162 Security Awareness courses

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting This course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more.This course helps you prepare to take the exam, Securing the Web with Cisco Web Security Appliance (300-725 SWSA). DESCRIBING CISCO WSA * Technology Use Case * Cisco WSA Solution * Cisco WSA Features * Cisco WSA Architecture * Proxy Service * Integrated Layer 4 Traffic Monitor * Data Loss Prevention * Cisco Cognitive Intelligence * Management Tools * Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration * Cisco Content Security Management Appliance (SMA) DEPLOYING PROXY SERVICES * Explicit Forward Mode vs. Transparent Mode * Transparent Mode Traffic Redirection * Web Cache Control Protocol * Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow * Proxy Bypass * Proxy Caching * Proxy Auto-Config (PAC) Files * FTP Proxy * Socket Secure (SOCKS) Proxy * Proxy Access Log and HTTP Headers * Customizing Error Notifications with End User Notification (EUN) Pages UTILIZING AUTHENTICATION * Authentication Protocols * Authentication Realms * Tracking User Credentials * Explicit (Forward) and Transparent Proxy Mode * Bypassing Authentication with Problematic Agents * Reporting and Authentication * Re-Authentication * FTP Proxy Authentication * Troubleshooting Joining Domains and Test Authentication * Integration with Cisco Identity Services Engine (ISE) CREATING DECRYPTION POLICIES TO CONTROL HTTPS TRAFFIC * Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview * Certificate Overview * Overview of HTTPS Decryption Policies * Activating HTTPS Proxy Function * Access Control List (ACL) Tags for HTTPS Inspection * Access Log Examples UNDERSTANDING DIFFERENTIATED TRAFFIC ACCESS POLICIES AND IDENTIFICATION PROFILES * Overview of Access Policies * Access Policy Groups * Overview of Identification Profiles * Identification Profiles and Authentication * Access Policy and Identification Profiles Processing Order * Other Policy Types * Access Log Examples * ACL Decision Tags and Policy Groups * Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications DEFENDING AGAINST MALWARE * Web Reputation Filters * Anti-Malware Scanning * Scanning Outbound Traffic * Anti-Malware and Reputation in Policies * File Reputation Filtering and File Analysis * Cisco Advanced Malware Protection * File Reputation and Analysis Features * Integration with Cisco Cognitive Intelligence ENFORCING ACCEPTABLE USE CONTROL SETTINGS * Controlling Web Usage * URL Filtering * URL Category Solutions * Dynamic Content Analysis Engine * Web Application Visibility and Control * Enforcing Media Bandwidth Limits * Software as a Service (SaaS) Access Control * Filtering Adult Content DATA SECURITY AND DATA LOSS PREVENTION * Data Security * Cisco Data Security Solution * Data Security Policy Definitions * Data Security Logs PERFORMING ADMINISTRATION AND TROUBLESHOOTING * Monitor the Cisco Web Security Appliance * Cisco WSA Reports * Monitoring System Activity Through Logs * System Administration Tasks * Troubleshooting * Command Line Interface

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more. DESCRIBING CISCO WSA * Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) DEPLOYING PROXY SERVICES * Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages UTILIZING AUTHENTICATION * Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) CREATING DECRYPTION POLICIES TO CONTROL HTTPS TRAFFIC * Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples UNDERSTANDING DIFFERENTIATED TRAFFIC ACCESS POLICIES AND IDENTIFICATION PROFILES * Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications DEFENDING AGAINST MALWARE * Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence ENFORCING ACCEPTABLE USE CONTROL SETTINGS * Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content DATA SECURITY AND DATA LOSS PREVENTION * Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs PERFORMING ADMINISTRATION AND TROUBLESHOOTING * Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface REFERENCES * Comparing Cisco WSA Models Comparing Cisco SMA Models Overview of Connect, Install, and Configure Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks Connecting to the Cisco Web Security Virtual Appliance Enabling Layer 4 Traffic Monitor (L4TM) Accessing and Running the System Setup Wizard Reconnecting to the Cisco Web Security Appliance High Availability Overview Hardware Redundancy Introducing Common Address Redundancy Protocol (CARP) Configuring Failover Groups for High Availability Feature Comparison Across Traffic Redirection Options Architecture Scenarios When Deploying Cisco AnyConnect© Secure Mobility ADDITIONAL COURSE DETAILS: Nexus Humans SWSA v3.0-Securing the Web with Cisco Web Security Appliance training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the SWSA v3.0-Securing the Web with Cisco Web Security Appliance course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 0.5 Days 3 CPD hours Overview By the end of the course, delegates will know: * The difference between cybersecurity and physical security * Identify what information is sought after * How to protect valuable data and accounts * How to detect a data breach * How to respond to an incident * How to recover from a data breach * A security checklist * Why You Should Care * What are cybersecurity threats * How to improve cybersecurity * Account access best practices * How to protect cloud-based information * How to prevent phishing * Detecting a data breach * Responding to a data breach * Protection against scams

Duration 4 Days 24 CPD hours This course is intended for Security engineers Security administrators Security architects Operations engineers Network engineers Network administrators Network or security technicians Network managers System designers Cisco integrators and partners Overview After taking this course, you should be able to: Describe and administer the Cisco Email Security Appliance (ESA) Control sender and recipient domains Control spam with Talos SenderBase and anti-spam Use anti-virus and outbreak filters Use mail policies Use content filters Use message filters to enforce email policies Prevent data loss Perform LDAP queries Authenticate Simple Mail Transfer Protocol (SMTP) sessions Authenticate email Encrypt email Use system quarantines and delivery methods Perform centralized management using clusters Test and troubleshoot This course shows you how to deploy and use Cisco© Email Security Appliance to establish protection for your email systems against phishing, business email compromise, and ransomware, and to help streamline email security policy management. This hands-on course provides you with the knowledge and skills to implement, troubleshoot, and administer Cisco Email Security Appliance, including key capabilities such as advanced malware protection, spam blocking, anti-virus protection, outbreak filtering, encryption, quarantines, and data loss prevention. This course helps you prepare to take the exam, Securing Email with Cisco Email Security Appliance (300-720 SESA). DESCRIBING THE CISCO EMAIL SECURITY APPLIANCE * Cisco Email Security Appliance Overview * Technology Use Case * Cisco Email Security Appliance Data Sheet * SMTP Overview * Email Pipeline Overview * Installation Scenarios * Initial Cisco Email Security Appliance Configuration * Centralizing Services on a Cisco ADMINISTERING THE CISCO EMAIL SECURITY APPLIANCE * Distributing Administrative Tasks * System Administration Managing and Monitoring Using the Command Line Interface (CLI) * Other Tasks in the GUI * Advanced Network Configuration * Using Email Security Monitor * Tracking Messages * Logging CONTROLLING SENDER AND RECIPIENT DOMAINS * Public and Private Listeners * Configuring the Gateway to Receive Email * Host Access Table Overview * Recipient Access Table Overview * Configuring Routing and Delivery Features CONTROLLING SPAM WITH TALOS SENDERBASE AND ANTI-SPAM * SenderBase Overview * Anti-Spam * Managing Graymail * Protecting Against Malicious or Undesirable URLs * File Reputation Filtering and File Analysis * Bounce Verification USING ANTI-VIRUS AND OUTBREAK FILTERS * Anti-Virus Scanning Overview * Sophos Anti-Virus Filtering McAfee Anti-Virus Filtering * Configuring the Appliance to Scan for Viruses * Outbreak Filters * How the Outbreak Filters Feature Works Managing Outbreak Filters USING MAIL POLICIES * Email Security Manager Overview * Mail Policies Overview * Handling Incoming and Outgoing Messages Differently * Matching Users to a Mail Policy Message Splintering * Configuring Mail Policies USING CONTENT FILTERS * Content Filters Overview * Content Filter Conditions * Content Filter Actions * Filter Messages Based on Content * Text Resources Overview * Using and Testing the Content Dictionaries Filter Rules * Understanding Text Resources * Text Resource Management * Using Text Resources USING MESSAGE FILTERS TO ENFORCE EMAIL POLICIES * Message Filters Overview * Components of a Message Filter * Message Filter Processing * Message Filter Rules * Message Filter Actions * Attachment Scanning * Examples of Attachment Scanning Message Filters * Using the CLI to Manage Message Filters * Message Filter Examples * Configuring Scan Behavior PREVENTING DATA LOSS * Overview of the Data Loss Prevention (DLP) Scanning Process * Setting Up Data Loss Prevention * Policies for Data Loss Prevention * Message Actions * Updating the DLP Engine and Content Matching Classifiers USING LDAP * Overview of LDAP * Working with LDAP * Using LDAP Queries * Authenticating End-Users of the Spam Quarantine * Configuring External LDAP Authentication for Users * Testing Servers and Queries * Using LDAP for Directory Harvest Attack Prevention * Spam Quarantine Alias Consolidation Queries * Validating Recipients Using an SMTP Server SMTP SESSION AUTHENTICATION * Configuring AsyncOS for SMTP Authentication * Authenticating SMTP Sessions Using Client Certificates * Checking the Validity of a Client Certificate * Authenticating User Using LDAP Directory * Authenticating SMTP Connection Over Transport Layer Security (TLS) Using a Client Certificate * Establishing a TLS Connection from the Appliance * Updating a List of Revoked Certificates EMAIL AUTHENTICATION * Email Authentication Overview * Configuring DomainKeys and DomainKeys Identified Mail (DKIM) Signing * Verifying Incoming Messages Using DKIM * Overview of Sender Policy Framework (SPF) and SIDF Veri?cation * Domain-based Message Authentication Reporting and Conformance (DMARC) Verification * Forged Email Detection EMAIL ENCRYPTION * Overview of Cisco Email Encryption * Encrypting Messages * Determining Which Messages to Encrypt * Inserting Encryption Headers into Messages * Encrypting Communication with Other Message Transfer Agents (MTAs) * Working with Certificates * Managing Lists of Certificate Authorities * Enabling TLS on a Listener?s Host Access Table (HAT) * Enabling TLS and Certi?cate Verification on Delivery * Secure/Multipurpose Internet Mail Extensions (S/MIME) Security Services USING SYSTEM QUARANTINES AND DELIVERY METHODS * Describing Quarantines * Spam Quarantine * Setting Up the Centralized Spam Quarantine * Using Safelists and Blocklists to Control Email Delivery Based on Sender * Configuring Spam Management Features for End Users * Managing Messages in the Spam Quarantine * Policy, Virus, and Outbreak Quarantines * Managing Policy, Virus, and Outbreak Quarantines * Working with Messages in Policy, Virus, or Outbreak Quarantines * Delivery Methods CENTRALIZED MANAGEMENT USING CLUSTERS * Overview of Centralized Management Using Clusters * Cluster Organization * Creating and Joining a Cluster * Managing Clusters * Cluster Communication * Loading a Configuration in Clustered Appliances * Best Practices TESTING AND TROUBLESHOOTING * Debugging Mail Flow Using Test Messages: Trace * Using the Listener to Test the Appliance * Troubleshooting the Network * Troubleshooting the Listener * Troubleshooting Email Delivery * Troubleshooting Performance * Web Interface Appearance and Rendering Issues * Responding to Alerts * Troubleshooting Hardware Issues * Working with Technical Support REFERENCES * Model Specifications for Large Enterprises * Model Specifications for Midsize Enterprises and Small-to-Midsize Enterprises or Branch O?ces * Cisco Email Security Appliance Model Specifications for Virtual Appliances

A snapshot of what we offer. See something you like, please get in touch.

Duration 4.5 Days 27 CPD hours This course is intended for This is an intermediate course intended for IBM i system administrators, data processing managers and other individuals who implement and manage security, backup and recovery, system software and problem determination. This course is not recommended for s Overview Describe and implement the components of IBM i security, such as user profile, group profile, authorization list, adopted authority and object / resource security Develop a security plan for your Power Systems with IBM i Describe the options to implement security auditing Develop a plan to audit security on your Power Systems with IBM i Describe the IBM i availability products and features and choose the option(s) that best fit your company requirements Describe how to backup and recover user, IBM and full system data on your Power Systems with IBM i Develop a backup and recovery plan for your Power Systems with IBM i Describe the system diagnostics and problem determination procedures available on your Power Systems with IBM i Learn how to plan for, implement, and manage the ongoing operations of an IBM i. CLASS ADMINISTRATION AND INTRODUCTIONS * . IBM I OVERVIEW AND CONCEPTS * . MANAGEMENT CENTRAL OVERVIEW * . SECURITY CONCEPTS AND OVERVIEW * . SYSTEM VALUES * . USER SECURITY * . RESOURCE SECURITY * . SECURITY AUDITING * . DESIGNING SECURITY * . IBM I AVAILABILITY OVERVIEW * . DISK MANAGEMENT * . BACKUP AND RECOVERY STRATEGY USING SAVE/RESTORE * . JOURNAL MANAGEMENT * . COMMITMENT CONTROL OVERVIEW * . BACKUP AND RECOVERY PLANNING * . PROBLEM DETERMINATION * . OVERVIEW OF SYSTEMS DIRECTOR NAVIGATOR FOR I * . INTRODUCTION TO BRMS * .

Duration 2 Days 12 CPD hours This course is intended for Security professionals, System engineers, channel partners, service partners, and end users with at least one year of experience in implementing IT security technologies (Network, Applications, and Systems). Overview This course will enable students to configure, monitor, manage, and optimize the SonicWall Network Security firewall appliances running the new SonicOS 7 to effectively defend against limitless network and cyberthreats and implement SonicWall Boundless Cybersecurity safeguards for seamless protection. Upon completion of the course, students will be able to configure the SonicWall firewall for Secure and Remote Connectivity, Network Optimization, and Advanced Threat Protection. The SonicWall Network Security Administrator (SNSA) for SonicOS 7.0curriculum provides students the required background, knowledge, and hands-on experience to begin designing, implementing, and troubleshooting SonicWall Network Security products. SonicOS 7 is SonicWall?s brand new and most advanced security operating system and is at the core of its latest physical and virtual firewalls, including models from the TZ, NSv, NSa and NSsp Series. SonicOS 7.0 features advanced security, simplified policy management, and critical networking and management capabilities for distributed enterprises and small- to medium-sized businesses with SD-branch support. COURSE OUTLINE * Setting up Basic Firewall Components * Unified Threat Management * Secure Access * Deep Packet Inspection for SSL (DPI-SSL) * Content Filtering Services * Application Control * Scalability and Reliability * SD-WAN * High Availability * Troubleshooting Tools

Duration 4 Days 24 CPD hours This course is intended for This is an intermediate -level programming course, designed for experienced Java developers who wish to get up and running on developing well defended software applications. Familiarity with Java and JEE is required and real world programming experience is highly recommended. Ideally students should have approximately 6 months to a year of Java and JEE working knowledge. Overview Students who attend Attacking and Securing Java Web Applications will leave the course armed with the skills required to recognize actual and potential software vulnerabilities and implement defenses for those vulnerabilities. This course begins by developing the skills required to fingerprint a web application and then scan it for vulnerabilities and bugs. Practical labs using current tools and techniques provide students with the experience needed to begin testing their own applications. Students also gain a deeper understanding of how attackers probe applications to understand the runtime environment as well as find potential weaknesses. This course the introduces developers to the most common security vulnerabilities faced by web applications today. Each vulnerability is examined from a Java/JEE perspective through a process of describing the threat and attack mechanisms, recognizing associated vulnerabilities, and, finally, designing, implementing, and testing effective defenses. Practical labs reinforce these concepts with real vulnerabilities and attacks. Students are then challenged to design and implement the layered defenses they will need in defending their own applications. There is an emphasis on the underlying vulnerability patterns since the technologies, use cases, and methods of attack as constantly changing. The patterns remain the same through all the change and flux. This 'skills-centric' course is about 50% hands-on lab and 50% lecture, designed to train attendees in secure web application development, coding and design, coupling the most current, effective techniques with the soundest industry practices. Our engaging instructors and mentors are highly experienced practitioners who bring years of current 'on-the-job' experience into every classroom. This lab-intensive course provides hands-on Java / JEE security training that offers a unique look at Java application security. Beginning with penetration testing and hunting for bugs in Java web applications, you embrace best practices for defensively coding web applications, covering all the OWASP Top Ten as well as several additional prominent vulnerabilities. You will repeatedly attack and then defend various assets associated with fully functional web applications and services, allowing you to experience the mechanics of how to secure JEE web applications in the most practical of terms. BUG HUNTING FOUNDATION * Why Hunt Bugs? * Safe and Appropriate Bug Hunting/Hacking SCANNING WEB APPLICATIONS * Scanning Applications Overview MOVING FORWARD FROM HUNTING BUGS * Removing Bugs FOUNDATION FOR SECURING APPLICATIONS * Principles of Information Security BUG STOMPING 101 * Unvalidated Data * Broken Authentication * Sensitive Data Exposure * XML External Entities (XXE) * Broken Access Control BUG STOMPING 102 * Security Misconfiguration * Cross Site Scripting (XSS) * Deserialization/Vulnerable Components * Insufficient Logging and Monitoring * Spoofing, CSRF, and Redirects MOVING FORWARD WITH APPLICATION SECURITY * Applications: What Next? * Making Application Security Real

Duration 4 Days 24 CPD hours This course is intended for This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the F5 Advanced Web Application Firewall. In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits. MODULE 1: SETTING UP THE BIG-IP SYSTEM * Introducing the BIG-IP System * Initially Setting Up the BIG-IP System * Archiving the BIG-IP System Configuration * Leveraging F5 Support Resources and Tools MODULE 2: TRAFFIC PROCESSING WITH BIG-IP * Identifying BIG-IP Traffic Processing Objects * Overview of Network Packet Flow * Understanding Profiles * Overview of Local Traffic Policies * Visualizing the HTTP Request Flow MODULE 3: WEB APPLICATION CONCEPTS * Overview of Web Application Request Processing * Web Application Firewall: Layer 7 Protection * F5 Advanced WAF Layer 7 Security Checks * Overview of Web Communication Elements * Overview of the HTTP Request Structure * Examining HTTP Responses * How F5 Advanced WAF Parses File Types, URLs, and Parameters * Using the Fiddler HTTP Proxy MODULE 4: COMMON WEB APPLICATION VULNERABILITIES * A Taxonomy of Attacks: The Threat Landscape * What Elements of Application Delivery are Targeted? * Common Exploits Against Web Applications MODULE 5: SECURITY POLICY DEPLOYMENT * Defining Learning * Comparing Positive and Negative Security Models * The Deployment Workflow * Policy Type: How Will the Policy Be Applied * Policy Template: Determines the Level of Protection * Policy Templates: Automatic or Manual Policy Building * Assigning Policy to Virtual Server * Deployment Workflow: Using Advanced Settings * Selecting the Enforcement Mode * The Importance of Application Language * Configure Server Technologies * Verify Attack Signature Staging * Viewing Requests * Security Checks Offered by Rapid Deployment * Defining Attack Signatures * Using Data Guard to Check Responses MODULE 6: POLICY TUNING AND VIOLATIONS * Post-Deployment Traffic Processing * Defining Violations * Defining False Positives * How Violations are Categorized * Violation Rating: A Threat Scale * Defining Staging and Enforcement * Defining Enforcement Mode * Defining the Enforcement Readiness Period * Reviewing the Definition of Learning * Defining Learning Suggestions * Choosing Automatic or Manual Learning * Defining the Learn, Alarm and Block Settings * Interpreting the Enforcement Readiness Summary * Configuring the Blocking Response Page MODULE 7: ATTACK SIGNATURES & THREAT CAMPAIGNS * Defining Attack Signatures * Attack Signature Basics * Creating User-Defined Attack Signatures * Defining Simple and Advanced Edit Modes * Defining Attack Signature Sets * Defining Attack Signature Pools * Understanding Attack Signatures and Staging * Updating Attack Signatures * Defining Threat Campaigns * Deploying Threat Campaigns MODULE 8: POSITIVE SECURITY POLICY BUILDING * Defining and Learning Security Policy Components * Defining the Wildcard * Defining the Entity Lifecycle * Choosing the Learning Scheme * How to Learn: Never (Wildcard Only) * How to Learn: Always * How to Learn: Selective * Reviewing the Enforcement Readiness Period: Entities * Viewing Learning Suggestions and Staging Status * Violations Without Learning Suggestions * Defining the Learning Score * Defining Trusted and Untrusted IP Addresses * How to Learn: Compact MODULE 9: COOKIES AND OTHER HEADERS * F5 Advanced WAF Cookies: What to Enforce * Defining Allowed and Enforced Cookies * Configuring Security Processing on HTTP headers MODULE 10: REPORTING AND LOGGING * Overview: Big Picture Data * Reporting: Build Your Own View * Reporting: Chart based on filters * Brute Force and Web Scraping Statistics * Viewing F5 Advanced WAF Resource Reports * PCI Compliance: PCI-DSS 3.0 * The Attack Expert System * Viewing Traffic Learning Graphs * Local Logging Facilities and Destinations * How to Enable Local Logging of Security Events * Viewing Logs in the Configuration Utility * Exporting Requests * Logging Profiles: Build What You Need * Configuring Response Logging MODULE 11: LAB PROJECT 1 * Lab Project 1 MODULE 12: ADVANCED PARAMETER HANDLING * Defining Parameter Types * Defining Static Parameters * Defining Dynamic Parameters * Defining Dynamic Parameter Extraction Properties * Defining Parameter Levels * Other Parameter Considerations MODULE 13: AUTOMATIC POLICY BUILDING * Overview of Automatic Policy Building * Defining Templates Which Automate Learning * Defining Policy Loosening * Defining Policy Tightening * Defining Learning Speed: Traffic Sampling * Defining Track Site Changes LESSON 14: WEB APPLICATION VULNERABILITY SCANNER INTEGRATION * Integrating Scanner Output * Importing Vulnerabilities * Resolving Vulnerabilities * Using the Generic XML Scanner XSD file LESSON 15: DEPLOYING LAYERED POLICIES * Defining a Parent Policy * Defining Inheritance * Parent Policy Deployment Use Cases LESSON 16: LOGIN ENFORCEMENT AND BRUTE FORCE MITIGATION * Defining Login Pages for Flow Control * Configuring Automatic Detection of Login Pages * Defining Session Tracking * Brute Force Protection Configuration * Source-Based Brute Force Mitigations * Defining Credentials Stuffing * Mitigating Credentials Stuffing LESSON 17: RECONNAISSANCE WITH SESSION TRACKING * Defining Session Tracking * Configuring Actions Upon Violation Detection LESSON 18: LAYER 7 DOS MITIGATION * Defining Denial of Service Attacks * Defining the DoS Protection Profile * Overview of TPS-based DoS Protection * Creating a DoS Logging Profile * Applying TPS Mitigations * Defining Behavioral and Stress-Based Detection LESSON 19: ADVANCED BOT PROTECTION * Classifying Clients with the Bot Defense Profile * Defining Bot Signatures * Defining Proactive Bot Defense * Defining Behavioral and Stress-Based Detection * Defining Behavioral DoS Mitigation LESSON 20: FORM ENCRYPTION USING DATASAFE * Targeting Elements of Application Delivery * Exploiting the Document Object Model * Protecting Applications Using DataSafe * The Order of Operations for URL Classification LESSON 21: REVIEW AND FINAL LABS * Review and Final Labs

Duration 2 Days 12 CPD hours This course is intended for The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as: IT professionals - System administrators, network engineers, and security analysts who are responsible for maintaining and securing IT infrastructure and web applications. Developers - Software engineers and web developers who design, implement, and maintain web applications, and need to integrate security best practices throughout the development process. Project teams - Cross-functional teams that collaborate on application development projects, including members from development, testing, and deployment teams. Technical leads - Senior software engineers or architects who oversee technical aspects of projects and ensure the implementation of secure design and coding practices. Project managers - Professionals responsible for planning, executing, and closing projects, ensuring that security requirements are met throughout the project lifecycle. Overview Working in an interactive learning environment, guided by our application security expert, you'll explore: The concepts and terminology behind defensive coding Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets The entire spectrum of threats and attacks that take place against software applications in today's world The role that static code reviews and dynamic application testing to uncover vulnerabilities in applications The vulnerabilities of programming languages as well as how to harden installations The basics of Cryptography and Encryption and where they fit in the overall security picture The requirements and best practices for program management as specified in the STIGS The processes and measures associated with the Secure Software Development (SSD) The basics of security testing and planning Understand the concepts and terminology behind defensive coding Understand Threat Modeling as a tool in identifying software vulnerabilities based on realistic threats against meaningful assets Learn the entire spectrum of threats and attacks that take place against software applications in today's world Discuss the role that static code reviews and dynamic application testing to uncover vulnerabilities in applications Understand the vulnerabilities of programming language as well as how to harden installations Understand the basics of Cryptography and Encryption and where they fit in the overall security picture Understand the fundamentals of XML Digital Signature and XML Encryption as well as how they are used within the web services arena Understand the requirements and best practices for program management as specified in the STIGS Understand the processes and measures associated with the Secure Software Development (SSD) Understand the basics of security testing and planning The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instrtors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You?ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You?ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges. DISA'S SECURITY TECHNICAL IMPLEMENTATION GUIDES (STIGS) * The motivations behind STIGs * Requirements that the various software development roles must meet * Implementing STIG requirements and guidelines WHY HUNT BUGS? * The Language of CyberSecurity * The Changing Cybersecurity Landscape * AppSec Dissection of SolarWinds * The Human Perimeter * Interpreting the 2021 Verizon Data Breach Investigation Report * First Axiom in Web Application Security Analysis * First Axiom in Addressing ALL Security Concerns * Lab: Case Study in Failure SAFE AND APPROPRIATE BUG HUNTING/HACKING * Working Ethically * Respecting Privacy * Bug/Defect Notification * Bug Bounty Programs * Bug Hunting Mistakes to Avoid PRINCIPLES OF INFORMATION SECURITY * Secuity Is a Lifecycle Issue * Minimize Attack Surface Area * Layers of Defense: Tenacious D * Compartmentalize * Consider All Application States * Do NOT Trust the Untrusted IDENTIFICATION AND AUTHENTICATION FAILURES * Applicable STIGs * Quality and Protection of Authentication Data * Proper hashing of passwords * Handling Passwords on Server Side * Session Management * HttpOnly and Security Headers * Lab: STIG Walk-Throughs INJECTION * Applicable STIGs * Injection Flaws * SQL Injection Attacks Evolve * Drill Down on Stored Procedures * Other Forms of Server-Side Injection * Minimizing Injection Flaws * Client-side Injection: XSS * Persistent, Reflective, and DOM-Based XSS * Best Practices for Untrusted Data * Lab: STIG Walk-Throughs APPLICATIONS: WHAT NEXT? * Common Vulnerabilities and Exposures * CWE/SANS Top 25 Most Dangerous SW Errors * Strength Training: Project Teams/Developers * Strength Training: IT Organizations CRYPTOGRAPHIC FAILURES * Applicable STIGs * Identifying Protection Needs * Evolving Privacy Considerations * Options for Protecting Data * Transport/Message Level Security * Weak Cryptographic Processing * Keys and Key Management * Threats of Quantum Computing * Steal Now, Crack Later Threat * Lab: STIG Walk-Throughs APPLICATION SECURITY AND DEVELOPMENT CHECKLISTS * Checklist Overview, Conventions, and Best Practices * Leveraging Common AppSec Practices and Control * Actionable Application Security * Additional Tools for the Toolbox * Strength Training: Project Teams/Developers * Strength Training: IT Organizations * Lab: Recent Incidents SDL OVERVIEW * Attack Phases: Offensive Actions and Defensive Controls * Secure Software Development Processes * Shifting Left * Actionable Items Moving Forward * Lab: Design Study Review ASSET ANALYSIS * Asset Analysis Process * Types of Application-Related Assets * Adding Risk Escalators * Discovery and Recon DESIGN REVIEW * Asset Inventory and Design * Assets, Dataflows, and Trust Boundaries * Risk Escalators in Designs * Risk Mitigation Options