Information security training
When you want to ensure comprehensive organisational information security, it is a good idea to account for the information security know-how of your personnel. According to statistics, the target organisation’s personnel has been exploited in over 50% of attacks.
Training for software developers
The objective of the training is to improve the information security know-how of software developers, enabling an elevated level of information security for applications. After the training, software developers will know how to account for information security in the different stages of software development, being able to, for example, better identify vulnerabilities and prevent them.
The training is mostly hands-on, allowing the participants to hack the training systems. The most common topics used when customising a package for the client include:
Training Topics
01
Reviewing the most common / serious vulnerabilities on a pseudocode level (OWASP Top 10) Specifying and planning information security requirements. Information security during development. Information security maintenance.
02
Principles of secure programming. Layered security. Configuring web-environments in a secure manner.
03
By blackbox testing. At source code level. Configuring web-environments in a secure manner.
04
The participants get to identify vulnerabilities by means taught during the course and under the guidance of a 2NS expert trainer.
The trainers are 2NS application information security experts and ethical hackers (CISSP, CISA, CISM, CRISC) with strong practical experience in supporting software development, carrying out information security testing on software, modelling threats, and doing information security specifications. The trainers are also members of the 2NS vulnerability research team, which has published vulnerability notifications concerning for example IBM, F-Secure, HP, Oracle, and SAP systems.
Did you not find what you were looking for? We have arranged more than 100 precision training programmes for software developers. We believe that we will be able to help you with your training needs too. Get in touch and we’ll figure out your training together!
Personnel information security training
When you want to ensure comprehensive organisational information security, it is a good idea to account for the information security know-how of your personnel. According to statistics, the target organisation’s personnel has been exploited in over 50% of attacks. A sufficient level of information security awareness by your personnel ensures that digital properties are used appropriately and safely and that applications are developed securely.
REFERENCES
READ ALL
CSC
“I highly recommend 2NS for both individual technical cybersecurity training projects and for more comprehensive cybersecurity partnerships.”
Urpo Kaila , Information security manager – CSC
CableCrew Oy
”The collaboration went so well that from now on, we will use 2NS for our annual audits. Cybersecurity is extremely important to CableCrew because we operate in critical infrastructure. Communication was straightforward, and availability was excellent even outside business hours when needed. All questions were answered by the next day at the latest. Schedules were also communicated in real time.”
Satu-Maria Ravelin, HESQ Director – CableCrew Oy
Kehätieto Oy
“Our collaboration with 2NS has proceeded very smoothly. We have received the support we needed from them for both staff training and security testing of our products. We trust 2NS’s specialized expertise in cybersecurity matters.”
Juhani Ruohotie, Team Leader – Kehätieto Oy