Security Communications and Awareness

Similar documents
Security Communications and Awareness

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

Students should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Students should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:

OWASP Top 10 The Ten Most Critical Web Application Security Risks

"Charting the Course to Your Success!" Securing.Net Web Applications Lifecycle Course Summary

90% of data breaches are caused by software vulnerabilities.

TRAINING CURRICULUM 2017 Q2

Copyright

V Conference on Application Security and Modern Technologies

Continuously Discover and Eliminate Security Risk in Production Apps

SECURITY TRAINING SECURITY TRAINING

CSWAE Certified Secure Web Application Engineer

Certified Secure Web Application Engineer

Sage Data Security Services Directory

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

Cybersecurity Education Catalog

Training Program Catalog SECURITY INNOVATION

Table of Contents Computer Based Training - Security Awareness - General Staff AWA 007 AWA 008 AWA 009 AWA 010 AWA 012 AWA 013 AWA 014 AWA 015

Automating the Top 20 CIS Critical Security Controls

DXC Security Training

Application. Security. on line training. Academy. by Appsec Labs

PCI Compliance. What is it? Who uses it? Why is it important?

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

Continuous protection to reduce risk and maintain production availability

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

Mobile Malfeasance. Exploring Dangerous Mobile Code. Jason Haddix, Director of Penetration Testing

OPEN WEB APPLICATION SECURITY PROJECT OWASP TOP 10 VULNERABILITIES

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

COMPLETING THE PAYMENT SECURITY PUZZLE

Effective Strategies for Managing Cybersecurity Risks

CYBER RESILIENCE & INCIDENT RESPONSE

Entertaining & Effective Security Awareness Training

W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s

Development*Process*for*Secure* So2ware

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

Incident Response Services

C1: Define Security Requirements

Simplifying Application Security and Compliance with the OWASP Top 10

Security Awareness Training Courses

Department of Management Services REQUEST FOR INFORMATION

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Section 3.9 PCI DSS Information Security Policy Issued: November 2017 Replaces: June 2016

What is Penetration Testing?

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

IoT & SCADA Cyber Security Services

OWASP Top David Caissy OWASP Los Angeles Chapter July 2017

Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches

Atlassian. Atlassian Software Development and Collaboration Tools. Bugcrowd Bounty Program Results. Report created on October 04, 2017.

Secure Development Guide

Web Application Vulnerabilities: OWASP Top 10 Revisited

Securing Your Digital Transformation

Building a Resilient Security Posture for Effective Breach Prevention

Presentation Overview

Security Solutions. Overview. Business Needs

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

The Most Comprehensive Suite of Security Services and Solutions in the Market

What are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards

SECURITY TESTING. Towards a safer web world

The Honest Advantage

Security Awareness, Training and Education Catalog

REGULATORY COMPLIANCE REGULATORY COMPLIANCE SERVICES. Dynamic Solutions. Superior Results.

Introduction F rom a management perspective, application security is a difficult topic. Multiple parties within an organization are involved, as well

Designing and Building a Cybersecurity Program

Sql Injection Attacks And Defense

European Union Agency for Network and Information Security

10 FOCUS AREAS FOR BREACH PREVENTION

Combating Cyber Risk in the Supply Chain

Aguascalientes Local Chapter. Kickoff

Solutions Business Manager Web Application Security Assessment

Managing SaaS risks for cloud customers

IBM Future of Work Forum

External Supplier Control Obligations. Cyber Security

Clearing the Path to PCI DSS Version 2.0 Compliance

Enhancing the Cybersecurity of Federal Information and Assets through CSIP

CA Security Management

Securing Digital Transformation

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Web Application Whitepaper

PCI DSS COMPLIANCE DATA

Incentives for IoT Security. White Paper. May Author: Dr. Cédric LEVY-BENCHETON, CEO

Protect Your Organization from Cyber Attacks

OWASP TOP Release. Andy Willingham June 12, 2018 OWASP Cincinnati

Cyber Security For Business

Defensible and Beyond

CYBERSECURITY MATURITY ASSESSMENT

PCI COMPLIANCE IS NO LONGER OPTIONAL

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Kaspersky Enterprise Cybersecurity. Kaspersky Security Assessment Services. #truecybersecurity

SOLUTION BRIEF Virtual CISO

Cyber Due Diligence: Understanding the New Normal in Corporate Risk

RiskSense Attack Surface Validation for Web Applications

Data Sheet The PCI DSS

Cybersecurity in Higher Ed

Transcription:

Security Communications and Awareness elearning OVERVIEW Recent high-profile incidents underscore the need for security awareness training. In a world where your employees are frequently exposed to sophisticated attacks, users can be the weakest link in the security chain. By training end users, you can help protect your organization from attack. Our engaging courses are designed to help you meet compliance requirements, minimize risks and maximize data security. Educate employees about how to safeguard data and protect company resources Reduce training and awareness costs as you streamline delivery Deliver consistent information to geographically-diverse users on how to identify and avoid risks users to identify and avoid risks Track, document and report on the impact of your program Assist with compliance and regulatory requirements Our elearning Advantage: Optiv s elearning Courses Security Awareness Tier 1: Rapid Awareness Tier 2: CyberBOT Tier 3: Security Awareness Circuit Training (SACT) Compliance Introduction to PCI Credit Card Handling Developer Mobile Security Top 11 OWASP Top 10 Secure Coding Java/NET Web 2.0 Secure Coding Advanced reporting metrics Hosting options Mobile-friendly (html5) Licensing options Client site provisioning and support 24x7x365 Single sign-on Content and site branding Typical elearning Content-focused Efficient for Authors Attendance-driven Knowledge Delivery Fact Testing One-Time Events Incorrect/Correct Feedback Security awareness newsletter (PDF or HTML5) Topic-aligned posters Digital security awareness vignettes Multi-lingual support Optiv s Security Awareness Performance-focused Meaningful to Learners Engagement-driven Authentic Contexts Realisitic Decisions Spaced Practice Real-world Consequences The Security Awareness Assessment Provides a bird s-eye view on the state of the security awareness culture within an organization. The Assessment Evaluate and define existing security awareness landscape and culture Inventory assets and strengths Define gaps and roadblocks Provide guidance and roadmap on implementation Measure the efficacy of existing program with guidance on how to improve

Security Awareness Training Arm your employees with the knowledge and skills to protect your organization. Available Modules Password security Email security Mobile security Social engineering Workplace security Business travel Malicious downloads Social media security Data privacy Identity theft Cloud security Insider threat Cyber security at home DELIVERY DETAILS Optiv-hosted or client-hosted SCORM, Tin Can /xapi and AICCcomplaint database formats Rapid Awareness CyberBOT Security Awareness Circuit Training Micro-learning Informative with basic interactions Fully-responsive Linear path of content delivery Includes video vignette on topic Interactive Linear path to learning End users are taught concepts up-front and then given opportunity to practice what they have learned. Each course touches on multiple topics, with a mix of knowlege-based and behavior-based. Immersive Branched paths of learning based upon user-decisions End users learn by navigating through real-world scenarios and reviewing the consequences of their actions. Organizations that have limits on the amount of time employees can take on training initiatives. End users are viewing content mainly on mobile devices. Organizations that have experienced great success in a traditional, instructor-led style of training solutions. End users that may need more of a traditional approach to navigation. End users that are not used to elearning as a training modality. Organizations looking to disrupt their current training modality with a solution that challenges the end users. End users that are familiar with elearning as a training modality and would be comfortable with navigation that is outside the box. Mixture of Illustrations and Photos Illustrated Photo-real Three multiple choice questions Five questions from a bank of ten Mixture of multiple choice, true/false, and multiple select questions Five questions from a bank of 10 All multiple-select questions (increases difficulty) 5-7 minutes 10-15 Minutes 10-15 Minutes

Compliance: Credit Card Handling Employees who handle customer credit cards on a daily basis are the first stop when it comes to the security of customer data. Educate them on credit card security best practices and why they matter. Course Overview This multi-occupational, interactive security training course will educate employees on credit card security, best practices and why it matters. Course Tracks Call center Table service Quick serve Manager Module Outline Introduction to PII Credit card basics Chip and pin transaction best practices Why security is important Interactive what would you do scenarios (1) Module 20 min DELIVERABLES Improve security effectiveness between employees and customers. Increase retention and influence behavior. Give customers peace of mind their credit card data is safe when conducting business with your organization. Compliance: Introduction to the Payment Card Industry (PCI) Educate employees about what the PCI is, how to interact with its regulations, the penalties for not complying and the types of data they can and cannot store. Course Overview The Introduction to PCI elearning course was created for everyone who interacts with credit or debit card data in mind. This includes everyone from cashiers to traveling sales staff to system administrators. (1) Module 15 min Identity theft Data protection standards Data flow PCI council PCI DSS Classification levels Verifying compliance Card data that can be stored Penalties and fines Costs of a data breach Basic security guidelines

Mobile Security Top 11 In today s mobile environment, there is a drive for developers to quickly and efficiently create mobile applications for a variety of devices. As they develop the next generation of mobile applications, developers must keep security best practices at the forefront. They must know how to secure both the application that will be deployed to the mobile device and the web services that power the app. If either are left insecure, attackers will exploit any weakness they find. This 1.5-hour course covers the important security topics developers need to understand, regardless of development platform or language. (11) Modules 90 min Application error messages Application response handling Authentication and session management Client information leakage Client-side injection Cross-site request forgery Data storage Sensitive information disclosure Transport layer security User account lockout User input caching OWASP Top 10 The Open Web Application Security Project (OWASP) Top 10 document regularly provides the 10 most frequent and dangerous security vulnerabilities organizations deal with every day. This course allows users to explore what each attack is, how each attack works, detailed examples of each attack, remediation steps and best practices that they can easily incorporate into their everyday development and coding work. (11) Module 90 min Introduction Risk #1: Injection Risk #2: Broken authentication and session management Risk #3: Cross-site scripting (XSS) Risk #4: Insecure direct object references Risk #5: Security misconfiguration Risk #6: Sensitive data exposure Risk #7: Missing function level access control Risk #8: Cross-site request forgery (CSRF) Risk #9: Using components with known vulnerabilities Risk #10: Unvalidated redirects and forwards

Secure Coding The Secure Coding section is composed of eight total modules: four are.net and four are Java. Each module covers the same basic information in the first quarter before diving into language-specific content..net input validation.net output encoding.net error handling.net SQL injection defense Java input validation Java output encoding Java error handling Java SQL injection defense (8) Modules 120 min total Web 2.0 Secure Coding The buzzword Web 2.0 has been in the public vocabulary for years. As HTML5 and other new 2.0 technologies become widely implemented and draw closer to maturity, attackers are focusing their attention on finding exploits and attacking Web 2.0 services, technologies and languages. This program teaches developers how to avoid common pitfalls and follow best practices in six courses that total 45 minutes in length. (6) Modules 45 min AJAX / XML / JSON in Web 2.0 Cross-origin resource sharing Local storage Web messaging WebSocket protocol XSS in HTML5 Get in Touch 1125 17th Street, Suite 1700 Denver, CO 80202 800.574.0896 www.optiv.com Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings, extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. Optiv maintains premium partnerships with more than 350 of the leading security technology manufacturers. For more information, visit www.optiv.com or follow us at www.twitter.com/optiv, www.facebook.com/optivinc and www.linkedin.com/company/optiv-inc. 10.17 F4

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback