Trainer: Tudor Damian
Partner & Executive Manager at Avaelgo, IT & security consultant and infrastructure tech support
With more than 10 years of experience in managing complex IT infrastructures, Tudor Damian is a Certified Ethical Hacker, a Microsoft Cloud and Datacenter Management MVP and a technical speaker at local and regional community events.
11.-13.02.2020, ALEF Romania
SECURITY LANDSCAPE OVERVIEW - Industry trends, relevant information sources & keeping up-to-date, MITRE Overview (CVE & CVSS, CWE & CWSS)
IT SECURITY OVERVIEW - Foundations of Security, Securing Operating Systems, Data Backup & Encryption, Internet & Cloud Security, Credit Card Security, Securing Email Communications, Security on Social Networking Sites, Securing Mobile Devices, Social Engineering and Identity Theft, Wireless Network Security
THINKING LIKE A HACKER - Foot printing, Reconnaissance, Scanning Networks, Enumeration, Sni ng, System Hacking, Malware (Trojans/-Viruses/Worms), Cryptography, Denial of Service, Assume Breach
ATTACKING WEB SERVERS &WEB APPLICATIONS - Footprinting the Web Infrastructure, Defense in Depth, Attacking Web Servers, Analyzing Web Applications, Authentication Mechanisms, Authorization Schemes, Session Management, Injection Attacks, Man-in-the-Middle Attacks, Data Connectivity, Web App Clients, Web Services.
OWASP WEB TOP 10 2016 - Injection (A1), Broken Authentication and Session Manage-ment (A2), XSS/Cross-Site Scripting(A3), Insecure Direct Object References (A4), Security Misconfiguration (A5), Sensitive Data Exposure (A6), Missing Function Level Access Control (A7), CSRF/Cross-Site Request Forgery (A8), Using Known Vulnerable Components (A9), Unvalidated Redirects and Forwards (A10)
OWASP PROACTIVE CONTROLS TOP 10 2016 - Verify for Security Early and Often, Parameterize Queries, Encode Data, Validate All Inputs, Implement Identity and Authentication Controls, Implement Appropriate Access Controls, Protect Data, Implement Logging and Intrusion Detection, Leverage Security Frameworks and Libraries, Error and Exception Handling
OTHER NOTEWORTHY VULNERABILITIES - Denial of Service, Malicious File Execution, Information Leakage and Improper Error Handling, Insufficient Anti-Automation, Clickjacking, Concurrency Flaws, Lack of Intrusion Detection and Response, etc.
Dacă ești interesat(ă), completează formularul de cerere onlineÎnregistrare