Training

BugSec supplies a variety of training programs in the more central areas of information security. Two levels of training are provided, to meet the trainees' level of professionalism and the customer's demands:



  • Basic training for beginners

  • More advanced programs for more skilled and experienced trainees.

  • Courses offered by BugSec are detailed below.

Secure Writing


The Secure Writing course is mainly intended for organizations' developers and programmers. It places emphasis on providing them with tools and capabilities for secure writing in Web and Client/Server applications. During the course of the training, errors and central security issues in the code are taught, as well as ways of avoiding them in the initial stages of writing.


A programmer who is knowledgeable in secure writing will save the organization a considerable amount of money and resources by eliminating or reducing the need for security tests and the repair of deficiencies revealed in those tests. Repairs often take extended period of time to complete, and, generally cost more than ten times as much as secure development from the onset.


The training is provided in the various development languages, such as VB, C++, ASP.NET, ASP, Java and more. Hands-on training in code writing is included within the framework of the training. Exposure resulting from deficient writing is also covered; as well as the provision of possible solutions aimed at preventing the problems to begin with.
To view the Secure Writing course syllabus, click here.


Hardenings


The Hardening course is mainly intended for organizations' information security and infrastructure personnel. It teachers how to attain the maximum features and benefits from the information security and infrastructure products that the organization had purchased; it also teaches about all the features existing in the product and how to define them in a secure manner.


Trainees also receive an instruction manual written by BugSec, which is intended to provide them with knowledge concerning the order of actions to be performed in order to achieve proper and secure hardenings.
To view the Hardenings course syllabus, click here.


Information Security Tests


The Information security Tests course is mainly intended for organizations' QA personnel. It provides them with significant added value and enhances their capabilities in performing quality assurance checks that also incorporate security exposure tests to detect existing security problems in the application.


The course covers central security exposures and the ways of exploiting them. Trainees are also taught how to conduct penetration tests on the application while making the most of the knowledge they have gained about the exploitation of exposures and about attacks.



To view the Information security Tests course syllabus, click here.