Training ►
IT Security Online on-demand Courses and Training for Enterprises
We offer classroom and e-Learning/online trainings (seminars, coachings etc.) in our area of expertise: IT Security, Security Management and Awareness, Software Development/Java, Secure Programming and Cryptography.
Formats can be self-paced online courses (video, HTML5, audio commentary, SCORM etc. for E-Learning Management Systems) and other online material, books and individual coaching sessions.
Our portfolio includes:
- Secure Programming of Web Applications - Developers and Technical Project Managers
-
IT Security for General and Project Managers
-
IT Security Awareness for Employees and Individuals
-
Introduction to Encryption
-
Books, other Courses and Opportunities for cooperation
Secure Programming of Web Applications - Developers and TPMs: Web Application Security for Software Developers and Technical Project Managers
In case of playback problems, you can also find the video on YouTube.
Objectives
- Security of Web Applications
- Secure Programming Patterns
- Security Baselines
Requirements
- Web Application Knowledge is a plus
- Being a Developer
Content
Understand Application Security: Numerous successful attacks on well-known web applications on a weekly basis should be reason enough to study the background of "Web Application Security" of custom-made or self-developed applications.
Computer systems are ubiquitous and part of our working and private everyday life. For companies it is increasingly complex and difficult to keep up their IT security with the current technical progress. Large enterprises establish security processes which are created according to industry standards (e.g., ISO 27001). These processes are very complex and can only be implemented by teams of security experts. Constant quality assurance, maintenance and adaptation also belong to an IT security process.
It does not matter if a company develops products or runs an online shop, IT security is a characteristic feature. Security incidents, which maybe even reach public uncontrolled, do not only damage the business image but may also lead to legal or financial consequences.
- Intro
- Typical Vulnerabilities Overview
- Cause & Background
- Secure Programming in general
- Code/Command Injection in general
- (No)SQL Code Injection
- Cross-Site Request Forgery (CSRF)
- Cross-Site Scripting (XSS)
- Open Redirection
- File Inclusion / Directory Traversal
- Clickjacking
- Session-Hijacking
- Information Disclosure
- Attacks on Weaknesses of the Authentication
- Denial of Service
- Middleware
- Third-Party Software
- Summary and Conclusion
Instructor Frank Hissen, Computer Scientist and Security Expert, teaches IT security for over 20 years and works for companies of all sizes as IT Security Consultant and Software Engineer.
Length
approx. 90 minutes, incl. assessment questionnaire
Order/Preview
IT Security for General/Project Managers: About implementing Security in IT(-related) projects and products properly – A pragmatic Guideline
Objectives
- Pragrammatic Management of Information Security
- Integrating Security in Project Management
- High-level IT Security Baselines
- Understand Security Impact for your company
Requirements
- Project Management in general
Content
Despite many accepted IT security standards, many IT projects fail at IT security. This also includes for instance (‘smart’) products that just include information technology in small proportion. What needs to be considered, what mistakes and pitfalls to avoid?
Most IT projects have a tight budget. Only in rare cases, a project manager has access to unlimited financial resources. This applies to projects of both large and small businesses alike but usually the smaller the company the bigger the problem. If security cannot be used as a (unique) selling point for a product or for the development of a system, the project manager often has a hard job to acquire proper and adequate resources for security.
No matter if you are a manager in a small company or even on your own or if you are part of a large enterprise with information security management in place. This pragmatic guide helps you to understand information security on a high level and how to integrate security in your project or product. What needs to be done for long-term success and why? The author, Computer Scientist Frank Hissen, explains it in a few practical steps from over 15 years of experience as IT security consultant:
- Motivation: IT Security Holes in Projects and Products
- Enforce IT Security in Projects
- IT Security in Projects: From the very beginning!
- Security is a Process
- IT Security Standards
- Do the same for Data Privacy / Protection Laws!
- Checklist for Project Managers
- Conclusion
Instructor Frank Hissen, Computer Scientist and Security Expert, teaches IT security for over 20 years and works for companies of all sizes as IT Security Consultant and Software Engineer.
Length
approx. 40 minutes, incl. assessment questionnaire
Order/Preview
IT Security Awareness for Employees and Individuals - The pragmatic complete Guide to Internet and Computer Security
Demo Videos
Promo
In case of playback problems, you can also find the video on YouTube.
Full Lecture: E-Mail-Security
Objectives
- Understand the Golden Rules for Security – what you have to do
- Learn how the Internet works and Attackers use simple technologies to trick you
- Recognize common Attack Schemes
- Technical Rules and practical behavioral Guidelines
Requirements
- None, just be interested in your IT / Computer / Internet Security!
Content
Am I secure? What I can do for IT security as an employee and individual.
Anyone who works with computers or mobile digital devices should understand the basics of the internet, to be able to behave correctly. This course explains the background to how the internet works and which schemes attackers use to trick users.
The courses describes technical countermeasures as well as the correct user behavior plus guides users to recognize common attacking schemes.
How do Cyber criminals think? What are the dangers? What do I have to watch out for? Are cookies bad?
The course will answer these questions and more:
- Introduction & Motivation
- What actually is "Security"? - Trying to understand In-/Security
- Internet Basics: The Internet...and the Cloud
- Basic Attacking Scheme
- Users as the weak point: Recognizing Attack Schemes & Phishing (Part 1)
- Users as the weak point: Recognizing Attack Schemes & Phishing (Part 2)
- Users as the weak point: Recognizing Attack Schemes & Phishing (Part 3)
- Example: The ideal (Banking-)Trojan
- Technical Security: Hacking
- E-Mail Security
- Insert: Online Shopping
- Insert: The 'better' (more secure) Operating system?
- Insert: 'Hacking' outside of PCs and mobile Devices
- Insert: Quishing – Phishing using QR Codes
- Insert: Disposing, Passing on, Selling Devices
- Authentication & Passwords
- Backup - Do we need that?
- The Golden Security Rules
Instructor Frank Hissen, Computer Scientist and Security Expert, teaches IT security for over 20 years and works for companies of all sizes as IT Security Consultant and Software Engineer.
Length
approx. 130 minutes, incl. assessment questionnaire
Order/Preview
Introduction to Encryption - Terminology and Technology Understand the terms and expressions of encryption technologies and learn to apply encryption properly
Objectives
- Understand technical terms and current technologies
- Evaluate what encryption means and provides
- Make technology choices with practice-orientation
Requirements
- A basic interest in the fields of data security, privacy and technology
Content
AES-128, Public Key, Certificates? What do symmetric and asymmetric encryption actually mean? Where are these used? This course provides a basic introduction to the field of encryption.
The course explains the common terminology but also the technical background. This course is right for everybody who wants to understand what encryption means in practice and what to watch out for. Smattering knowledge can be challenged, practical insights will be provided.
If you care about data security and privacy – likewise on the enterprise level and in private life – you are already on the right track. This course can deepen your knowledge and turn your focus where to look at.
General background knowledge in IT is an advantage but not required.
Instructor Frank Hissen, Computer Scientist and Security Expert, teaches IT security for over 20 years and works for companies of all sizes as IT Security Consultant and Software Engineer.
Length
approx. 40 minutes, incl. assessment questionnaire
Order/Preview
Books, other Courses and Opportunities for cooperation
- IT Security Training, Courses & Writing (worldwide)
- All books also on: Amazon
- Also individual coachings, courses, articles, webinars or topics are possible on demand
Other Keywords
ISO/IEC 27001, ISO/IEC 27002, Learning Management System / LMS, SCORM package, Cyber Security Training, e-Learning, eLearning, IT Security Awareness for Enterprise / Business / Companies, Employee education, Awareness Education, Online Seminars, Video on-demand course, ISO, Information Security, Phishing, Secure Coding