A 2-to-3 days training

Cybersecurity Training

This 2-3 days seminar is designed for developers, testers, QA, project managers, database admins, system and network administrators.

Set up your trainingView Agenda

The cybersecurity training covers areas that help IT professionals understand more detailed aspects of the weaknesses, attacks, and defenses used to attack or protect critical infrastructure.

Here’s what your team will get

Customized training for your exact needs

This training is full of real-life examples, findings from studies and practical approaches your team will find useful to know in order to protect their code and applications.

Get familiar with cybersecurity

They will learn about the methods and tools used by malicious attackers to target IT systems (networks, servers, websites)

Gain essential know-how

Have high level overview of the steps needed to prevent, detect and mitigate cyber threats.

A deeper understanding of cybersecurity

Give a starting point for sysadmins, web developers and testers in addressing security within the projects they are involved in moving forward.

Full slides and additional resources

After the seminar they will get access to all the slides presented. They will also get some extra resources: materials and tools to put your knowledge into practice.

Ask the expert

During the training, they will be able to ask questions from our security expert with over 10 years of experience in the field of security.

Meet the Trainer

Tudor Damian Cybersecurity Awareness seminar

Tudor Damian
Microsoft Cloud and Datacenter Management MVP
Certified Ethical Hacker

CEH certification - Cybersecurity Awareness Seminar
Microsoft MVP certification - Cybersecurity Awareness Seminar

As an IT consultant with more than 10 years of experience in managing complex IT infrastructures, Tudor is a Certified Ethical Hacker, a Microsoft Cloud and Datacenter Management MVP and a technical speaker at local and regional community events.

He often talks about the latest technologies and trends with themes including cloud and hybrid networking & security, virtualization technologies, social engineering and information security awareness, web application security, white-hat hacking and penetration testing techniques.

Testimonials

Well organized materials, a perfect introduction to security.

Gabriel Musteata

PHP TeamLeader

In my position working on pre-sales and projects specifications I came across clients and security requests every day and the general knowledge from here will be very helpful.

Dan Tudorache

Technical Consultant

I think this is a course that should be consider by all developers and IT specialists.

Iulia Chitan

Ruby developer

Agenda

Z

Security landscape overview:

Industry trends, the “Browser Wars”, relevant information sources and keeping up-to-date

Z

The need for Security Analysis:

Industry Trends, Security Testing Methodologies (OSSTMM), Planning and Scheduling

Z

Foundations of Security:

Footprinting, Reconnaissance, Scanning, Enumeration, Sniffing, System Hacking, Trojans/Viruses/Worms, Cryptography, Denial of Service, Hacking Wireless Networks, Social Engineering, Cloud Security

Z

MITRE Overview:

CVE & CVSS, CWE & CWSS, CAPEC, OVAL, MAEC, OASIS

Z

SANS CWE Top 25

Z

OWASP Mobile & IoT Top 10 Overview

Z

Attack Detection and Mitigation:

Mitigation Techniques specific to OWASP Top 10 (A1-A10), Developing Secure Code, Static Code Analysis, Security Reviews, SDLC & Microsoft SDL

Z

Vulnerability Assessments & Tools:

OWASP ASVS, White / Grey / Black-box Pentesting, Risk Assessments and Risk Management

Z

Other Noteworthy Vulnerabilities:

Denial of Service, Malicious File Execution, Information Leakage and Improper Error Handling, Insufficient Anti-Automation, Clickjacking, Concurrency Flaws, Lack of Intrusion Detection and Response, etc.

Z

Attacking Web Servers & Web Applications:

Footprinting the Web Infrastructure, Defense in Depth, Attacking Web Servers, Analyzing Web Applications, Authentication Mechanisms, Authorization Schemes, Session Management, Injection Attacks, Man-in-the-Middle Attacks, Data Connectivity, Web App Clients, Web Services

Z

OWASP Web Top 10:

Injection (A1), Broken Authentication and Session Management (A2), XSS/Cross-Site Scripting(A3), Insecure Direct Object References (A4), Security Misconfiguration (A5), Sensitive Data Exposure (A6), Missing Function Level Access Control (A7), CSRF/Cross-Site Request Forgery (A8), Using Known Vulnerable Components (A9), Unvalidated Redirects and Forwards (A10)

Z

Other Noteworthy Vulnerabilities:

Denial of Service, Malicious File Execution, Information Leakage and Improper Error Handling, Insufficient Anti-Automation, Clickjacking, Concurrency Flaws, Lack of Intrusion Detection and Response, etc.

Who is this cybersecurity training for?

This cyber security training is indispensable for all IT professionals.

$

Project managers

$

Team leaders

$

Developers

$

Testers

$

QA

$

Database admins

$

System & network administrators

This cyber security training will help them learn critical techniques necessary to defend against network attacks, cyber security breaches, as well as ways to protect their technology or solution through cryptography, intrusion detection and more.

Why should your company care about cybersecurity training?

Recent IT security studies show that it takes 200 days on average to detect a security breach, and another 80 days to recover from it.

Mastering a set of techniques necessary to defend against network attacks, cybersecurity breaches, as well as ways to protect their technology or solution through cryptography, intrusion detection and other vulnerabilities is essential for every business.

Essential Topics Covered

Everything you need for a solid foundation on cybersecurity

This cybersecurity training helps people in the IT field get familiar with many aspects of IT security. We start by looking at the current security trends in the industry, then go through a high-level overview of testing methodologies like the OSSTMM (Open Source Security Testing Methodology Manual).

$

During the 2-3 days of the course, we will cover the most important aspects of security. These includes Footprinting, Reconnaissance, Scanning, Enumeration, Sniffing, System Hacking, Trojans/Viruses/Worms, Cryptography, Denial of Service, Hacking Wireless Networks, Social Engineering, Cloud Security.

We’ll also address the MITRE CWE/CWSS and CVE/CVSS lists and rating methods for weaknesses and vulnerabilities.

$

We also discuss other noteworthy vulnerabilities (Denial of Service, Malicious File Execution, Information Leakage and Improper Error Handling, Insufficient Anti-Automation, Clickjacking, Concurrency Flaws, Lack of Intrusion Detection and Response, etc.)

$

A good deal of the content will then focus on methods of attacking web servers and web applications (Footprinting the Web Infrastructure, Defense in Depth, Attacking Web Servers, Analyzing Web Applications, Authentication Mechanisms, Authorization Schemes, Session Management, Injection Attacks, Man-in-the-Middle Attacks, Data Connectivity, Web App Clients, Web Services), as well as OWASP Top 10 (Web, IoT and Mobile) and the SANS CWE Top 25.

$

The last part of the seminar covers both vulnerability assessments and tools (OWASP ASVS, OWASP Testing Guide & Code Review Guide, White/Grey/Black-box Pentesting, Risk Assessments and Risk Management), as well as attack detection and mitigation techniques.

This will help you get a good overview of IT Security in general and Web Security in particular.

Testimonials

It achieved what I was hoping it would: give a great introduction into the fantastic world of cyber-security. Now I know, in the context of security, what questions to ask and where to look for the answers.

Radu Murzea

Backend PHP Developer

In my position working on pre-sales and projects specifications I came across clients and security requests every day and the general knowledge from here will be very helpful.

Dan Tudorache

Technical Consultant

I think this is a course that should be consider by all developers and IT specialists.

Iulia Chitan

Ruby developer

Prerequisites

The participants should have a basic level understanding of IT and web technologies, such as network, servers, databases and web application functionality.

Defend against attacks and protect your business

Maximize your company investment by building the best-customized training that meets the professional development needs of your team.

Get exclusive offers and the latest updates on our upcoming events

You have Successfully Subscribed!

Pin It on Pinterest