35 Courses in Cardiff delivered Live Online

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge. Overview Students who attend Attacking and Securing Java Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our engaging instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on Java / JEE security training that offers a unique look at Java application security. Beginning with penetration testing and hunting for bugs in Java web applications, you embrace best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, allowing you to experience the mechanics of how to secure JEE web applications in the most practical of terms. Bug Hunting Foundation Why Hunt Bugs? Safe and Appropriate Bug Hunting/Hacking Scanning Web Applications Scanning Applications Overview Moving Forward from Hunting Bugs Removing Bugs Foundation for Securing Applications Principles of Information Security Bug Stomping 101 Unvalidated Data Broken Authentication Sensitive Data Exposure XML External Entities (XXE) Broken Access Control Bug Stomping 102 Security Misconfiguration Cross Site Scripting (XSS) Deserialization/Vulnerable Components Insufficient Logging and Monitoring Spoofing, CSRF, and Redirects Moving Forward with Application Security Applications: What Next? Making Application Security Real

Duration 2 Days 12 CPD hours This course is intended for Application developers who want to increase their understanding of Spring Security with hands-on experience and build secure Spring and Spring Boot applications. Overview By the end of the course, you should be able to meet the following objectives: Use Spring Security in Spring and Spring Boot applications Configure the Spring Security filter chain Protect HTTP endpoints with expression-based access control and the AuthorizationManager API Protect method execution Use different authentication mechanisms Handle passwords in an efficient way Integrate Spring Security with Junit 5 and MockMVC to test HTTP and method security Protect against common vulnerabilities and threats Understand what OAuth2 is Use and configure the Spring Authorization Server Implement a resource server and client This 2-day course offers hands-on experience with the major features of Spring Security, which includes configuration, authentication, authorization, password handling, testing, protecting against security threats, and the OAuth2 support to secure applications. On completion, participants will have a foundation for securing enterprise and microservices applications. Security Introduction Need for security Basic security concepts Common security vulnerabilities Spring Security Basics Introduction to Spring Security High-level architecture Overview of SecurityContext Spring Security with Spring Boot Customizing Authentication Building blocks for authentication Authentication mechanisms based on user name and password Other authentication mechanisms Authentication events Securing Web Applications Configuring authorization Using AccessDecisionsManager for authorization Using AuthorizationManager for authorization Bypassing security Method Security Method security architecture Declarative method security with annotations Security Testing Spring Security Testing Support Security mock annotations and meta-annotations Using MockMvc to test security Handling Passwords Password hashing Upgrading passwords (Optional) Protecting Against Common Vulnerabilities Hardening web applications with security headers Preventing cross-site request forgery Encrypting data in transit OAuth5 and OIDC Concepts Need for OAuth Overview of OAuth5 and OIDC OAuth5 grant types Types of tokens Spring Security OAuth5 support and OAuth5 login Spring Authorization Server Introduction to Authorization Server Spring Authorization Server endpoints Spring Authorization Server configuration Protecting and accessing resources with OAuth5 Resource server Using JWT tokens Using opaque tokens Configuring an OAuth5 client Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware Spring Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware Spring Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for The primary audience for this course is as follows:Anyone interested in knowing about DNA Center and SD-AccessPersonnel involved in SD-Access Design and ImplementationNetwork Operations team with SD-Access solutionNetwork admin staff that deal with User AccessChannel Partner SEs and other sales supportNetwork Access Control administrationNetwork AdministratorsNetwork ArchitectsNetwork Engineers Overview Upon completing this course, the learner will be able to meet these overall objectives:Know and understand Cisco?s SD-Access concepts, features, benefits, terminology and the way this approach innovates common administrative tasks on today?s networks.Differentiate and explain each of the building blocks of SD-Access SolutionExplain the concept of ?Fabric? and the different node types that conform it (Fabric Edge Nodes, Control Plane Nodes, Border Nodes)Describe the role of LISP in Control Plane and VXLAN in Data Plane for SD-Access SolutionUnderstand the role of DNA Center as solution orchestrator and Intelligent GUIBe familiar with workflow approach in DNA Center and its 4 Steps: Design, Policy, Provision and Assurance DNA Center and SD-Access offer Cisco?s next-generation programmable digital network to help automate common network access security features and streamline the redundant, complex configuration required to allow different groups of users access to the network infrastructure. This network security training course allows network administrators to quickly allow differentiated access for end users on the network while allowing the network to react automatically to day zero and other types of attacks. Introduction to Cisco?s Software Defined Access (SD-Access) SD-Access Overview SD-Access Benefits SD-Access Key Concepts SD-Access Main Components SD-Access Campus Fabric The concept of Fabric Node types Fabric Edge Nodes Control Plane Nodes Border Nodes LISP as protocol for Control Plane VXLAN as protocol for Data Plane Concept of Virtual Network Fabric-enabled WLAN DNA Center and Workflow for SD-Access Introduction to DNA Center Workflow for SD-Access in DNA Center Integration with Cisco ISE for Policy Enforcement Integration with Cisco NDP for Analytics and Assurance Relationship with APIC-EM controller DNA Center Workflow First Step - Design Creating Enterprise and Sites Hierarchy Discuss and Demonstrate General Network Settings Loading maps into the GUI IP Address Administration Administering Software Images Network Device Profiles DNA Center Workflow Second Step - Policy 2-level Hierarchy Policy Types ISE Integration with DNA Center Cross Domain Policies DNA Center Workflow Third Step - Provision Devices Onboarding Fabric Domains Adding Nodes DNA Center Workflow Fourth Step ? Assurance Introduction to Analytics NDP Fundamentals Overview of DNA Assurance Components of DNA Assurance DNA Center Assurance Dashboard Implementing WLAN in SD-Access Solution WLAN Integration Strategies in SD-Access Fabric SD-Access Wireless Architecture Sample Design for SD-Access Wireless Campus Fabric External Connectivity for SD-Access Enterprise Sample Topology for SD-Access Role of Border Nodes Types of Border Nodes Single Border vs. Multiple Border Designs Collocated Border and Control Plane Nodes Distributed (separated) Border and Control Plane Nodes

Duration 3 Days 18 CPD hours This course is intended for Blockchain Architects Blockchain DevelopersApplication Developers Blockchain System AdministratorsNetwork Security Architects Cyber Security ExpertsIT Professionals w/cyber security experience Overview Those who attend the Security for Blockchain Professionals course and pass the exam certification will have a demonstrated knowledge of:Identifying and differentiating between security threats and attacks on a Blockchain network.Blockchain security methods, best practices, risk mitigation, and more.All known (to date) cyber-attack vectors on the Blockchain.Performing Blockchain network security risk analysis.A complete understanding of Blockchain?s inherent security features and risks.An excellent knowledge of best security practices for Blockchain System/Network Administrators.Demonstrating appropriate Blockchain data safeguarding techniques. This course covers all known aspects of Blockchain security that exist in the Blockchain environment today and provides a detailed overview of all Blockchain security issues, including threats, risk mitigation, node security integrity, confidentiality, best security practices, advanced Blockchain security and more. Fundamental Blockchain Security Cryptography for the Blockchain Hash Functions Public Key Cryptography Elliptic Curve Cryptography A Brief Introduction to Blockchain The Blocks The Chains The Network Promises of the Blockchain Blockchain Security Assumptions Digital Signature Security Hash Function Security Limitations of Basic Blockchain Security Public Key Cryptography Review Real-Life Public Key Protection Cryptography and Quantum Computers Lab 1 (Tentative) Finding Hash Function Collisions Reversible hash function Hash function with poor non-locality Hash function with small search space Breaking Public Key Cryptography Brute Forcing a Short Private Key Brute Forcing a Poorly-Chosen Private Key Consensus in the Blockchain Blockchain Consensus and Byzantine Generals Blockchain Networking Review Byzantine Generals Problem Relation to Blockchain Byzantine Fault Tolerance Introduction to Blockchain Consensus Security Blockchain Consensus Breakthrough Proof of Work What is Proof of Work? How does Proof of Work Solve BGP? Proof of Work Security Assumptions Attacking Proof of Work Proof of Stake What is Proof of Stake? How does Proof of Stake Solve BGP? Proof of Stake Security Assumptions Attacking Proof of Stake General Attacks on Blockchain Consensus Other Blockchain Consensus Algorithms Lab 2 (Tentative) Attacking Proof of Work Performing a 51% Attack Performing a Selfish Mining Attack Attacking Proof of Stake Performing a XX% Attack Performing a Long-Range Attack Malleable Transaction Attacks Advanced Blockchain Security Mechanisms Architectural Security Measures Permissioned Blockchains Checkpointing Advanced Cryptographic Solutions Multiparty Signatures Zero-Knowledge Proofs Stealth Addresses Ring Signatures Confidential Transactions Lab 3 (Tentative) Permissioned Blockchains 51% on a Checkpointed Blockchain Data mining on a blockchain with/without stealth addresses Zero-Knowledge Proof Simulation Trying to fake knowledge of a ZKP Module 4: Blockchain for Business Introduction to Ethereum Security What is Ethereum Consensus in Ethereum Smart Contracts in Ethereum Ethereum Security Pros and Cons of Ethereum Blockchains Introduction to Hyperledger Security What is Hyperledger Consensus in Hyperledger Smart Contracts in Hyperledger Hyperledger Security Pros and Cons of Hyperledger Blockchains Introduction to Corda Security What is Corda Consensus in Corda Smart Contracts in Corda Corda Security Pros and Cons of Corda Blockchains Lab 4 Blockchain Risk Assessment What are the Risks of the Blockchain? Information Security Information Sensitivity Data being placed on blockchain Risks of disclosure Regulatory Requirements Data encryption Data control PII protection Blockchain Architectural Design Public and Private Blockchains Open and Permissioned Blockchains Choosing a Blockchain Architecture Lab 5 Exploring public/private open/permissioned blockchains? Basic Blockchain Security Blockchain Architecture User Security Protecting Private Keys Malware Update Node Security Configuring MSPs Network Security Lab 6 (TBD) Smart Contract Security Introduction to Smart Contracts Smart Contract Security Considerations Turing-Complete Lifetime External Software Smart Contract Code Auditing Difficulties Techniques Tools Lab 7 (Tentative) Try a couple of smart contract code auditing tool against different contracts with built-in vulnerabilities Module 8: Security Implementing Business Blockchains Ethereum Best Practices Hyperledger Best Practices Corda Best Practices Lab 8 Network-Level Vulnerabilities and Attacks Introduction to Blockchain Network Attacks 51% Attacks Denial of Service Attacks Eclipse Attacks Routing Attacks Sybil Attacks Lab 9 Perform different network-level attacks System-Level Vulnerabilities and Attacks Introduction to Blockchain System Vulnerabilities The Bitcoin Hack The Verge Hack The EOS Vulnerability Lab 10 Smart Contract Vulnerabilities and Attacks Introduction to Common Smart Contract Vulnerabilities Reentrancy Access Control Arithmetic Unchecked Return Values Denial of Service Bad Randomness Race Conditions Timestamp Dependence Short Addresses Lab 11 Exploiting vulnerable smart contracts Security of Alternative DLT Architectures What Are Alternative DLT Architectures? Introduction to Directed Acyclic Graphs (DAGs) DAGs vs. Blockchains Advantages of DAGs DAG Vulnerabilities and Security Lab 12 Exploring a DAG network

Duration 4 Days 24 CPD hours This course is intended for This course benefits individuals responsible for implementing, monitoring, and troubleshooting Juniper security components. Overview After successfully completing this course, you should be able to: Demonstrate understanding of concepts covered in the prerequisite Juniper Security courses. Describe the various forms of security supported by the Junos OS. Describe the Juniper Connected Security model. Describe Junos security handling at Layer 2 versus Layer 3. Implement next generation Layer 2 security features. Demonstrate understanding of Logical Systems (LSYS). Demonstrate understanding of Tenant Systems (TSYS). Implement virtual routing instances in a security setting. Describe and configure route sharing between routing instances using logical tunnel interfaces. Describe and discuss Juniper ATP and its function in the network. Describe and implement Juniper Connected Security with Policy Enforcer in a network. Describe firewall filters use on a security device. Implement firewall filters to route traffic. Explain how to troubleshoot zone problems. Describe the tools available to troubleshoot SRX Series devices. Describe and implement IPsec VPN in a hub-and-spoke model. Describe the PKI infrastructure. Implement certificates to build an ADVPN network. Describe using NAT, CoS and routing protocols over IPsec VPNs. Implement NAT and routing protocols over an IPsec VPN. Describe the logs and troubleshooting methodologies to fix IPsec VPNs. Implement working IPsec VPNs when given configuration that are broken. Describe Incident Reporting with Juniper ATP On-Prem device. Configure mitigation response to prevent spread of malware. Explain SecIntel uses and when to use them. Describe the systems that work with SecIntel. Describe and implement advanced NAT options on the SRX Series devices. Explain DNS doctoring and when to use it. Describe NAT troubleshooting logs and techniques. This four-day course, designed to build off the current Juniper Security (JSEC) offering, delves deeper into Junos security, next-generation security features, and ATP supporting software. Chapter 1: Course Introduction Course Introduction Chapter 2: Junos Layer 2 Packet Handling and Security Features Transparent Mode Security Secure Wire Layer 2 Next Generation Ethernet Switching MACsec Lab 1: Implementing Layer 2 Security Chapter 3: Firewall Filters Using Firewall Filters to Troubleshoot Routing Instances Filter-Based Forwarding Lab 2: Implementing Firewall Filters Chapter 4: Troubleshooting Zones and Policies General Troubleshooting for Junos Devices Troubleshooting Tools Troubleshooting Zones and Policies Zone and Policy Case Studies Lab 3: Troubleshooting Zones and Policies Chapter 5: Hub-and-Spoke VPN Overview Configuration and Monitoring Lab 4: Implementing Hub-and-Spoke VPNs Chapter 6: Advanced NAT Configuring Persistent NAT Demonstrate DNS doctoring Configure IPv6 NAT operations Troubleshooting NAT Lab 5: Implementing Advanced NAT Features Chapter 7: Logical and Tenant Systems Overview Administrative Roles Differences Between LSYS and TSYS Configuring LSYS Configuring TSYS Lab 6: Implementing TSYS Chapter 8: PKI and ADVPNs PKI Overview PKI Configuration ADVPN Overview ADVPN Configuration and Monitoring Lab 7: Implementing ADVPNs Chapter 9: Advanced IPsec NAT with IPsec Class of Service with IPsec Best Practices Routing OSPF over VPNs Lab 8: Implementing Advanced IPsec Solutions Chapter 10: Troubleshooting IPsec IPsec Troubleshooting Overview Troubleshooting IKE Phase 1 and 2 IPsec Logging IPsec Case Studies Lab 9: Troubleshooting IPsec Chapter 11: Juniper Connected Security Security Models Enforcement on Every Network Device Chapter 12: SecIntel Security Feed Encrypted Traffic Analysis Use Cases for SecIntel Lab 10: Implementing SecIntel Chapter 13:Advanced Juniper ATP On-Prem Collectors Private Mode Incident Response Deployment Models Lab 11: Implementing Advanced ATP On-Prem Chapter 14: Automated Threat Mitigation Identify and Mitigate Malware Threats Automate Security Mitigation Lab 12: Identifying and Mitigation of Threats Additional course details: Nexus Humans AJSEC - Advanced Junos Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AJSEC - Advanced Junos Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for The primary audiences for this course are the following: • Operators of Juniper Networks security solutions, including network engineers, administrators, support personnel, and resellers. Overview After successfully completing this course, you should be able to: Identify security challenges in today's networks. Identify products that are incorporated into the Juniper Connected Security solution. Explain the value of implementing security solutions. Explain how Juniper Connected Security solves the cyber security challenges of the future. Explain SRX Series session management. Explain Junos ALG functions and when to use them. Describe policy logging on the SRX series device. Explain security policy scheduling. Describe application security theory. Explain application signature usage in AppID. Describe the AppTrack service. Describe the AppFW service. Describe the AppQoS service. Configure security policies using the AppSecure suite of services. Explain unified security policies. Describe IPS signatures. Configure an IPS policy using pre-defined templates. Describe how to update the IPS attack object database. Describe IPS rules and rule bases. Configure custom attack objects. Describe Junos Space and Security Director. Configure policy management using Security Director. Describe Security Director objects. Explain the different licensing options for Sky ATP List Sky ATP's features and benefits. Configure Sky ATP profiles and enroll an SRX Series device. Configure file scanning on Sky ATP. Configure Sky ATP to scan email Configure GeoIP on Sky ATP. Describe the JATP features and benefits List the JATP device options. Explain the JATP architecture. List 3rd party support options for JATP. Explain JATP SmartCore analytics processes. Describe Policy Enforcer configuration options. Describe Policy Enforcer integration with Sky ATP. Configure Policy Enforcer to block lateral malware movement. Explain Juniper Secure Analytics features and benefits. Describe JSA log collection. Describe JSA network flow collection. Describe the JSA Offense Management workspace. Explain the JSA Risk Manager features. Configure JSA to collect network and log collection. Explain the features of JIMS. Describe JIMS integration into the current AD network. Describe the Sky Enterprise service and how it can save resources. Explain the Sky Enterprise monitoring service. Explain the vSRX Series device benefits. Describe use cases for the vSRX. Explain the cSRX Series device benefits. Describe use cases for the cSRX. Describe SSL Proxy Concepts. Explain Forward and Reverse Proxy and the limitations of each. Configure both Forward and Reverse Proxy. This five-day course uses the Junos J-Web, CLI, Junos Space, and other user interfaces to introduce students to the concept of Juniper Connected Security. Chapter 1: Course Introduction Course Introduction Chapter 2: CLI Overview User Interface Options Command-Line Interface Initial Configuration Interface Configuration Lab 1: CLI Overview Chapter 3: Advanced Security Policy Session Management Junos ALGs Policy Scheduling Policy Logging Lab 2: Advanced Security Policy Chapter 4: Application Security Theory Application ID Application Signatures App Track App Firewall App QoS App QoE Chapter 5: Application Security Implementation AppTrack Implementation AppFW Implementation AppQos Implementation APBR Implementation Lab 3: Application Security Chapter 6: Intrusion Detection and Prevention IPS Overview IPS Policy Attack Objects IPS Configuration IPS Monitoring Lab 4: Implementing IPS Chapter 7: Security Director Overview Security Director Objects Security Director Policy Management Lab 5: Security Director Chapter 8: Sky ATP Implementation Architecture and Key Components Features and Benefits Configuration Compromised Hosts Command and Control File Scanning E-mail Scanning Geo IP Security Policy Integration Troubleshooting Lab 6: Sky ATP Implementation Chapter 9: Policy Enforcer Policy Enforcer Concepts Configuration Options Policy Enforcer Installation Lab 7: Policy Enforcer Chapter 10: JATP Overview Traffic Inspection Threat Detection Threat Analysis JATP Architecture Chapter 11: JATP Implementation Data Collectors Configure SmartCore Analytics Engine Log Ingestion Incident Management SRX Threat Prevention 3rd Party support for Threat Prevention Reporting Lab 8: JATP Chapter 12: Juniper Secure Analytics (JSA) JSA Overview Data Collection Log Analytics Threat Analytics Vulnerability Management Risk Management Lab 9: JSA Chapter 13: JIMS JIMS Overview JIMS Integration Lab 10: JIMS Chapter 14: vSRX and cSRX vSRX Overview vSRX Supported Features vSRX Use Cases cSRX Overview Lab 11: vSRX Installation Chapter 15: SSL Proxy SSL Proxy Overview SSL Concepts SSL Proxy Configurations Troubleshooting Lab 12: SSL Proxy Chapter 16: Cluster Concepts Chassis Cluster Concepts Chassis Cluster Operation Chapter 17: Chassis Cluster Implementation Chassis Cluster Configuration Chassis Cluster Advanced Options Lab 13: Chassis Cluster Implementation Chapter 18: Chassis Cluster Troubleshooting Chassis Cluster Case Studies Troubleshooting Examples Lab 14: Chassis Cluster Troubleshooting Additional course details: Nexus Humans JSEC - Junos Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the JSEC - Junos Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 3 Days 18 CPD hours This course is intended for Experienced system administrators or network administrators and security professionals Overview By the end of the course, you should be able to meet the following objectives: Describe NSX Advanced Load Balancer architecture Describe the NSX Advanced Load Balancer components and main functions Explain the NSX Advanced Load Balancer key features and benefits Describe NSX Advanced Load Balancer Web Application Firewall architecture Describe the NSX Advanced Load Balancer Web Application Firewall components and main functions Explain the NSX Advanced Load Balancer Web Application Firewall key features and benefits Explain and configure Local Load Balancing constructors such as Virtual Services, Pools, Health Monitors and related components Understand and modify application behavior leveraging Profiles, Policies and DataScripts Configure and customize the NSX Advanced Load Balancer Web Application Firewall Describe and leverage NSX Advanced Load Balancer REST API interfaces and related automation capabilities Describe and configure NSX Advanced Load Balancer Web Application Firewall application and infrastructure monitoring Gather relevant information and perform basic troubleshooting of Web Application Firewall applications leveraging built-in NSX Advanced Load Balancer tooling This three-day course provides comprehensive training on how to configure, maintain and troubleshoot the Web Application Firewall component of the VMware NSX Advanced Load Balancer (Avi Networks) solution as well as provide an understanding of additional security related functionality. This course covers key NSX Advanced Load Balancer (Avi Networks) Web Application Firewall features and functionality offered in the NSX Advanced Load Balancer 18.2 release, including the overall infrastructure, virtual services and application components as well as application troubleshooting and solution monitoring. Access to a software-defined data center environment is provided through hands-on labs to reinforce the skills and concepts presented in the course. Course Introduction Introductions and course logistics Course objectives Introduction to NSX Advanced Load Balancer Introduce NSX Advanced Load Balancer Discuss NSX Advanced Load Balancer use cases and benefits Explain NSX Advanced Load Balancer architecture and components Explain the management, control, data, and consumption planes and their respective functions Introduction to NSX ALB Web Application Firewall Introduce the NSX Advanced Load Balancer Web Application Firewall Discuss NSX Advanced Load Balancer Web Application Firewall use cases and benefits Virtual Services Configuration Concepts Explain Virtual Service components Explain Virtual Service types Explain and configure basic virtual services components such as Application Profiles, Network Profiles, Pools and Health Monitors Attacking and Defending Web Applications Introduce the processes and methodologies used when attacking and defending web applications Introduce the tools used to attack web applications Explain with examples terminology such as Reflected XSS and SQL injection Profiles and Policies Explain and deep dive on Advanced Virtual Service creation Explain and deep dive on Application Profiles and Types such as L4, DNS, Syslog and HTTP Explain and configure advanced application HTTP Profile options Deep dive on Network Profiles and Types Explain and configure SSL Profiles and Certificates Explain and Configure HTTP and DNS policies DDOS Protection Introduce the NSX Advanced Load Balancer rate limiting functionality Explain the NSX Advanced Load Balancer rate limiting functionality Hands on examples of rate limiting in action Customizing Application Delivery with Datascripts Introduce the concept of datascripts to manipulate data Explain the various components and inspection points IWAF Deep Dive Describe the building blocks of the iWAF implementation Explain the various iWAF components Introduce both Positive and Negative security models Explain the iWAF Policies, profiles and rule sets IWAF Core Rule Set Explain the history and rationale of the core rule set Describe the NSX ALB (Avi) Core Rule Set IWAF Custom Rules Describe the power and complexity available via custom rules Explain the rule language Implement various use cases Explain common errors and possible solutions IWAF Operations Describe the iWAF application onboarding process Tuning the iWAF policies Working with iWAF logs and analytics Explaining false positive mitigation tactics IWAF Best Practices Provide guidance on how to get the best results Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware NSX Advanced Load Balancer: Web Application Firewall Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware NSX Advanced Load Balancer: Web Application Firewall Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for Security IT business-level professionals interested in cloud security practices Security professionals with minimal to no working knowledge of AWS Overview Assimilate Identify security benefits and responsibilities of using the AWS Cloud Describe the access control and management features of AWS Explain the available methods for providing encryption of data in transit and data at rest when storing your data in AWS. Describe how to secure network access to your AWS resources Determine which AWS services can be used for monitoring and incident response This course covers fundamental AWS cloud security concepts, including AWS access control, data encryption methods, and how network access to your AWS infrastructure can be secured. Based on the AWS Shared Security Model, you learn where you are responsible for implementing security in the AWS Cloud and what security-oriented services are available to you and why and how the security services can help meet the security needs of your organization. Prerequisites Working knowledge of IT security practices and infrastructure concepts, familiarity with cloud computing concepts 1 - Security on AWS Security design principles in the AWS Cloud AWS Shared Responsibility Model 2 - Security OF the Cloud AWS Global Infrastructure Data center security Compliance and governance 3 - Security IN the Cloud ? Part 1 Identity and access management Data protection essentials Lab 01 ? Introduction to security policies 4 - Security IN the Cloud ? Part 2 Securing your infrastructure Monitoring and detective controls Lab 02 ? Securing VPC resources with Security Groups 5 - Security IN the Cloud ? Part 3 DDoS mitigation Incident response essentials Lab 03 ? Remediating issues with AWS Config Conformance Packs 6 - Course Wrap Up AWS Well-Architected tool overview Next Steps Additional course details: Nexus Humans AWS Security Essentials training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AWS Security Essentials course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Implementers and administrators who are new to IBM Spectrum Protect data management. Overview At the end of this course you should be able to: Describe the purpose of IBM Spectrum Protect Install and configure the IBM Spectrum Protect components Use the administrative and client interfaces Discuss storage methodology options and create storage pool Customize data movement and retention policies to meet business requirements Configure the IBM Spectrum Protect database and storage pools for protection Optimize client configuration Perform backup, restore, archive and retrieve operations Organize daily tasks required to protect the IBM Spectrum Protect environment Automate and monitor client and administrative tasks and events IBM Spectrum© Protect 8.1.6 is a data backup and recovery solution designed to help you manage your data retention, reduce the cost of storage, and provide appropriate recovery point objectives to meet any service level agreement. IBM Spectrum© Protect offers improved efficiency and flexibility using object-based data management and policy driven retention.This course will focus on implementation and basic administration of a IBM Spectrum© Protect environment. The hands-on lab exercises are performed on a Windows 2012 environment. The course materials include examples of AIX and Linux commands, when different from Windows. Components and conceptsInstallation and configurationInterfaces and monitoringStorage pools and devicesPolicy management, data movement, and explorationDatabase and storage pool managementClient configuration and managementClient data protectionDaily operations and maintenanceSchedules and reports Additional course details: Nexus Humans TS617 IBM Spectrum Protect - Implementation and Administration (v8.1.6) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the TS617 IBM Spectrum Protect - Implementation and Administration (v8.1.6) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 0.5 Days 3 CPD hours This course is intended for Security EngineersNetwork Engineers Overview This course is intended to provide a top-level overview of Palo Alto Networks© Traps? Endpoint protection product. Upon completion of the class the student will be able to understand these principles: Explain the core technologies of Traps? and how it differs from traditional signature recognition technologies. Understand the advantages of these technologies over existing solutions. Understand Traps? product architecture and deployment requirements. Installation requirements for Traps? installations. Deploy Exploit Prevention Module defenses to endpoints with Policies. Deploy Malware Protection defenses to endpoints. Provide Application Execution Control in conjunction with WildFire?. Understand deployment strategies and tactics for Workstations, VDI and Server endpoints. Gather and analyze Security Event reports and forensics. Foundation classes are just introductory trainings, NOT a full technical training. Compromise isn?t inevitable, or, at least, it shouldn?t be. Traditional endpoint protection simply cannot keep up with the rapidly evolving threat landscape, leaving organizations vulnerable to advanced attacks. A new approach is needed, one that can rebuild confidence in endpoint security. This new approach needs to prevent advanced attacks originating from executables, data files or network-based exploits ? known and unknown ? before any malicious activity could successfully run. Palo Alto Networks© call this ?advanced endpoint protection.? By focusing on the attacker?s core techniques and putting up barriers to mitigate them, the attacker?s path for exploitation becomes known, even when the attack isn?t. Traps? focuses on the core techniques leveraged by exploits in advanced cyberattacks and renders these techniques ineffective by breaking the exploit sequence and blocking the technique the moment it is attempted. IntroductionThe Traps? technology alternative to endpoint defenseTraps? Exploit and Malware protectionTraps? Product ArchitectureTraps? DeploymentTraps? Exploit Policy ManagementTraps? Malware Protection PoliciesTraps? ForensicsPractical Traps? Implementation considerations Additional course details: Nexus Humans Palo Alto Networks - Foundations of Palo Alto Networks Traps Endpoint protection (EDU-180) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Palo Alto Networks - Foundations of Palo Alto Networks Traps Endpoint protection (EDU-180) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.