دسته: دوره ها

Vulnerability, patch, and configuration management are not new enterprise security topics. In fact, they are some of the oldest security functions. Yet, we still struggle to manage security vulnerability capabilities effectively. The quantity of outstanding vulnerabilities for most enterprise organizations is overwhelming, and all organizations struggle to keep up with the never-ending onslaught of new security vulnerabilities in their infrastructure and applications. When you add in the cloud, and the increasing speed with which all organizations must deliver systems, applications, and features to both their internal and external customers, enterprise security may seem unachievable. This vulnerability management training course will show you the most effective ways to mature your vulnerability management program and move from identifying vulnerabilities to successfully treating them. 21 Cyber42 tabletop lab exercises and 15 lab demos or exercises.

Syllabus

MGT516.1: Vulnerability Management Design and Planning
MGT516.2: Vulnerability Identification
MGT516.3: Vulnerability Analysis, Metrics, and Communication
MGT516.4: Driving Remediation and Automation
MGT516.5: Collaboration and Continuous Improvement

MGT516: Building and Leading Vulnerability Management Programs

ادامه مطلب

Security leaders realize that cybersecurity is no longer just a technical issue but also a human one. Their greatest challenge now has become how to most effectively manage their human risk, as people are involved in over 80% of all breaches. Many organizations attempt to address this by running security awareness programs, but far too often most programs are compliance focused, nothing more than mandatory annual training. As a result, not only is their workforce highly insecure, but most of their workforce has a very negative perception of cybersecurity. This course enables organizations to effectively manage and measure their human risk by changing people’s behavior and building a strong security culture.

Syllabus

MGT433.1: Fundamentals and Identifying / Prioritizing Human Risk
MGT433.2: Identifying and Changing Behavior
MGT433.3: Security Culture and Measuring Change

MGT433: Managing Human Risk

ادامه مطلب

ICS515: ICS Visibility, Detection, and Response will help you gain visibility and asset identification in your Industrial Control System (ICS)/Operational Technology (OT) networks, monitor for and detect cyber threats, deconstruct ICS cyber attacks to extract lessons learned, perform incident response, and take an intelligence-driven approach to executing a world-leading ICS cybersecurity program to ensure safe and reliable operations. Note: This class was previously named ICS515: ICS Active Defense and Incident Response. The course has gone through a significant update changing much of the content, most of the labs, and adding a day in course length.

Syllabus

ICS515.1: ICS Cyber Threat Intelligence
ICS515.2: Visibility and Asset Identification
ICS515.3: ICS Threat Detection
ICS515.4: Incident Response
ICS515.5: Threat and Environment Manipulation
ICS515.6: Capstone Day, Under Attack!

ICS515: ICS Visibility, Detection, and Response

ادامه مطلب

ICS410: ICS/SCADA Security Essentials provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.

Syllabus

ICS410.1: ICS Overview
ICS410.2: Architectures and Processes
ICS410.3: Communications and Protocols
ICS410.4: Supervisory Systems
ICS410.5: ICS Security Governance
ICS410.6: Capstone CTF
ادامه مطلب

SEC503: Network Monitoring and Threat Detection In-Depth delivers the technical knowledge, insight, and hands-on training you need to confidently defend your network, whether traditional or cloud-based. You will learn about the underlying theory of TCP/IP and the most used application protocols so that you can intelligently examine network traffic to identify emerging threats, perform large-scale correlation for threat hunting, and reconstruct network attacks. 37 Hands-on Labs + Capstone Challenge

ادامه مطلب

Smart Contract Hacking is a comprehensive online course that teaches you how to secure, hack, and use blockchain and smart contract technology. The course covers the fundamentals of blockchain, the popular Ethereum coding language Solidity, and the tools and techniques for auditing and exploiting smart contracts. You will learn how to deploy, scan, and test various blockchain implementations and protocols, such as Bitcoin, Ethereum, Solana, Cosmos, Near, NFTs, DeFi, and Web3. You will also get access to hands-on exercises, challenges, and quizzes to reinforce your learning and gain practical experience. By the end of the course, you will have the skills and knowledge to become a proficient web3 security professional.

Syllabus

Intro
Career Paths
EVM
Environment & Dev Tools
Exercises Guidelines
Tokens crash course: ERC20
Tokens crash course: ERC721
ReEntrsncy Attacks
Arithmetic over/underflow
Phishing Attacks
Randomness Vulnerabilities
Access Control & Default Visibility
DEFI Crash Course: DEXes
DEFI Crash Course: Money Markets
Replay Attacks
Flash Loans & Flash Swaps
Flash Loan Attacks
Denial of Service
Sensitive On-Chain Data
Unchecked Return Value
Frontrunning
DAO & Governance Attacks
Oracle Manipulation
Call / Delegate call Attacks

Smart Contract Hacking Course

ادامه مطلب