Web Application Security for developers – 2 Days Workshop

  • Introduction to web applications
  • Web application architecture
  • Web application development platforms
  • OWASP Top 10 Security Issues
  • Top 20 programming errors
  • Web Application Threat Modelling
  • Secure SDLC covering secure design & coding
  • Security Testing Tools & Techniques
  • Real‐life case studies

Web Application Security for penetration testers – 2 Days Workshop

  • Introduction to web applications
  • Architectures & development platforms
  • OWASP Top 10 Security Issues
  • Web Server Security
  • Penetration Testing Methodology & Approach
  • Rules of Engagement & Legal Agreement
  • Pre‐Penetration Testing Checklist
  • Penetration Testing Tools & Techniques
  • Intensive pen testing lab sessions
  • Reporting and Documentation
  • Real‐life case studies

Securing & Auditing Windows & Unix Systems and Databases – 2 Days Workshop

  • Windows Overview
  • Windows OS Security
  • Windows Users Groups and Passwords
  • Windows Auditing and Logging
  • Protecting Windows Data
  • Unix Basics
  • Unix Services
  • Unix Information Disclosure and Logging
  • Unix Auditing Unauthorized Access
  • Unix Scripting & Unix System Auditing
  • Database essentials
  • SQL and Database Security Auditing
  • Real‐life case studies

Securing & Auditing Perimeter Infrastructure and Networks – 2 Days Workshop

  • Perimeters and Firewall Fundamentals
  • Testing the Firewall Rule‐base
  • Firewall Architecture
  • Preparing for Network Perimeter Audits
  • IDS & IPS architecture & security
  • Routing & Switching Basics & Device Security
  • Network Mapping
  • Router & Switch Management and Access Control
  • Securing Network Services
  • Voice network security
  • Wireless Security
  • Real‐life case studies

Securing & Auditing Perimeter Infrastructure and Networks – 2 Days Workshop

  • Virtualization components and architecture designs
  • Types of virtualization covering application, server, network, desktops & storage
  • Virtual Machine (VM) & Virtual Desktop Infrastructure (VDI)
  • Private cloud security architecture and configuration options
  • Virtual firewalls, Network Access & IDS for virtual environments and private cloud
  • Attacks, exploits and countermeasures specific to virtualization and cloud environments
  • Real‐life case studies

Securing & Auditing Virtualization and Private Cloud – 2 Days Workshop

  • Virtualization components and architecture designs
  • Types of virtualization covering application, server, network, desktops & storage
  • Virtual Machine (VM) & Virtual Desktop Infrastructure (VDI)
  • Private cloud security architecture and configuration options
  • Virtual firewalls, Network Access & IDS for virtual environments and private cloud
  • Attacks, exploits and countermeasures specific to virtualization and cloud environments
  • Real‐life case studies

Malware Analysis Essentials – 2 Days Workshop

  • Introduction to malware issues in information systems
  • Identifying & detecting malware
  • Malware analysis tools & techniques
  • Static Analysis
  • Dynamic Analysis
  • Code Analysis
  • Protecting against Malware
  • Malware incident response plan
  • Real‐life case studies

Computer Emergency Response Essentials – 2 Days Workshop

  • Incident Handling Overview and Preparation
  • Incident handling process
  • Types of Incidents & attack techniques
  • Detecting and analyzing technical vulnerabilities
  • Attack Vectors and Investigation Tools
  • Recovering and Improving Capabilities
  • Root Cause Analysis of incidents
  • Real‐life case studies

Mobile Applications & Device Security – 1 Day Workshop

  • Introduction to Mobile Applications & Devices
  • Mobile Applications development platforms
  • Mobile Applications Security
  • Mobile Operation Systems & Types of Mobile Devices
  • Mobile Device Security
  • Attack Vectors and Countermeasures
  • Assessment Tools & Techniques
  • Real‐life case studies

Secure SDLC Essentials – 1 Day Workshop

  • Importance of Secure SDLC
  • Top 25 programming errors
  • Threat modeling
  • Correlation to the Project Management Frameworks
  • Secure SDLC best practices including;
  • Security Requirements Definition
  • Secure Architecture, Design & Coding
  • Security Testing including tools & techniques
  • Real‐life case studies

IT Risk Assessment & Audit Principles – 1 Day Workshop

  • Defense In Depth and Critical Systems
  • Audit Methodology and Risk Management
  • Auditing Strategies
  • Audit Process Steps
  • Auditing Checklists from Policies and Procedures
  • IT Auditing Standards
  • IT Risk Assessment Methodology & Tools
  • Risk Governance Framework
  • Practical Risk Assessment and Controls
  • Formal reporting and documentation • Real‐life case studies

ISMS Security Implementation Essentials – 1 Day Workshop

  • Understanding ISMS based on ISO 27001 standards
  • ISMS scoping for Statement of Applicability
  • Information Security PDCA lifecycle & policy development
  • Conducting IT Risk Assessment
  • Defining ISO 27001 control objective and controls
  • ISMS project implementation plan
  • Implementation of policies, standards and procedures
  • Completing ISMS documentation requirements
  • Security metrics for control monitoring
phone chat