IT security training and awareness

Objectives :

• Know the main application vulnerabilities as well as the associated attack approaches.
• Being able to guard against these vulnerabilities.
• Think security in development.

Objectives :

• Understanding security policies
• Understanding Secure Network Designs
• Knowing the attacks and means of prevention

Objectives :

• To know the basic rules of personal data protection in a nominative context
• Know the General Regulations on Data Protection (RGPD)
• Integrating new products into its structure

Objectives :

• Compromise detection :
  • System level: system integrity, process analysis, analysis of event logs, analysis of local network connections to machines.
  • At the network level: analysis of network connections between different machines, bandwidth, analysis of equipment event logs (firewall, router, switch)
• Retrieving clues and qualifying an attack:
  • Extraction and analysis of volatile memory (network traffic, process memory dump)
  • Extraction and analysis of non-volatile memory (system logs, application logs, command histories)
  • Extraction and analysis of file integrity (add, modify, delete)
• Intrusion Response Process :
  • Collection and preservation of evidence
  • Index extraction
  • Analysis and interpretation of results
  • Implementation of countermeasures
• Writing an investigation report :
  • Managerial synthesis
  • Actions taken during the analysis
  • Reconstructed Operating Scenario