Training

It is an expert level hands on training for security testing professionals, who manages and oversees and execute security testing of enterprise’s critical information assets to identify vulnerabilities and to work diligently to mitigate them before the bad guys pounce.

What is in this course

Comprehensive hands on training is help you to master a repeatable, documentable penetration testing methodology that can be used in a penetration testing or hacking situation. This course includes installing Kali Linux, using VirtualBox, basics of Linux, Tor, Proxychains, VPN, Macchanger, Nmap, wireshark, cracking wifi, aircrack, DoS attacks, SLL strip, known vulnerabilities, SQL injections, cracking Linux passwords, and more topics how to attack from the web using different techniques likes cross site scripting (XSS), SQL injection, remote and local file inclusion and how to penetrate networks, exploit systems, break into computers, and compromise routers. During the course you will learn the deep and brute capabilities of the Metasploit to perform pen testing and vulnerability assessment for your organization. This program will help you to prepare and pass certifications like ECSA

Pen testing major training domains are as follows:

Introduction to Pen Testing
Information Gathering
Writing pen test proposals
Foot printing & scanning
Vulnerability Assessment
Web Attacks
System Attacks
Network Attacks
Reporting
Who should attend?
Pen Testers
IS Auditors
IS Consultants
Students
Has an interest in security testing
What course material you will get
Each student will get the hardcopies of the training manual includes training slides, supporting materials, tool and VMs.
Lab Assignments Exam
During the training students will pass through the real time pen testing challenges to demonstrate their proficiency.

Cyber Hacking

The purpose of ethical hacking is to evaluate the security of and identify vulnerabilities in systems, networks or system infrastructure. It includes finding and attempting to exploit any vulnerabilities to determine whether unauthorized access or other malicious activities are possible.

What is in this course

Comprehensive hands on training is help you to master a repeatable, documentable Ethical Hacking methodology that can be used in a hacking situation. This program will help you to prepare and pass certifications like CEH and CPT

Ethical Hacking major training domains are as follows:

Introduction to Ethical Hacking
Basic Usage of Linux commands and its services
Information Gathering
Port Scanning
Sniffing & Man In the Middle Attacks
Vulnerability Assessment
Virus Making and Bypassing AV
Exploitation
Web Application Hacking
Wireless Hacking
Who should attend?
Ethical Hackers
IS Auditors
IS Consultants
Students
Has an interest in Ethical Hacking
What course material you will get
Each student will get the hardcopies of the training manual includes training slides, supporting materials, tool and VMs.
Lab Assignments Exam

During the training students will pass through the real time hacking challenges to demonstrate their proficiency.

CISSP

It is internationally perceived as the highest top-level IT security certification. Earning the CISSP proves you have what it takes to effectively design, implement and manage a best-in-class Cybersecurity program. With a CISSP, you validate your expertise.

What is in this course

This is eight days course based on ISC2 domain which serves as the basis for the exam requirements to become a CISSP professional. The broad spectrum of topics included in the CISSP Common Body of Knowledge (CBK) ensure its relevancy across all disciplines in the field of information security.

Successful candidates are competent in the following 8 domains:

Domain 1—Security and Risk Management
Domain 2—Asset Security
Domain 3—Security Architecture and Engineering
Domain 4—Communications and Network Security
Domain 5—Identity and Access Management
Domain 6—Security Assessment and Testing
Domain 7—Security Operations
Domain 8—Software Development Security
Who should attend?
Chief Information Officer
Director of Security
Chief information Security Officer (CISO)
IS Consultants
IS Audit Managers
IS Auditors
Security Professionals
Individuals Preparing for CISSP exam
Potential for a salary increase and/or promotion

ISO:27001 Implementer

It is an expert level training for IT, assurance, risk and security professionals, who manages and oversees Information Security Management System (ISMS) implementation in an enterprise's.

What is in this course?

ISO 27001 implementer three days course provided comprehensive hands on training covers initial ISMS gape analysis, assets based risk assessment, writing policies, procedures, controls and guidelines and ISMS auditing.
This three days course will give you the all the key and proven implementation strategies from the trainer having diversified experience of security implementation of different spheres like service delivery centers, software houses, shipping, educational institutes, technology based research and development centers, government and data centers.
Major training domains are as follows:

Introduction to Information Security Management System (ISMS)
Planning the implementation of an ISMS based on ISO 27001
Security Risk Assessment
Risk treatment based upon ISO 27002/
Implementing an ISMS based on ISO 27001
Controlling, monitoring, measuring and improving an ISMS; certification audit of the ISMS
Who should attend?
ISO 27001 Implementer Training is for:
ISMRs of the organizations Preparing for ISO 27001 certification audits
Auditors (IT and Non IT)
IS Consultants
Security Professionals
Students

GDPR Implementer

This training is designed for Privacy Specialists, Data Protection Officers, IT, Assurance, Risk and Security professionals, who manages and oversees protection and privacy of the data and implementation of GDPR. GDPR Implementer is two days course provided comprehensive training covers initial GDPR gap analysis, privacy impact assessment, policies & procedures related to data security and privacy, data inventory, privacy and GDPR auditing.

Major training areas are as follows:

The key concepts, principles and main requirements of GDPR includes GDPR Principals, Data Subject Rights, Territorial scope, Legitimate Purposes, Privacy notices, Consents, Privacy by Design, Data Transfers, Data Breaches.
How to perform the effective Gap Analysis to baseline organization privacy practices.
How to interpret the requirements of privacy to determine the scope of your GDPR
How to develop and maintain data inventory register
How to perform DPIA and treatments
How to write policies and produce other critical documentation for GDPR
Key elements of the internal audits planning and execution for GDPR
Controlling, monitoring, measuring and improving an GDPR
Who should attend?
GDPR Implementer Training is for:
Data Privacy Officers
Lawyers
Information Security & Privacy Consultant
Auditors (IT and Non-IT)
Security Professionals

CISM

It is an expert level certification for IS top level assurance and security professionals, who manages, designs, oversees and execute an enterprise's information security (IS) management.

What is in this course

This is five days course based on ISACA's job practice, which serves as the basis for the exam requirements to become a CISM professional. This job practice consists of task and knowledge statements organized by ISACA CISM domains. Enterprises demand IS audit professionals that possess the knowledge and expertise to help them identify critical issues and customize practices to support trust in and value from information systems. The skills and practices that CISM promotes and evaluates are the building blocks of success in the field. Possessing the CISM demonstrates proficiency in information security management.

The job practice domains and task and knowledge statements are as follows:

Domain 1—Information Security Governance (24%)
Domain 2—Information Risk Management (30%)
Domain 3—Information Security Program Development and Management (27%)
Domain 4—Information Security Incident Management (19%)
Who should attend?
Chief information Security Officer (CISO)
IS Auditors
IS Consultants
IS Audit Managers
Security Professionals
Individuals Preparing for CISM exam
Potential for a salary increase and/or promotion.

CISA

It is an expert level certification for IS audit control, assurance and security professionals, who manages, designs, oversees and execute an enterprise's information security (IS) auditing.

What is in this course?

This five days course is based on ISACA's job practice, which serves as the basis for the exam requirements to become a CISA professional. This job practice consists of task and knowledge statements organized by ISACA CISA domains.
Enterprises demand IS audit professionals that possess the knowledge and expertise to help them identify critical issues and customize practices to support trust in and value from information systems.
The skills and practices that CISA promotes and evaluates are the building blocks of success in the field. Possessing the CISA demonstrates proficiency and is the basis for measurement in the profession.
The job practice domains and task and knowledge statements are as follows:
Domain 1—the Process of Auditing Information Systems.
Domain 2—Governance and Management of IT.
Domain 3—Information Systems Acquisition, Development and Implementation.
Domain 4—Information Systems Operations, Maintenance and Service Management.
Domain 5—Protection of Information Assets.

Who should attend?

CISA Training is for:

IS Auditors
IS Consultants
IS Audit Managers
Security Professionals
Non-IT Auditors
Students
Individuals Preparing for CISA exam
Has an interest in Information system auditing

Secure Software Development

Secure software development is a process which integrates people and practices to ensure application Confidentiality, Integrity, Availability, Non-Repudiation, and Authentication (CIANA). Secure software is the result of a security aware software development process in which CIANA is established when an application is first developed. Users of software applications need to have guarantees that both their data and their computing environment are not exposed to vulnerabilities during the installation and execution of the software application.

What is in this course

When it comes to secure software development, not using secure code could create vulnerabilities in your enterprise databases, software and web applications, leaving your organization open to cyber threats and attacks. In order to save time and money, keeping your organization ahead of the hackers, by being a secure software developer. You and your team can learn the best practices for designing, implementing and deploying secure applications.

Course Modules: