632 Network & Security courses in Bletchley delivered Live Online

Duration 4 Days 24 CPD hours This course is intended for Information Assurance Managers/Auditors System Implementors/administrators IT Administrators Auditors/Auditees Federal Agencies/Contractors Security Vendors and Consulting Groups Overview Upon completion, the IS20 Security Controls candidate will be able to not only competently take the IS20 Controls exam but will also have an understanding of how to implement the top 20 most critical controls in the work place. IS20 controls are the Top Twenty Most Critical Security Controls in Information Technology.ÿ This 4 day training course covers proven tools and methodologies needed to execute and analyze the Top Twenty Most Critical Security Controls. Nearly all organizations that maintain sensitive information are adopting these Security Controls. These controls were chosen by leading government and private organizations who are experts on how attacks work and what can be done to prevent them from happening. The controls were selected as the best way to block known attacks as well as help search for and alleviate any damage from the attacks that are successful. This course allows the security professional to see how to implement controls in an existing network through highly effective and economical automation. For management, this training is the best way to distinguish how you will assess whether these security controls are effectively being administered. Introduction Critical Control 1 Critical Control 2 Critical Control 3 Critical Control 4 Critical Control 5 Critical Control 6 Critical Control 7 Critical Control 8 Critical Control 9 Critical Control 10 Critical Control 11 Critical Control 12 Critical Control 13 Critical Control 14 Critical Control 15 Critical Control 16 Critical Control 17 Critical Control 18 Critical Control 19 Critical Control 20

Duration 2 Days 12 CPD hours This course is intended for The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as: IT professionals - System administrators, network engineers, and security analysts who are responsible for maintaining and securing IT infrastructure and web applications. Developers - Software engineers and web developers who design, implement, and maintain web applications, and need to integrate security best practices throughout the development process. Project teams - Cross-functional teams that collaborate on application development projects, including members from development, testing, and deployment teams. Technical leads - Senior software engineers or architects who oversee technical aspects of projects and ensure the implementation of secure design and coding practices. Project managers - Professionals responsible for planning, executing, and closing projects, ensuring that security requirements are met throughout the project lifecycle. Overview Working in an interactive learning environment, guided by our application security expert, you'll explore: The concepts and terminology behind defensive coding Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets The entire spectrum of threats and attacks that take place against software applications in today's world The role that static code reviews and dynamic application testing to uncover vulnerabilities in applications The vulnerabilities of programming languages as well as how to harden installations The basics of Cryptography and Encryption and where they fit in the overall security picture The requirements and best practices for program management as specified in the STIGS The processes and measures associated with the Secure Software Development (SSD) The basics of security testing and planning Understand the concepts and terminology behind defensive coding Understand Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets Learn the entire spectrum of threats and attacks that take place against software applications in today's world Discuss the role that static code reviews and dynamic application testing to uncover vulnerabilities in applications Understand the vulnerabilities of programming language as well as how to harden installations Understand the basics of Cryptography and Encryption and where they fit in the overall security picture Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena Understand the requirements and best practices for program management as specified in the STIGS Understand the processes and measures associated with the Secure Software Development (SSD) Understand the basics of security testing and planning The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instrtors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You?ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You?ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges. DISA's Security Technical Implementation Guides (STIGs) The motivations behind STIGs Requirements that the various software development roles must meet Implementing STIG requirements and guidelines Why Hunt Bugs? The Language of CyberSecurity The Changing Cybersecurity Landscape AppSec Dissection of SolarWinds The Human Perimeter Interpreting the 2021 Verizon Data Breach Investigation Report First Axiom in Web Application Security Analysis First Axiom in Addressing ALL Security Concerns Lab: Case Study in Failure Safe and Appropriate Bug Hunting/Hacking Working Ethically Respecting Privacy Bug/Defect Notification Bug Bounty Programs Bug Hunting Mistakes to Avoid Principles of Information Security Secuity Is a Lifecycle Issue Minimize Attack Surface Area Layers of Defense: Tenacious D Compartmentalize Consider All Application States Do NOT Trust the Untrusted Identification and Authentication Failures Applicable STIGs Quality and Protection of Authentication Data Proper hashing of passwords Handling Passwords on Server Side Session Management HttpOnly and Security Headers Lab: STIG Walk-Throughs Injection Applicable STIGs Injection Flaws SQL Injection Attacks Evolve Drill Down on Stored Procedures Other Forms of Server-Side Injection Minimizing Injection Flaws Client-side Injection: XSS Persistent, Reflective, and DOM-Based XSS Best Practices for Untrusted Data Lab: STIG Walk-Throughs Applications: What Next? Common Vulnerabilities and Exposures CWE/SANS Top 25 Most Dangerous SW Errors Strength Training: Project Teams/Developers Strength Training: IT Organizations Cryptographic Failures Applicable STIGs Identifying Protection Needs Evolving Privacy Considerations Options for Protecting Data Transport/Message Level Security Weak Cryptographic Processing Keys and Key Management Threats of Quantum Computing Steal Now, Crack Later Threat Lab: STIG Walk-Throughs Application Security and Development Checklists Checklist Overview, Conventions, and Best Practices Leveraging Common AppSec Practices and Control Actionable Application Security Additional Tools for the Toolbox Strength Training: Project Teams/Developers Strength Training: IT Organizations Lab: Recent Incidents SDL Overview Attack Phases: Offensive Actions and Defensive Controls Secure Software Development Processes Shifting Left Actionable Items Moving Forward Lab: Design Study Review Asset Analysis Asset Analysis Process Types of Application-Related Assets Adding Risk Escalators Discovery and Recon Design Review Asset Inventory and Design Assets, Dataflows, and Trust Boundaries Risk Escalators in Designs Risk Mitigation Options

Duration 3 Days 18 CPD hours This course is intended for Risk managersBusiness Process OwnersBusiness Finance ManagersBusiness Risk ManagersRegulatory Compliance ManagersProject ManagementPersons responsible for information security or conformity within an organization Overview To understand the concepts, approaches, methods and techniques allowing an effective risk managementaccording to ISO 31000To understand the relationship between the risk management and the compliance with the requirements ofdifferent stakeholders of an organizationTo acquire the competence to implement, maintain and manage an ongoing risk management program accordingto ISO 31000To acquire the competence to effectively advise organizations on the best practices in risk management In this three-day intensive course participants develop the competence to master a model for implementing risk management processes throughout their organization using the ISO 31000:2009 standard as a reference framework. Day 1 Introduction to the Risk Management framework according to ISO 31000 Concepts and definitions related to Risk Management Risk Management standards, frameworks and methodologies Implementation of a Risk Management framework Understanding an organization and its context Day 2 Risk identification and assessment, risk evaluation, treatment, acceptance, communication and surveillance according to ISO 31000 Risk identification Risk analysis and risk evaluation Risk treatment Risk acceptance and residual risk management Risk communication and consultation Risk monitoring and review Day 3 Risk assessment methodologies according to ISO 31000 and Certification Exam Presentation of risk assessment methodologies Certification Exam

Duration 5 Days 30 CPD hours This course is intended for IS Security Officers IS Managers Risk Managers Auditors Information Systems Owners IS Control Assessors System Managers Government Employees Overview The person who carries this certification should be able to acquire necessary resources, advise senior leadership, collaborate with stakeholders, evaluate effectiveness, identify cybersecurity problems, manage threats, oversee information security awareness programs, participate in risk assessments, support compliance activities, and define or implement policies and procedures to ensure protection of critical infrastructure within an information security environment. If you are looking for the ?gotta have it? cybersecurity course, then the Certified Information Systems Security Officer is for you.ÿ The C)ISSO will prepare you for multiple managerial roles inside the INFOSEC community by covering a broad range of topics. You will learn theories in security concepts, practices, monitoring and compliance in IS management. An Information Systems Security Officer is able to implement and maintain cost-effective security controls that are closely aligned with business and industry standards. The C)ISSO certification course is an idealÿway to increaseÿknowledge, expertise, and skill for managers, auditors, and INFOSEC professionals.ÿ At Mile2 we consider the C)ISSO to be one of our flagship courses.The things you learn in this course can be applied to management, prevention teams, and recovery professionals. Material learned in the Live Class or Self-Study options will apply directly to the certification exam. Course Outline Risk Management Security Management Identification and Authentication Access Control Security Models and Evaluation Operations Security Vulnerability Assessments Symmetric Cryptography and Hashing Network Connections Network Protocols and Devices Telephony, VPNs, and Wireless Security Architecture and Attacks Software Development Security Database Security Malware and Software Attacks Business Continuity Disaster Recovery Incident Management, Law, and Ethics Physical Security Additional course details: Nexus Humans C)ISSO - Certified Information Security Systems Officer Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)ISSO - Certified Information Security Systems Officer Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Coders Web Application Engineers IS Managers Application Engineers Developers Programmers Overview Upon completion, Certified Secure Web Application Engineer students will be able to establish industry acceptable auditing standards with current best practices and policies. Students will also be prepared to competently take the CSWAE exam. Secure Web Application Engineers work to design information systems that are secure on the web. Organizations and governments fall victim to internet-based attacks every day. In many cases, web attacks could be thwarted but hackers, organized criminal gangs, and foreign agents are able to exploit weaknesses in web applications. The Secure Web programmer knows how to identify, mitigate and defend against all attacks through designing and building systems that are resistant to failure. With this course you will learn how to develop web applications that aren?t subject to common vulnerabilities, and how to test and validate that their applications are secure, reliable and resistant to attack. Course Outline Web Application Security OWASP Top 10 Threat Modeling & Risk Management Application Mapping Authentication and Authorization Attacks Session Management Attacks Application Logic Attacks Data Validation AJAX Attacks Code Review And Security Testing Web Application Penetration Testing Secure SDLC Cryptography Additional course details: Nexus Humans Certified Secure Web Application Engineer training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Certified Secure Web Application Engineer course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Diese Zertifizierung richtet sich an Experten aus Geschäftsbetrieben aller Branchen, die mit der Cloud-Technologie arbeiten oder an dieser Technologie und ihrem Nutzen für Unternehmen interessiert sind: Alle Mitarbeiter von internen oder externen Service Providern, Ihre Kunden Manager, Auditoren Overview Die Zertifizierung EXIN Cloud Computing Foundation validiert das Wissen von Kandidaten in folgenden Bereichen: Cloud - Prinzipien Implementierung von Management des Cloud Computing Nutzung von Cloud Computing Sicherheit, Identität und Privatsphäre im Cloud Computing Bewertung des Cloud Computing Unter Cloud Computing versteht man die Implementierung und Nutzung der Cloud - Technologie um IT - Services bereitzustellen, die an einem andren Standort gehostet werden. Cloud-Prinzipien Das Cloud - Konzept Entwicklung des Cloud Computing Cloud - Architektur Vorteile und Beschr„nkungen des Cloud Computing Implementierung und Management des Cloud Computing Aufbau lokaler Cloud - Umgebungen Management - Prinzipien fr Cloud - Services Nutzung von Cloud Computing Zugriff auf die Cloud Untersttzung von Business - Prozessen durch Cloud Computing Cloud - Nutzung durch Service Provider Sicherheit, Identit„t und Privatsph„re im Cloud Computing Sicherheit im Cloud Computing Identit„ts- und Privatsph„renmanagement Bewertung des Cloud Computing Business Cas fr das Cloud Computing Bewertung von Cloud - Implementierungen

Duration 5 Days 30 CPD hours This course is intended for Anyone whose position requires CCSP certificationIndividuals whose responsibilities involve procuring, securing, and managing cloud environments or purchased cloud services Overview In-depth coverage of the six domains required to pass the CCSP exam:Architectural concepts and design requirementsCloud data securityCloud platform and infrastructure securityCloud application securityOperationsLegal and compliance This course is the most comprehensive review of cloud security concepts and industry best practices covering the six domains of the CCSP Common Body of Knowledge (CBK). You will gain knowledge in identifying the types of controls necessary to administer various levels of confidentiality, integrity, and availability, with regard to securing data in the cloud. You will identify the virtual and physical components of the cloud infrastructure with regard to risk management analysis, including tools and techniques necessary for maintaining a secure cloud infrastructure. You will gain an understanding in cloud software assurance and validation, utilizing secure software, and the controls necessary for developing secure cloud environments. You will identify privacy issues and audit processes utilized within a cloud environment, including auditing controls, assurance issues, and the specific reporting attributes. Architectural Concepts and Design Requirements Cloud Data SecurityCloud Platform and Infrastucture Security Cloud Application SecurityOperations Legal and compliance

Duration 3 Days 18 CPD hours This course is intended for This course is intended for: C|ASE-certified professionals Application security professionals DevOps engineers IT security professionals Cybersecurity engineers and analysts Software engineers and testers Anyone with prior knowledge of application security who wants to build a career in DevSecOps Overview This course empowers you with the knowledge and skills to: Understand DevOps security bottlenecks and remediation Understand the DevSecOps toolchain and implement tools Integrate Eclipse and GitHub with Jenkins to build applications Align security practices Integrate threat modeling tools Understand and implement continuous security testing Integrate runtime application self-protection tools Integrate automated security testing Perform continuous vulnerability scans Use AWS and Azure tools to secure applications. Integrate compliance-as-code tools EC-Council Certified DevSecOps Engineer (E|CDE) is a hands-on, instructor-led comprehensive DevSecOps certification program that helps professionals build the essential skills to design, develop, and maintain secure applications and infrastructure. Course Outline Module 1: Understanding DevOps Culture Module 2: Introduction to DevSecOps Module 3: DevSecOps Pipeline?Plan Stage Module 4: DevSecOps Pipeline?Code Stage Module 5: DevSecOps Pipeline?Build and Test Stage Module 6: DevSecOps Pipeline?Release and Deploy Stage Module 7: DevSecOps Pipeline?Operate and Monitor Stage Additional course details: Nexus Humans EC-Council Certified DevSecOps Engineer (E|CDE) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the EC-Council Certified DevSecOps Engineer (E|CDE) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Technical professionals who support, install, deploy, or administer Check Point products in Cloud Environments. Overview Explain the nature of the cloud environment. Describe the five pillars of cloud architecture. Explain the Basics of Cloud Infrastructure. Explain the Basics of Cloud Automation. Explain Check Point Security Management and How it Applies to CloudGuard. Describe CloudGuard Security Gateway offerings. Describe Cloud Load Balancers. Explain CloudGuard Licensing. Explain the different Deployment options and architectures for CloudGuard. Explain how and why CloudGuard is automated. Describe the functions of CloudGuard that can be automated. Describe the tools used to automate CloudGuard. Explain CloudGuard Automation Requirements. Explain basic troubleshooting techniques specific to Check Point Security Management Servers and Security Gateways. Describe the steps for Troubleshooting CloudGuard Network Installation. Explain the tools and techniques used to troubleshoot CloudGuard Network Automation. Explain the need for Cloud Security Posture Management. Describe the posture management tools available in CloudGuard. Explain methods for correcting Cloud Security Posture Management issues. Learn basic concepts and develop skills necessary to administer Check Point CloudGuard security solutions Course Outline Deploy a Security Management Server in the Cloud. Install a Security Gateway Image. Create Virtual Networks. Deploy Internal and External Load Balancers Deploy a Security Gateway Using Templates. Assign Public IP Addresses to Cloud Devices Create Web Servers in the Cloud. Configure North-South Traffic Policy. Configure East-West Traffic Policy and Routes. Troubleshoot North-South Traffic Issues. Troubleshoot East-West Traffic Issues.

Duration 4 Days 24 CPD hours This course is intended for Penetration Testers Microsoft Administrators Security Administrators Active Directory Administrators Anyone looking to learn more about security Overview Upon completion, Certified IS Security Manager students will have a strong foundation in Cyber Security & IS management standards with current best practices and will be prepared to competently take the C)ISSM exam. Companies will lean on a Certified IS Security Manager, C)ISSM to create solutions for tomorrow?s problems, today. When it comes to identifying critical issues and providing effective IS management solutions.ÿ ÿThe knowledge and course content provided in the Certified Information Systems Security Manager ? C)ISSM will not only cover ISACA©?s CISM exam but will provide a measurable certification that demonstrates proficiency in the IS Management Field. The Certified Information Systems Security Manager covers the skills and knowledge to assess threat analysis and risks, Risk & incident management, Security programs and CISO roles, IS security strategy and frameworks, Audit and Risk management creation of policies, compliance and awareness, as well as DR and BCP development, deployment and maintenance. Course Outline Introduction Information Security Governance Information Risk Management and Compliance Information Security Program Development and Management Information Security Incident Management Additional course details: Nexus Humans C)ISSM - Certified Information Systems Security Manager Mile 2 training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the C)ISSM - Certified Information Systems Security Manager Mile 2 course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.