Trainings | Cyber Security Laboratory

Introduction to Practical Cloud Security

Modern applications need scalable and maintainable backends that can guarantee a high level of availability and allow operations at the terabyte scale that are only possible in the public cloud. This has created another infrastructure frontier that must be secured and continuously protected.

Read more about Introduction to Practical Cloud Security

Information Security for Non-Technical Employees 1-day course

General

A large percent of current cybersecurity attacks uses non-technical employees as an attack vector. Between phishing, malware distribution, social engineering attacks, password theft and breaches, as well as fake applications, the end user has never been under so much pressure to defend the cybersecurity of the organization.

Read more about Information Security for Non-Technical Employees 1-day course

Secure Coding (C, C++ and Java)

Cyber Resilience

Application Security

Binary Security

This is a set of trainings and workshops designed and delivered by Robert Seacord and CERT-SEI team, Carnegie Mellon. Provide detailed explanation of common programming principles and errors in C and C++ and describing how these errors can lead to code that is vulnerable to exploitation.

Read more about Secure Coding (C, C++ and Java)

Introduction to the CERT Resilience Management Model

Cyber Resilience

This three-day course introduces a model-based process improvement approach to managing operational resilience using the CERT® Resilience Management Model (CERT-RMM) v1.1. CERT-RMM is a maturity model that promotes the convergence of security, business continuity, and IT operations activities to help organizations actively direct, control, and manage operational resilience and risk.

Read more about Introduction to the CERT Resilience Management Model

Cyber Security and Business Resilience

Cyber Resilience

This is a 2-day course on how to manage operational risk, stay productive under stress and disruption, assess and improve our readiness to ‘handle the unknown’. Based on the new Resilience Management Model of CERT at the Software Engineering Institute (CERT/SEI, Carnegie Mellon University) - a comprehensive and complete reference model and framework helping organizations maintain security, IT operations and business continuity in a converged manner and without additional bureaucratic burden.

Read more about Cyber Security and Business Resilience

C/C++ Secure Coding and Binary Security in Linux

Linux Security

Binary Security

Application Security

Compared with other technologies, C and C++ pose unique and difficult challenges to the process of continuously writing and delivering quality code without security issues. The great power that a developer possesses over e.g. memory management results in the responsibility to write code that deals properly with object lifecycles, manages buffers correctly and many other aspects that have no equivalent in languages with automatic memory management.

Read more about C/C++ Secure Coding and Binary Security in Linux

LAMP Security Configuration

Linux Security

Server Administration

Web Security

The LAMP (Linux, Apache, MySQL and PHP) web service stack is one of the most popular choices for developing and deploying web applications. Due to the rich set of features and the complexity of this bundle, special attention must be paid to its security configuration.

Read more about LAMP Security Configuration

Client-side Web Crypto

Web Security

Cryptography

With the introduction of wide-ranging and impactful legislation and requirements for privacy and data security (like GDPR), a radical, yet powerful cryptography-based solution is gaining traction and relevance. The “Untrusted Server” model assumes the Web application backend will never have access to customers’ data in plaintext, thereby negating almost all impact of data breaches – as the server is unable decrypt users’ data, so is the attacker.

Read more about Client-side Web Crypto

Top 10 Web Threats for QA

Web Security

By popular demand, CyResLab has developed a version of the "Top 10 Web Threats" course for QA specialists. The course shifts focus from secure coding and programming countermeasures to security defect detection and analysis (a.k.a. triage), as well as the tools that are needed to master this process.

Read more about Top 10 Web Threats for QA

Introduction to Mobile Security - Android

Mobile Security

Researchers have presented estimations that up to 90% of all applications have at least one vulnerability. While research about mobile applications in particular, is scarce high-profile data thefts like the Snapchat user database indicate serious security concerns even for apps that are used by millions.

Read more about Introduction to Mobile Security - Android

Introduction to Practical Cloud Security

Information Security for Non-Technical Employees 1-day course

Secure Coding (C, C++ and Java)

Introduction to the CERT Resilience Management Model

Cyber Security and Business Resilience

C/C++ Secure Coding and Binary Security in Linux

LAMP Security Configuration

Client-side Web Crypto

Top 10 Web Threats for QA

Introduction to Mobile Security - Android

CyResLab is an initiative of
ESI CEE

Upcoming Trainings

Introduction to Practical Cloud Security (17-18 Nov)

C/C++ Secure Coding and Binary Security in Linux (21 Nov)

Customised Approach

Footer menu

Subscribe

Contact Us

CyResLab is an initiative ofESI CEE

Upcoming Trainings

CyResLab is an initiative of
ESI CEE