Security Communications and Awareness

Similar documents
Security Communications and Awareness

Security Monitoring. Managed Vulnerability Services. Managed Endpoint Protection. Platform. Platform Managed Endpoint Detection and Response

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

TRAINING CURRICULUM 2017 Q2

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

"Charting the Course to Your Success!" Securing.Net Web Applications Lifecycle Course Summary

V Conference on Application Security and Modern Technologies

Students should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Copyright

90% of data breaches are caused by software vulnerabilities.

Cybersecurity Education Catalog

OWASP Top 10 The Ten Most Critical Web Application Security Risks

Training Program Catalog SECURITY INNOVATION

Application. Security. on line training. Academy. by Appsec Labs

Continuously Discover and Eliminate Security Risk in Production Apps

SECURITY TRAINING SECURITY TRAINING

Table of Contents Computer Based Training - Security Awareness - General Staff AWA 007 AWA 008 AWA 009 AWA 010 AWA 012 AWA 013 AWA 014 AWA 015

PCI Compliance. What is it? Who uses it? Why is it important?

C1: Define Security Requirements

Students should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:

CSWAE Certified Secure Web Application Engineer

COMPLETING THE PAYMENT SECURITY PUZZLE

Simplifying Application Security and Compliance with the OWASP Top 10

Introduction F rom a management perspective, application security is a difficult topic. Multiple parties within an organization are involved, as well

Security Awareness, Training and Education Catalog

OPEN WEB APPLICATION SECURITY PROJECT OWASP TOP 10 VULNERABILITIES

Certified Secure Web Application Engineer

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

W e b A p p l i c a t i o n S e c u r i t y : T h e D e v i l i s i n t h e D e t a i l s

Secure Development Guide

LTI Security Services. Intelligent & integrated Approach to Cyber & Digital Security

DXC Security Training

OWASP TOP Release. Andy Willingham June 12, 2018 OWASP Cincinnati

OWASP Top David Caissy OWASP Los Angeles Chapter July 2017

Web Application Vulnerabilities: OWASP Top 10 Revisited

What are PCI DSS? PCI DSS = Payment Card Industry Data Security Standards

Mobile Malfeasance. Exploring Dangerous Mobile Code. Jason Haddix, Director of Penetration Testing

Sage Data Security Services Directory

Section 3.9 PCI DSS Information Security Policy Issued: November 2017 Replaces: June 2016

PCI COMPLIANCE IS NO LONGER OPTIONAL

Kaspersky Enterprise Cybersecurity. Kaspersky Security Assessment Services. #truecybersecurity

Effective Strategies for Managing Cybersecurity Risks

Automating the Top 20 CIS Critical Security Controls

Atlassian. Atlassian Software Development and Collaboration Tools. Bugcrowd Bounty Program Results. Report created on October 04, 2017.

Copyright

What is Penetration Testing?

Mitigating Security Breaches in Retail Applications WHITE PAPER

SAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts

Improving Security in the Application Development Life-cycle

Today s Security Threats: Emerging Issues Keeping CFOs Up at Night Understanding & Protecting Against Information Security Breaches

REGULATORY COMPLIANCE REGULATORY COMPLIANCE SERVICES. Dynamic Solutions. Superior Results.

Entertaining & Effective Security Awareness Training

Meeting PCI DSS 3.2 Compliance with RiskSense Solutions

Managing SaaS risks for cloud customers

Vulnerability Assessments and Penetration Testing

Presentation Overview

SECURITY TESTING. Towards a safer web world

Aguascalientes Local Chapter. Kickoff

PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing

Web Application Whitepaper

Florida Government Finance Officers Association. Staying Secure when Transforming to a Digital Government

Continuous protection to reduce risk and maintain production availability

Incident Response Services

Application Security. Doug Ashbaugh CISSP, CISA, CSSLP. Solving the Software Quality Puzzle

Security Solutions. Overview. Business Needs

Security Awareness Training Courses

Development*Process*for*Secure* So2ware

PCI DSS Compliance. Verba SOLUTION GUIDE. Introduction. Verba and the Payment Card Industry Data Security Standard

CA Security Management

Managed Application Security trends and best practices in application security

Web Application Security. Philippe Bogaerts

Validated P2PE for Reduced Compliance Scope, More Peace-of-Mind

IBM Future of Work Forum

Application Security Approach

Cybersecurity Auditing in an Unsecure World

DATA SHEET RISK & CYBERSECURITY PRACTICE EMPOWERING CUSTOMERS TO TAKE COMMAND OF THEIR EVOLVING RISK & CYBERSECURITY POSTURE

The Honest Advantage

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

Service. Sentry Cyber Security Gain protection against sophisticated and persistent security threats through our layered cyber defense solution

RiskSense Attack Surface Validation for Web Applications

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any

Web Applications Penetration Testing

Solutions Business Manager Web Application Security Assessment

Combating Cyber Risk in the Supply Chain

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Securing Your Web Application against security vulnerabilities. Alvin Wong, Brand Manager IBM Rational Software

Securing Your Digital Transformation

VULNERABILITIES IN 2017 CODE ANALYSIS WEB APPLICATION AUTOMATED

Six Weeks to Security Operations The AMP Story. Mike Byrne Cyber Security AMP

OWASP Review. Amherst Security Group June 14, 2017 Robert Hurlbut.

EXECUTIVE REPORT ADOBE SYSTEMS, INC. COLDFUSION SECURITY ASSESSMENT

IEEE Sec Dev Conference

SOLUTION BRIEF esentire Risk Advisory and Managed Prevention (RAMP)

Best Practices in Securing a Multicloud World

Commerce PCI: A Four-Letter Word of E-Commerce

Defensible and Beyond

THREAT MODELING IN SOCIAL NETWORKS. Molulaqhooa Maoyi Rotondwa Ratshidaho Sanele Macanda

mhealth SECURITY: STATS AND SOLUTIONS

Transcription:

Security Communications and Awareness elearning OVERVIEW Recent high-profile incidents underscore the need for security awareness training. In a world where your employees are frequently exposed to sophisticated attacks, users can be the weakest link in the security chain. By training end users, you can help protect your organization from attack. Our engaging courses are designed to help you meet compliance requirements, minimize risks and maximize data security. Educate employees about how to safeguard data and protect company resources Reduce training and awareness costs as you streamline delivery Train users to identify and avoid risks Improve the effectiveness of training employees Track, document and report on the impact of your program Assist with compliance and regulatory requirements Optiv s elearning Courses Security Awareness Tier 1: CyberBOT Tier 2: Security Awareness Circuit Training Compliance Credit Card Handling Introduction to PCI Developer Mobile Security Top 10 OWASP Top 10 Secure Coding Java/NET Our elearning Advantage: Web 2.0 Secure Coding Advanced reporting metrics Hosting options Mobile-friendly (html5) Licensing options Client site provisioning and support 24x7x365 Single sign-on Content and site branding Content modifications Security awareness newsletter Topic-aligned posters Custom content creation Digital security awareness vignettes Multi-lingual support CUSTOM CONTENT Our instructional designers and subject matter experts deliver custom courses by crafting content that fits your organization s program, policies, standards and business needs.

CyberBOT and Security Awareness Circuit Training Give your employees the training they need to protect your company. Optiv s Security Awareness education solution is a Gartner-recognized, next-generation elearning platform. CyberBOT s interactive, gamified approach and SACT s immersive, real-world scenario approach engage users and drive positive behavior change. DELIVERY DETAILS Optiv hosted or client hosted SCORM, Tin Can and AICC-complaint database formats Passwords Email security Mobile security Social engineering Workplace security Business travel Malicious downloads Social media security Data privacy Identity theft Cloud security Insider threat Information protection Cyber security at home 13 interactive missions that are 15 minutes or less in duration Each course addresses four main learning objectives Instructional Design Approach Targeted Audience Security Awareness Circuit Training Immersive Branched paths of learning based upon user-decisions End users learn by navigating through real-world scenarios and reviewing the consequences of their actions. Organizations looking to disrupt their current training modality with a solution that challenges the end users. End users that are familiar with elearning as a training modality and would be comfortable with navigation that is outside the box. CyberBOT Interactive Linear path to learning End users are taught concepts up-front and then given opportunity to practice what they have learned. Each course touches on multiple topics, with a mix of knowlege-based and behavior-based. Organizations that have experienced great success in a traditional, instructorled style of training solutions. End users that may need more of a traditional approach to navigation. End users that are not used to elearning as a training modality. Imagery Photo-real Illustrated Assessment Style Five questions from a bank of 10 All multiple-select questions (increases difficulty) Five questions from a bank of ten Mixture of multiple choice, true/false, and multiple select questions Length of Courses 10-15 Minutes 10-15 Minutes

Compliance: Credit Card Handling Employees who handle customer credit cards on a daily basis are the first stop when it comes to the security of customer data. Educate them on credit card security best practices and why they matter. This multi-occupational, interactive security training course will educate employees on credit card security, best practices and why it matters. Course Tracks Call center Table service Quick serve Manager Introduction to pii Credit card basics Chip and pin transaction best practices Why security is important Interactive what would you do scenarios (1) Module 20 min DELIVERABLES Improve security effectiveness between employees and customers. Increase retention and influence behavior. Give customers peace of mind their credit card data is safe when conducting business with your organization. Compliance: Introduction to the Payment Card Industry (PCI) Educate employees about what PCI is, how to interact with its regulations, the penalties for not complying and the types of data they can and cannot store. The Introduction to PCI elearning course was created with everyone who interacts with credit or debit card data in mind. This includes everyone from cashiers to traveling sales staff to system administrators. (1) Module 15 min Identity theft Data protection standards Data flow PCI council PCI DSS Classification levels Verifying compliance Card data that can be stored Penalties and fines Costs of a data breach Basic security guidelines

Mobile Security Top 11 In today s mobile environment, there is a drive for developers to quickly and efficiently create mobile applications for a variety of devices. As they develop the next generation of mobile applications, developers must keep security best practices at the forefront. They must know how to secure both the application that will be deployed to the mobile device and the web services that power the app. If either are left insecure, attackers will exploit any weakness they find. This 1.5-hour course covers the important security topics developers need to understand, regardless of development platform or language. (11) Module 90 min Application error messages Application response handling Authentication and session management Client information leakage Client-side injection Cross-site request forgery Data storage Sensitive information disclosure Transport layer security User account lockout User input caching OWASP Top 10 The Open Web Application Security Project (OWASP) Top 10 document regularly provides the 10 most frequent and dangerous security vulnerabilities organizations deal with every day. This course allows users to explore what each attack is, how each attack works, detailed examples of each attack, remediation steps and best practices that they can easily incorporate into their everyday development and coding work. (11) Module 90 min Introduction Risk #1: Injection Risk #2: Broken authentication and session management Risk #3: Cross-site scripting (xss) Risk #4: Insecure direct object references Risk #5: Security misconfiguration Risk #6: Sensitive data exposure Risk #7: Missing function level access control Risk #8: Cross-site request forgery (csrf) Risk #9: Using components with known vulnerabilities Risk #10: Unvalidated redirects and forwards

Secure Coding The Secure Coding section is composed of eight total modules: four are.net and four are Java. Each module covers the same basic information in the first quarter before diving into language-specific content..net input validation.net output encoding.net error handling.net SQL injection defense Java input validation Java output encoding Java error handling Java SQL injection defense (8) Modules 120 min total Web 2.0 Secure Coding The buzzword Web 2.0 has been in the public vocabulary for years. As HTML5 and other new 2.0 technologies become widely implemented and draw closer to maturity, attackers are focusing their attention on finding exploits and attacking Web 2.0 services, technologies and languages. This program teaches developers how to avoid common pitfalls and follow best practices in six courses that total 45 minutes in length. (6) Modules 45 min AJAX / XML / JSON in Web 2.0 Cross-origin resource sharing Local storage Web messaging WebSocket protocol XSS in HTML5 1125 17th Street, Suite 1700 Denver, CO 80202 800.574.0896 www.optiv.com Optiv is a market-leading provider of end-to-end cyber security solutions. We help clients plan, build and run successful cyber security programs that achieve business objectives through our depth and breadth of cyber security offerings, extensive capabilities and proven expertise in cyber security strategy, managed security services, incident response, risk and compliance, security consulting, training and support, integration and architecture services, and security technology. Optiv maintains premium partnerships with more than 350 of the leading security technology manufacturers. For more information, visit www.optiv.com or follow us at www.twitter.com/optiv, www.facebook.com/optivinc and www.linkedin.com/company/optiv-inc. 6.17 F2

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback