Every organisation has its own particular network configuration, and its own set of security concerns.
NGS Consultants have provided training to some of the world’s most-security conscious organisations (so security-minded we’re not even allowed to mention who they are!), along with software companies, government departments, and many private companies.
NGS can provide training to suit your requirements – from general courses for IT department staff on how to deal with current security issues, to highly specialised one-to-one training for key personnel in defence against the most sophisticated attackers.
NGS training can be delivered at your premises, or at
our high-security centre in Surrey.
Web Application (In)Security
This is a cutting-edge, hands-on course aimed at hackers who want to exploit web applications, and developers who want to know how to defend them.
The course is presented by the authors of the critically-acclaimed Web Application Hacker's Handbook, and covers the entire process of hacking a web application, from initial mapping and analysis, probing for common vulnerabilities, through to advanced exploitation techniques.
This year, the course contains more than 300 brand new lab examples, containing virtually every vulnerability that has ever been found in web applications. Even the most capable hackers will be challenged and find plenty to take away.
The course also demonstrates the very latest hacking techniques developed over the past year, highlights include:
- Exploiting SQL injection using second-order attacks, filter bypasses, query chaining and fully blind exploitation
- Breaking authentication and access control mechanisms
- Reverse engineering Java, Flash and Silverlight to bypass client-side controls
- Exploiting cross-site scripting to log keystrokes, port scan the victim's computer and network, and execute custom payloads
- Exploiting LDAP, XPath and command injection; and uncovering common logic flaws found in web applications.
Advanced Database Security Assessment
Computer networks are built to support business functionality and the
key component of a network is data. The data important to your business
needs organisation, maintenance and above all protection from malicious
attackers.
The modern corporate enterprise contains database solutions
for data such as client credit card numbers, customer names and
addresses, even the entire employee pay roll. Ensuring that this data
can't get into the hands of unauthorised employees, your competitors or
criminals means that you need to recognise and secure it from this
threat.
The evolution of security training has shown us that the most
effective way to learn about security is by learning from the people who
know how to attack your systems. By understanding the threat from the
attacker's perspective, you can develop effective assessment
methodologies and ultimately secure what really matters from ever
increasing threat.
Network and Infrastructure Security
The rapid changes in networking technologies and attack vectors mean that infrastructure level network security knowledge constantly requires updating.
This vendor neutral course provides the knowledge administrators and security professionals require to combat the latest security threats and avoid insecurities associated with configuration mistakes. While this course covers the latest conceptual advances in network security and is designed to examine the skills and methodologies used by attackers, it also ensures that attendees understand the latest advances in network infrastructure technologies.
The techniques used by attackers to avoid or corrupt traditional network security devices are taught and methodologies for discovering and mapping networks are covered in detail - while also providing guidance on securing against attacks.
This course is split into 9 sections:
- Enterprise Technology
- Network Segregation
- Network Access Control
- Remote Access
- Network Performance
- Monitoring and Management
- Wireless Networks
- Telephony
- Security Assessment
Call +44 (0)208 401 0070 today for more information.