Cyber Security Training

With a proven track record for providing security consultancy for businesses around the world, we offer a wide range of services that help organisations build robust cyber security strategies, including a full programme of cyber security training.

 

According to ISACA’s 2015 Global Cyber Security Report, 86% of their members believe that skilled cyber security professionals are difficult to come by, with 54% agreeing that it is difficult to identify who has an adequate level of skills and knowledge for a cyber security position. The global survey also found that 86% of respondents see a global cyber security skills gap.

We believe that increasing awareness and building the cyber skillset should start from inside your organisation. Our range of security courses are designed to help you see things from an attacker's point of view and better understand how to secure your networks and applications.

 

 

Cyber Forensics First Responder Training

 

Security breaches are a day to day occurrence and the majority of organisations do not have the internal skills to deal with them.

Join our exclusive one-day intensive Cyber Forensics First Responder Training course to ensure that you and your staff have the knowledge to correctly secure evidence sources should the worst happen.

NCC Group's Forensics Training is complementary to many of your organisation's existing information security activities and can form an integral part of your information security training programme.

NCC Group has one of the most experienced forensics teams in the UK, with Government security cleared consultants who have advised law enforcement on many aspects of evidence retrieval and preservation.

 

Course Overview

  • Key insights into forensics forward planning
  • Ability to demonstrate due diligence & good corporate governance
  • Enhancement of first responder skills in relation to evidence handling & collection
  • Helps in reducing the cost of litigation
  • Prepares key staff in the event that digital evidence needs to be produced

 

Agenda

  • Regulatory overview
  • Evidence handling
  • Collection guidelines
  • Hands-on training for imaging & evidence collection

A set of open source tools will be provided. 

 

Pricing

We offer in-house and public courses. Prices are available on request.

 

Get in Touch   Course Details

 

 

 

Hacking and Securing Web Applications

 

Hacking and Securing Web Applications is a three-day course aimed at software developerssoftware architects,security consultants and quality assurance engineers who want to understand how attackers uncover and exploit vulnerabilities in web applications, and what can be done by developers to
prevent it.

The course covers the methodology to assess the security of a web application and gives detailed guidance on secure development, relating to both the design and implementation of web applications.

 

Course Overview

  • Breaking and building robust authentication and authorisation mechanisms and session management routines
  • Uncovering and exploiting SQL injection, filter bypasses, query chaining and blind exploitation
  • Guidance on how to interact securely with database management systems (DBMS)
  • Bypassing client-side controls, and reverse engineering JavaScript and thick client components
  • Detecting and exploiting cross-site scripting to log keystrokes, port scan the victim’s computer and network and execute custom payloads
  • Avoiding cross-site scripting and other client-side flaws.
  • Validating user input effectively
  • Uncovering business logic flaws with dynamic analysis and static code analysis and good practice techniques to address these

The course is a mix of presentations and hands-on labs sessions where you can practice and experience how application vulnerabilities are detected and exploited by attackers and how applications can successfully defend against these attacks.

The course is run over three consecutive days, but a shortened version over two days can also be offered.

 

Agenda

  • Day 1 Introduction to web app security, environment setup, application mapping, use of automation, client-side controls
  • Day 2 Authentication, session management, access controls, injection flaws (SQL injection, command injection, code injection, SMTP injection, XML injection, etc.)
  • Day 3 Business logic flaws, client-side vulnerabilities, file system interaction, handling bad input and web application vulnerability scanners review

 

Pricing

We offer in-house and public courses. Prices are available on request.

 

Get in Touch   Course Details

 

 

Processor, OS and Compiler Foundations

 

Processor, OS and Compiler Foundations is a two-day course aimed at consultantscode reviewersreverse engineers and exploit developers who want to understand how native programs work and assess their security without access to source code.

The course covers methodologies to understand native code from both a static analysis perspective using disassemblers and a dynamic perspective using debuggers. It also covers some common classes of security vulnerability and methods to detect them.

 

Course Overview

  • Introduction to x86 assembly language
  • Compiling a simple program, disassembling it and running it under a debugger
  • Introduction to debugging techniques and the various tools available
  • Using a debugger to solve a series of “crackme”-style challenges
  • Introduction to reverse engineering using IDA
  • Using a disassembler to understand a series of “reverseme”-style challenges
  • Understanding common coding errors in C
  • Combining the tools and techniques to perform a black-box vulnerability assessment

The course is a mixture of presentations and hands-on lab sessions where you can practice debugging and reverse engineering.

The course is run over two days but the second day covering the black-box assessment can be omitted when the course is used as an introduction to the Exploit Development course.

 

Agenda

  • Day 1 Introduction to x86, debugging techniques and labs, reverse engineering techniques and labs.
  • Day 2 Common C coding errors, deep C, black-box product assessment.

 

Pricing

We offer in-house and public courses. Prices are available on request.

 

Get in Touch   Course Details

 

 

 

Exploit Development

 

Exploit Development is a three-day course aimed at consultantscode reviewers, reverse engineers andexploit developers who want to understand how vulnerabilities in native code can be exploited.

The course covers exploitation from simple stack overflows to type confusion bugs in C++ code using a variety of techniques including return oriented programming and engineering read/ write primitives.

 

Course Overview

  • Exploiting stack overflows
  • History of exploit mitigations including stack cookies, SafeSEH, DEP and ASLR and common techniques to bypass them
  • Return oriented programming (ROP)
  • Writing custom payloads/shellcode and encoding them to get around filters
  • Exploiting C++ vulnerabilities by building read and write primitives

The course is a mixture of presentations and hands-on lab sessions where you can practice developing a variety of exploits.
The course is run over three days but the second day covering payload development can be omitted if desired.

 

Agenda

  • Day 1 Stack overflows, writing a simple exploit, mitigations, return oriented programming, developing a ROP exploit.
  • Day 2 Developing payloads and shellcode, common filters, writing filtered exploits.
  • Day 3 C++ internals, exploiting vtable overwrites, type confusion (casting bugs and use-after-free), exploiting type confusion bugs.

 

Pricing

We offer in-house and public courses. Prices are available on request.

 

Get in Touch   Course Details

 

 

 

Security in Software Development Lifecycle

 

This two-day course is aimed at senior software developers and QA engineerssoftware architectstechnical project/product/program managersbusiness analysts and team leaders who want to understand how to satisfy the expectations around security and privacy for software and hardware over which they have responsibility or liability.

The course covers the methodology to assess the existing software development lifecycle from security point of view and to build improvements roadmap that suits a particular organisation. It gives a detailed overview of known maturity models and available security related activities across all the stages of SDLC.

 

Course Overview

  • SDLC place in organisation security program
  • Maturity models
  • Types of SDLC: waterfall, agile, lean etc.
  • Stages of SDLC: requirements gathering, architecture and design, development, testing/validation, release/maintenance
    • Detailed coverage of security activities suitable for each stage
  • Software-centric threat modelling
    • Analysing and decomposing the application
    • Applying STRIDE to identify potential threats
    • DREAD and other methods of prioritisation
    • Determining countermeasures and mitigations

The course is a mix of presentations and hands-on exercises on threat modelling, where you can practice building threat models for a variety of software architectures and learn how design-level security mistakes can be spotted using the STRIDE approach.

 

Agenda

  • Day 1 Introduction to SDLC, maturity models, building improvements roadmap for your organisation.
  • Day 2 Threat modelling theory and exercises.

 

Pricing

We offer in-house and public courses. Prices are available on request.

 

Get in Touch   Course Details

 

 

 

Automotive Cyber Security Training (J3061)

 

J3061 is the “Cyber Security Guidebook for Cyber-Physical Vehicle Systems”. It has been produced by the VESSC (Vehicle Electrical System Security Committee) at the SAE (Society of Automotive Engineers) and has been widely reported as “the world’s first standard on automotive cybersecurity”.

It includes:

  • A framework for a lifecycle process to incorporate cyber security into automotive cyber-physical systems.
  • Information on common tools and methods used when designing and validating cyber-physical automotive systems.
  • Basic guiding principles on cyber security for automotive systems.
  • The foundation for further standards development activities in vehicle cyber security.

 

Course Overview

The objective of the J3061 course is to provide an overview of Automotive Cyber Security in order for the attendees to gain an understanding of each of the guiding principles with a deep dive into initial and critical elements within.

NCC Group has been advocating the use of a Secure Development Lifecycle within the Automotive sector for several years now – one of the key recommendations within J3061. This training course clearly explains how J3061 can be integrated into your current development practices and how it aligns to the ASDL (Automotive Secure Development Lifecycle).

 

Who should attend?

  • Product managers
  • System designers and architects
  • Engineers (hardware, software, infrastructure)
  • Information security professionals
  • Safety managers
  • Operations managers

 

Pricing

We offer in-house and public courses. Prices are available upon request.

 

Get in Touch   Course Details

 

 

 

Secure Coding in C and C++

 

This four-day course provides a detailed explanation of common programming errors in C and C++ and describes how these errors can lead to code that is vulnerable to exploitation. The course concentrates on security issues intrinsic to the C and C++ programming languages and associated libraries. The intent is for this course to be useful to anyone involved in developing secure C and C++ programs regardless of the specific application.

Participants should come away from the course with a working knowledge of common programming errors that lead to software vulnerabilities, how these errors can be exploited, and effective mitigation strategies for preventing the introduction of these errors. 



Course Overview

  • Improve the overall security of any C or C++ application
  • Thwart buffer overflows and stack-smashing attacks that exploit insecure string manipulation logic
  • Avoid vulnerabilities and security flaws resulting from the incorrect use of dynamic memory management functions
  • Eliminate integer-related problems: integer overflows, sign errors, and truncation errors
  • Correctly use formatted output functions without introducing format-string vulnerabilities
  • Avoid I/O vulnerabilities, including race conditions

Moreover, the course encourages programmers to adopt security best practices and develop a security mindset that can help protect software from tomorrow’s attacks, not just today’s.

This courseware has been designed by Robert C. Seacord, a renowned computer scientist and author, known as the “father of secure coding.” Robert is a Principal Security Consultant with NCC Group where he works with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before they are deployed.

 

Pricing

We offer in-house and public courses. Prices are available upon request.

 

Get in Touch      Course Details

 

 

 

Secure Coding in Java

 

The two-day instructor-led Secure Coding for Java course provides developers with practical guidance for developing Java programs that are robust and secure. Material in this presentation was derived from the Addison-Wesley book The CERT Oracle Secure Coding Standard for Java and is supported by the Secure Coding Rules for Java LiveLessons videos.

Participants should come away from the course with a working knowledge of common programming errors that lead to software vulnerabilities, how these errors can be exploited, and effective mitigation strategies for preventing the introduction of these errors.

 

Course Overview

  • Explain the need for secure coding
  • Follow fundamental secure coding guidelines
  • Validate and sanitize data
  • Explain the Java Security Model
  • Predict how the numerical types behave in Java
  • Avoid pitfalls in the use of characters and strings
  • Securely process input and output

Moreover, the course encourages programmers to adopt security best practices and develop a security mindset that can help protect software from tomorrow’s attacks, not just today’s.

This courseware has been designed by Robert C. Seacord, a renowned computer scientist and author, known as the “father of secure coding.” Robert is a Principal Security Consultant with NCC Group where he works with software developers and software development organizations to eliminate vulnerabilities resulting from coding errors before they are deployed.

 

Pricing

We offer in-house and public courses. Prices are available upon request.

 

Get in Touch      Course Details

 

 

 

Cryptography Services Training

 

Course Overview

This training is focused on drawing out the foundations of cryptographic vulnerabilities. These topics are timeless, and when the last application using ECB or CBC mode has upgraded - they’ll be the foundations of the next evolution of impactful and popular cryptographic vulnerabilities. We’ll talk about attacks in the past that took advantage of cryptographic vulnerabilities. Additionally, we’ll look at how algorithms and protocols have evolved over time to address these concerns, what they look like now, and where they are found in respect to the most popular bugs today. The other major areas we hit are cryptographic exploitation primitives such as chosen block boundaries, and more protocol-related topics, such as how to understand and trace authentication in complex protocols

This course is targeted at students who have a strong interest in cryptography and some measure of cryptographic understanding (such as the difference between symmetric and asymmetric crypto). The ideal student has investigated one or more recent cryptographic attacks deeply enough to be able to explain it, but has not sat down and read PKCS or NIST standards describing algorithm implementation. No explicit understanding of statistics or high-level math is required, as the focus is on the underlying causes of the vulnerabilities. Some small experience of programming is recommended.

 

Pricing

We offer in-house and public courses. Prices are available upon request.

 

Get in Touch