Cyber Security for SDLC

Secure technologies for the Software Development Lifecycle (SDLC). The training program depends on the customer development process and technologies. The most popular topics are:

• Web security: PHP, JavaScript
• Web security: JAVA EE, JavaSript
• Mobile security for Android
• Mobile security for iOS
• Security aspects in NET and C#

Target audience – IT teams, developers, testers, project managers, software architects, business analysts, Information Security Teams, DevOps.

Secure Management aspects of SDLC

Secure management aspects of SDLC. The training program is adapted to the software development methodology. We support “classical” methodologies (e.g. Waterfall-model based) and modern Agile practices (Kanban, Scrum), as well as DevOps.

Target audience – ITIL/ITSM Managers, Project Managers, Engagement Managers, Program Managers, Engineering Managers, Information Security Teams.

Information Security Awareness

Information Security Awareness Training. The training in a popular form explains Information Security threats and precaution measures. It can be customized to the Information Security policies and procedures which are implemented in the Customer enterprise.

Target audience – all employees.

Malware Analysis

Malware analysis. This training covers effective methods of malware samples analysis, identification of infected computers, custom signatures development, and backdoors cleaning. The program can adapt to specific technologies and environments:

• Microsoft Windows
• Linux
• BSD
• MacOS X
• Android
• Java
• .NET
• Malware
• Rootkits
• Web shells

Target audience – Information Security Teams.

Vulnerability Assessment and Penetration Testing

Vulnerability Assessment and Penetration Testing. This training program includes a set of theory and practical tasks for penetration testing and application vulnerability assessment. A wide range of technologies are supported:

• Web Server Vulnerability Check
• Endpoint Vulnerability Check
• Network Infrastructure Vulnerability Check
• Mobile Application Vulnerability Check
• Penetration Testing

Target audience – Information Security Teams.

Data Recovery

Data recovery. The training program gives an essential understanding of theoretical and practical aspects and specifics of data recovery for different kind of technologies. It also includes best practices of Data Recovery (DR) Business Processes for Configuration Management and DevOps Teams.

Target audience – Information Security Teams, Configuration Management Teams, DevOps, Systems, and Database Administration and Support Staff, IT Managers.

Cyber Security Forensics

Information Security Forensics. This training program covers a wide set of theoretical and practical knowledge, practices and tasks for end-point, network, and application forensics. Cyber Security Forensics requires a deeper knowledge of the area than just a checking the files on the hard drive.

Target audience – Information Security Teams.

Anti Fraud Controls

Anti-fraud controls. This training program explains effective measures to build a mature system of internal controls to protect the enterprise from different kinds of fraud, as well as fraud investigation cases. The training is adapted to the business industry of the Customer.

Target audience – Internal Controls, Audit and Information Security Teams.

Reverse Engineering

Reverse engineering. The skill of reverse engineering is a sort of art. The art of understanding how the black box of the application is operating.

• Where is it taking data?
• Where and How the data is stored?
• How is it processed?
• How is the solution integrated?

In many cases, it gives a far better understanding of Application and Information System Vulnerabilities.

Target audience – Information Security Teams, Software Developers, Quality Assurance Specialists.

Information Security Audit

Information Security Audit. Information Security Audit takes a specific and crucial role in the struggle of any organization against cyber threats, risks related to them and identification of potential impacts and weaknesses, and necessary controls over the Information Infrastructure. This training program covers all necessary topics for conducting effective Information Security Audit.

Target audience – Internal Controls, Audits, and Information Security Teams.

Blockchain

Blockchain. Blockchain incorporated the best approaches in cybersecurity. It added the TRUST of distributed control over every operation. For now, Blockchain is the hardest technology to hack down. This training gives an essential knowledge of Blockchain, Bitcoin, their common and different parts, practical application, cryptocurrencies, their types, specifics of smart-contracts and mining.

Target audience – Management, Software Development, DevOps, Quality Assurance and Information Security teams.