3084 Development courses in Edinburgh delivered Live Online

Duration 2 Days 12 CPD hours This course is intended for The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as: IT professionals - System administrators, network engineers, and security analysts who are responsible for maintaining and securing IT infrastructure and web applications. Developers - Software engineers and web developers who design, implement, and maintain web applications, and need to integrate security best practices throughout the development process. Project teams - Cross-functional teams that collaborate on application development projects, including members from development, testing, and deployment teams. Technical leads - Senior software engineers or architects who oversee technical aspects of projects and ensure the implementation of secure design and coding practices. Project managers - Professionals responsible for planning, executing, and closing projects, ensuring that security requirements are met throughout the project lifecycle. Overview Working in an interactive learning environment, guided by our application security expert, you'll explore: The concepts and terminology behind defensive coding Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets The entire spectrum of threats and attacks that take place against software applications in today's world The role that static code reviews and dynamic application testing to uncover vulnerabilities in applications The vulnerabilities of programming languages as well as how to harden installations The basics of Cryptography and Encryption and where they fit in the overall security picture The requirements and best practices for program management as specified in the STIGS The processes and measures associated with the Secure Software Development (SSD) The basics of security testing and planning Understand the concepts and terminology behind defensive coding Understand Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets Learn the entire spectrum of threats and attacks that take place against software applications in today's world Discuss the role that static code reviews and dynamic application testing to uncover vulnerabilities in applications Understand the vulnerabilities of programming language as well as how to harden installations Understand the basics of Cryptography and Encryption and where they fit in the overall security picture Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena Understand the requirements and best practices for program management as specified in the STIGS Understand the processes and measures associated with the Secure Software Development (SSD) Understand the basics of security testing and planning The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instrtors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You?ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You?ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges. DISA's Security Technical Implementation Guides (STIGs) The motivations behind STIGs Requirements that the various software development roles must meet Implementing STIG requirements and guidelines Why Hunt Bugs? The Language of CyberSecurity The Changing Cybersecurity Landscape AppSec Dissection of SolarWinds The Human Perimeter Interpreting the 2021 Verizon Data Breach Investigation Report First Axiom in Web Application Security Analysis First Axiom in Addressing ALL Security Concerns Lab: Case Study in Failure Safe and Appropriate Bug Hunting/Hacking Working Ethically Respecting Privacy Bug/Defect Notification Bug Bounty Programs Bug Hunting Mistakes to Avoid Principles of Information Security Secuity Is a Lifecycle Issue Minimize Attack Surface Area Layers of Defense: Tenacious D Compartmentalize Consider All Application States Do NOT Trust the Untrusted Identification and Authentication Failures Applicable STIGs Quality and Protection of Authentication Data Proper hashing of passwords Handling Passwords on Server Side Session Management HttpOnly and Security Headers Lab: STIG Walk-Throughs Injection Applicable STIGs Injection Flaws SQL Injection Attacks Evolve Drill Down on Stored Procedures Other Forms of Server-Side Injection Minimizing Injection Flaws Client-side Injection: XSS Persistent, Reflective, and DOM-Based XSS Best Practices for Untrusted Data Lab: STIG Walk-Throughs Applications: What Next? Common Vulnerabilities and Exposures CWE/SANS Top 25 Most Dangerous SW Errors Strength Training: Project Teams/Developers Strength Training: IT Organizations Cryptographic Failures Applicable STIGs Identifying Protection Needs Evolving Privacy Considerations Options for Protecting Data Transport/Message Level Security Weak Cryptographic Processing Keys and Key Management Threats of Quantum Computing Steal Now, Crack Later Threat Lab: STIG Walk-Throughs Application Security and Development Checklists Checklist Overview, Conventions, and Best Practices Leveraging Common AppSec Practices and Control Actionable Application Security Additional Tools for the Toolbox Strength Training: Project Teams/Developers Strength Training: IT Organizations Lab: Recent Incidents SDL Overview Attack Phases: Offensive Actions and Defensive Controls Secure Software Development Processes Shifting Left Actionable Items Moving Forward Lab: Design Study Review Asset Analysis Asset Analysis Process Types of Application-Related Assets Adding Risk Escalators Discovery and Recon Design Review Asset Inventory and Design Assets, Dataflows, and Trust Boundaries Risk Escalators in Designs Risk Mitigation Options

THE course for practitioners of the Integrated Local Delivery framework (ILD)

From Practitioner to Leader

These lessons are created for students ready to delve into diverse aspects of English. Students will enhance their reading and analytical skills through studying a variety of texts, including novels, plays and poetry from different genres and historical periods. They’ll develop their creative and non-fiction writing abilities, focusing on grammar, punctuation and effective communication. In addition, students will engage in discussions, improving their spoken English and listening skills. This comprehensive course aims to foster a love of reading and writing, making learning both fun and enriching! 6 children maximum fully interactive weekly 55 minute lessons qualified, expert teacher optional homework set weekly additional resources set via online classroom lesson recordings for absent students written progress reports three times per year Classes are £90 per month. Variety of times and dates available. Enquire to find out more!

These groups are for children who can already have basic writing skills, but need support to pull it all together and develop their writing style. This is also a great age for reluctant writers to gain confidence and discover their enjoyment for writing. For this class your child should be able to write at least a paragraph independently. 5 children maximum fully interactive weekly 55 minute lessons qualified, expert teacher optional homework set weekly additional resources set via online classroom lesson recordings for absent students written progress reports three times per year Classes are £90 per month. Variety of times and dates available. Enquire to find out more!

These sessions are created for students eager to explore more complex texts and refine their analytical skills. Students will enhance their ability to critically evaluate literature, comparing themes and characters across a wide range of texts. They'll advance their creative and non-fiction writing, taking it to the next level by focusing on sophisticated language use and technical accuracy. through engaging discussions around fascinating topics, such as moral issues and social contexts, students will develop their oral communication. The overall aim of thios course is to deepen their love of language in an enjoyable environment. 6 children maximum fully interactive weekly 55 minute lessons qualified, expert teacher optional homework set weekly additional resources set via online classroom lesson recordings for absent students written progress reports three times per year Classes are £90 per month. Variety of times and dates available. Enquire to find out more!

These groups are for children who can already write a whole story with a beginning, middle and end. Children will enhance their writing skills, learn how to edit and improve their writing, expand their vocabulary and experiment with figurative language techniques. We will compose fiction of various genres, as well as deepening our knowledge of non-fiction text types and poetry – all in a fun and creative way! 5 children maximum fully interactive weekly 55 minute lessons qualified, expert teacher optional homework set weekly additional resources set via online classroom lesson recordings for absent students written progress reports three times per year Classes are £90 per month. Variety of times and dates available. Enquire to find out more!

These groups are for emerging young writers and will ensure your child loves writing from the beginning! We will play games, laugh and have lots of fun exploring imaginative ideas and beginning to structure a story. For this class your child needs to be able to write at least one sentence on their own. 4 children maximum fully interactive weekly 55 minute lessons qualified, expert teacher optional homework set weekly additional resources set via online classroom lesson recordings for absent students written progress reports three times per year Classes are £90 per month

Clinical coach standardisation events

The workshop offers a gentle introduction to the practice of Shamanic Journeys. It is open to everyone interested to learn how to journey and explore the path of direct revelation. During the day, we will explore different ways to cultivate our innate capacity to journey and access direct guidance for our lives. Also, we will learn how to create a sacred space and how to connect with our guides and power animals.