with SCAPY Network Packet & Traffic Analysis with Wireshark Using NESSUS for Vulnerability Scanning Attacking Systems with METASPLOIT Framework

Hack2Secure College Training Program Our College training programs are designed especially to help students in getting better visibility in IT industry as an eligible and prospective candidate with domain specific skills. It helps colleges with better branding and positioning in area of IT and Education. The On-Campus Program is strongly focused on transforming any student into a responsible professional. This program is not only limited to technology but also involves Soft skills and other professional tips from our experienced faculty that will keep one stand out of crowd. Our Training and Workshops helps recruiters, be it on-campus or off-campus, to choose a right candidate with domain specific skills and real-time experience in core areas of IT. We minimize efforts required for any employer to up-scale any employee for boarding them live on project work.

College Programs offered Topics Program Details Duration (Hours) Information Security Concepts & Principles 2 1 Information Security 2 Virtualization and Cloud Data Center 3 Storage Network Security Concepts OWASP Top10 Web Security Risk Cloud Security Operating System Security Virtualization Overview Cloud Computing (SaaS, PaaS & IaaS) Datacenter Evolution and Architecture Datacenter over Cloud Storage Classification, Concepts and Protocol overview 4 Networking OSI Model, Protocols & Devices 3 5 Softskills Resume Writing, Interview Handling Skills, Presentation Skills 2 2 2 2 1 2 1 1 2 2

Information Security Awareness Information Security Training Corporate Training Application Security Testing Web Penetration Testing Network Penetration testing Vulnerability Assessment Threat Modeling Security Consultation Contact Us For Information Security Training Programs training@hack2secure.com For Professional Security Services services@hack2secure.com For General Enquiry info@hack2secure.com +91 900 81 78676 +91 900 83 78676 www.hack2secure.com Hack2Secure.India hack2secure

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information