Security Education

Security Education

  • ISO/IEC 27001 Information Security Management System Introduction/Basic/Head Practitioner/Head Auditor Trainings
  • Applied Malware Analysis Training
  • ISO/IEC 27701 Information Security Management System Introduction/Basic/Head Practitioner/Head Auditor Trainings
  • ISO/IEC 20000 Information Security Management System Introduction/Basic/Head Practitioner/Head Auditor Trainings
  • Network Network
  • Security
  • Cyber Incident Response
  • DevSecOps
  • Secure Software
  • Development Training

Purpose of the Training: Information security awareness training aims to maximize the awareness of individuals and institutions on information security by bringing together current attacks and solutions for both theoretical and daily life practices.

Who Should Attend the Training: All organization employees

Training Duration: 3 hours.

Increased Information Security Awareness:
Increased awareness of information security across all employees. This allows dealing with vulnerabilities and risks more effectively.

Ensuring Security Compliance:
Compliance with GDPR and adherence to security policies. This enables the company to comply with legal requirements and avoid potential penalties.

Stronger Security Culture:
Strengthening the corporate security culture and increasing employee responsibility for security. This contributes to the sustainable development of safety awareness.

Risk Mitigation:
Increased ability to deal with security threats and risks. This helps the company to protect its reputation, strengthen customer confidence and ensure business continuity.

Human Resources and Operational Benefits:
Preventing staff losses and operational disruptions. Aware employees can better react to security threats and identify potential problems faster.

Customer Trust and Competitive Advantage:
Increase trust with customers, suppliers and business partners. A company that focuses on information security and GDPR compliance can gain a competitive advantage.

ISO IEC EDUCATİON

  • Introduction to information security
  • Introduction of ISO 27001
  • Information Security
  • Management System standard
  • Introduction to auditing,
  • Typical audit activities
  • Audit terms, Audit types
  • Overview of process control and ISO 19011:2002
  • Planning and managing the audit program
  • Audit activities
  • Purpose, process and program of internal audit
  • Operation of the internal audit program
  • Certification audit
  • Types of non-conformity
  • Informing about the audit process
  • Initiation of ISO 27001 internal audit
  • Qualifications and competencies required for ISO 27001 internal auditors
  • Document review
  • Preparation of working documents
  • Realization of field activities
  • Opening meeting
  • Gathering and verifying audit information
  • Audit techniques
  • Interview and audit techniques work
  • Preparation of audit results
  • Creation of audit findings
  • Writing the audit report
  • Sample Case Studies
  • Closing meeting
  • Audit follow-up
  • Examples from Daily Life
  • Information Concept and its relationship with Information Security
  • What is information security?
  • Basic components of information security
  • Introduction to the information security management system
  • Relationship between ISO 27001 and 27002 Standards
  • Management System Cycle PUKO
  • Establishment of ISMS (Plan)
  • Realization and operation of ISMS (Implement)
  • Monitoring and review of ISMS (Check)
  • Ensuring the continuity and improvement of ISMS (Take precautions)
  • Context of the Organization
  • Leadership
  • Management responsibilities
  • ISMS Internal Audits
  • ISMS management review
  • Continuous improvement
  • Corrective actions
  • ISMS critical success factors
  • Security Policy
  • Information Security
  • Organization
  • Asset Management
  • Risk and Opportunity Analysis
  • Human Resources Security (Person controls)
  • Physical and Environmental Security (Physical controls)
  • Communication and
  • Operational Security (Technological controls)
  • Access Control
  • System Development and Maintenance
  • Information Security Incident
  • Management
  • Business Continuity Management
  • Compatibility
  • Information about ISO/IEC 27001 certification audit
  • Annex-A
  • Sample Case Studies
  • Reporting
  • Examination
  • Certification
  • Examples from Daily Life

Secure Software Development Training

  1. Software Security Principles
  2. Defining the Minimum
  3. Authorization Needed
  4. Controlling All Access
  5. Separation of Powers
  6. Securing Default Values
  7. Accessing Commonly
  8. Accessed Resources through
  9. Different Channels
  10. Identifying and Strengthening
  11. the Weakest Link
  12. Reducing Attack Surface Area
  13. Creating Defense Depth
  14. Designing a Simple,
  15. Understandable and Easy to
  16. Use Security Mechanism
    • Heuristic and Simulation Based Methods Formal Methods Methods
    • Ensure Software Working Environment Security Analysis Methods
    • Multiple Tools Other Methods
    • Ensure Software Security
    1. Defining Software Security
    2. Requirements Security
    3. Design and Architecture Secure
    4. Coding Secure
    5. Installation Security Analysis and Tests
  1. Source Code Analysis Testing
  2. Tools Penetration Testing Tools
  3. Random (Fuzz) Testing Tools
    1. Microsoft SDL (Secure Development Lifecycle)
    2. OWASP SAMM (Software Assurance Maturity Model)
    3. OWASP Mobile Application Security Authentication
    4. Standard Information and Communication Security Guide Translate
  • Microsoft SDL (Secure Development Lifecycle)
  • OWASP SAMM (Software Assurance Maturity Model)
  • OWASP Mobile Application
  • Security Authentication
  • Standard Information and
  • Communication Security Guide Introduction to information security
  • Introduction of ISO 27001 I
  • Information Security
  • Management System standard Introduction to auditing,
  • Typical audit activities Audit terms, Audit types Overview of process control and ISO
  • 19011:2002 Planning and managing the audit program
  • Audit activities Purpose, process and program of internal audit
  • Operation of the internal audit program
  • Certification audit Types of nonconformities
  • Information about the audit process
  • Starting an ISO 27001 internal audit
  • Features and competencies required in ISO 27001 internal auditors
  • Document review Preparation of working documents
  • Carrying out field activities opening meeting
  • Collection and verification of audit information Audit techniques Interview and supervision techniques study
  • Preparation of audit results
  • Creation of audit findings
  • Writing the audit report Case
  • Studies Closing meeting
  • Conducting audit follow-up
  • Examples from Daily Life
  • Introduction to information security Introduction of ISO 27001
  • Information Security Management System standard
  • Introduction to auditing,
  • Typical audit activities
  • Audit terms, Audit types Overview of process control and ISO 19011:2002
  • Planning and managing the audit program
  • Audit activities Purpose, process and program of internal audit
  • Operation of the internal audit program
  • Certification audit Types of nonconformities Information about the audit process
  • Starting an ISO 27001 internal audit
  • Features and competencies required in ISO 27001 internal auditors
  • Document review Preparation of working documents
  • Carrying out field activities opening meeting Collection and verification of audit information
  • Audit techniques Interview and supervision techniques study
  • Preparation of audit results
  • Creation of audit findings
  • Writing the audit report
  • Case Studies
  • Closing meeting
  • Conducting audit follow-up
  • Examples from Daily Life 

Applied Malware Analysis Training

  • Introduction to information security
  • Introduction of ISO 27001
  • Information Security
  • Management System standard
  • Introduction to auditing,
  • Typical audit activities Audit terms, Audit types
  • Overview of process control and ISO 19011:2002 Planning and managing the audit program Audit activities
  • Purpose, process and program of internal audit
  • Operation of the internal audit program
  • Certification audit Types of nonconformities
  • Information about the audit process
  • Starting an ISO 27001 internal audit
  • Features and competencies required in ISO 27001 internal auditors
  • Document review
  • Preparation of working documents
  • Carrying out field activities opening meeting
  • Collection and verification of audit information
  • Audit techniques Interview and supervision techniques study
  • Preparation of audit results
  • Creation of audit findings
  • Writing the audit report Case
  • Studies Closing meeting
  • Conducting audit follow-up
  • Examples from Daily Life