People are the key information assets of an organization. Unfortunately, they are often not properly trained to detect and identify threats noticing them on time. This becomes easy for an adversary to easily siphon out organization’s intellectual property such as blueprints, business plans, policy details, source codes, patents, copyrights causing irreplaceable competitive advantage and reputation in industry. The only proven and time-tested deterrent to such nefarious activities is a well groomed security mindset that people need to imbibe through regular training in security.
In this two-day workshop, candidates are introduced to real-life incidents which have caused multi-million dollar losses to companies due to lax security controls and implementation. Frequently, they happen due to lack of proper security awareness among the people of the organization. We see how people become the security’s “weakest” link.
Next, we delve deeper into the discovery and reconnaissance techniques which are popularly used by attackers to know about the weak points of entry in the organization’s network. Specific attack techniques such as privilege escalation, password cracking, denial-of-service attacks and so on are put forward to demonstrate how weak security practices and implementation go a long way to compromise the security of the systems where the information assets reside.
Security exploits framework, Threat modeling are now put forward to demonstrate how an attacker is able to penetrate and compromise the security of the organization’s network. Finally, we look into defensive strategies to contain the impact of threat agent to the most prized information asset(s) in the organization. Last but not the least, if in case any breach does take place, the incident management procedures are put forward for proper asset recovery and salvaging.
This course is focused on all security enthusiasts, team leads, IT managers, decision makers, senior managers to understand the latest threats to information security and the preventive measures for the same.
This course goes deep down into depths of networking, systems, web applications, actual exploitation & helps beginners to take their confident first step towards information security field.