ABOUT THE PROGRAM
The course covers the following topics:
DON'T TOUCH THIS TAB
It’s important to improve the accordion’s behaviour
Hello Cyber
- What is cyber and what happened to information security?
- Welcome to the battlefield: The digital universe
- Buzzword reality check: Cloud, IoT, big data, Blockchain, ML, and AI
- The state of enterprise (in)security
Server-Side Attacks
- Exploiting vulnerable software
- Injecting code
- Breaking authentication and session
- Exposing sensitive data
- Hacking server-side parsers and deserializers
- Abusing misconfiguration
Defense 101: Minimizing Exposure
- Application whitelisting
- Patching OS and applications
- Hardening user applications, services, and operating systems
- Restricting administrative privileges
- Using multifactor authentication
What is next (or are we doomed?)
- What is cybersecurity anyway?
- The economics of cybersecurity
- Security as an evolving process
- Reactive vs. proactive approaches
- Secure by design
- It is always about the people
The Cyber Attack Lifecycle (aka the Cyber Kill Chain or MITRE ATT&CK)
- Preparation: Passive and Active reconnaissance
- Breach: Initial access and execution
- Post-breach: Persistence, privilege escalation, defense evasion, and credential access
- Pivot: Discovery, Lateral Movement, and collection
- Exfiltration, command and control, and cleanup
Client-Side Attacks
- Social engineering and spear phishing
- Payload carriers: URLs, executables, archives, documents
- XSS, CSRF, and browser exploitation
- Exploiting native software and OS components
- The art of credential (and token) access
- Evading endpoint security
Defense 201: The devil is the details
- Network segmentation, segregation, and separation
- Protecting authentication credentials and monitoring usage
- Incident detection and response (SIEM/SOC)
- Dynamic analysis of executables and documents
- Email and Web content filtering
Don't touch this tab
ABOUT CYBERPRO
About CYBERPRO was founded in cooperation with international information security and instruction authorities who bring to Israel world-leading cyber training technologies and a learning experience of the highest standard available today.
The partners include the IITC group which has been training graduates for the high tech industry for over 20 years, and was selected as the training center for the Cisco Company in Israel.
CYBERPRO’s advanced, sought-after training courses in the areas of infrastructures, information security and cyber are world famous. These training courses were developed by some of the best cyber experts in the world, for international security organizations that emphasize the high training capabilities, the professional learning methods and the unique training and practice technologies. Our connection with international groups allows our students to be exposed to unique employment opportunities in Israel and abroad.
The training and learning tracks are all based much hands-on practice and preparation for the industry and profession requirements, so they include technological labs and practice sessions using one of the most advanced simulators in the world.
COURSE INFO
Target audience
- Executives
- IT specialists
- Software developers
- Product managers
- Project managers
- Anyone with no prior knowledge
Prerequisites
- User-level computer knowledge
- Advanced English is advantageous
- Prior knowledge of data communication, operation systems, internet technology, and programming is advantageous
Skills Gained
- Understanding attack vectors
- Understanding basic defense techniques
- Good background for those who wants to go into the Cyber-Security world