We'll help upskill your teams in a variety of cybersecurity disciplines.
Tesserent’s Cyber Incident First Responder Training is designed to equip your organisation's IT team with the capability and knowledge to be able to respond to an incident effectively. Knowing the processes and tools required during an incident can significantly reduce the incident’s negative impact and ensure that an incident response investigation can be performed without delay.
Understanding what not to do is as important as knowing what to do first!
The Tesserent one-day First Responder training is a technical and hands on workshop that will introduce attendees to various open source and free tools that can be used to capture and analyse artifacts that are critical during an incident investigation.
Tesserent is also pleased to offer our clients engaging, and effective, tailored Cybersecurity Awareness Training.
The main objective of this engagement is to uplift the security knowledge of your application development team - ensuring applications are developed using best-of-breed security techniques.
This course is 2 full days of training, delivered remotely via video conferencing.
Gives an overview of security concepts that will be covered in the course so that students are aware of the types of security flaws, attacks and mitigation techniques they will be learning.
Broken Access Control
A broken access control issue occurs when a user is able to bypass a current policy and is able to access data and/or functionality outside of their intended permission.
All systems have the responsibility to ensure data is being protected in transit and at rest, this is done via various cryptographic functionality (Hashing, Encoding, and Encryption). Failure to do so will result in cryptographic related vulnerabilities.
Students learn secure techniques to manage the security of data stored in local storage or transmitted through the network. This section includes discussion of concepts around symmetric and asymmetric keys, and how to test their own systems to determine if data can become compromised.
Students learn the different types of injection flaws that exist, the root causes for injection flaws, real world examples, how the attacks work and what impact they can have, a step through of vulnerable code versus secure code, how to test for injection flaws, and solutions to protect against injection flaws. Students then perform a hands-on lab designed for the students to identify and exploit injection type vulnerabilities.
This session will focus on issues around design and architectural flaws. With a heavy focus on threat modelling, secure design patterns and reference architectures.
A variety of security misconfigurations are discussed including information leakage and default files, default settings and lack of web server and platform hardening. Real world examples are also discussed to show the attacks in the wild. Students learn how to test for the security misconfigurations, as well as lock down configurations to ensure that the vulnerabilities are not introduced into web applications.
A hands-on lab is carried out by students to perform a malicious file execution attack for them to understand how the attack is performed so that they know what they are protecting against.
Vulnerable and Outdated Components
This section discusses the dangers of using software or plugins that are outdated and vulnerable; including a demo of exploiting a vulnerable software and its potential impact on the application/organisation.
Identification and Authentication Failures
This section will tackle the best practice in reducing the risk that a user of the application can be compromised. This includes recommendations on how best to protect the user’s identity, session, and authentication mechanism.
Software and Data Integrity Failures
Software and data integrity failures relate to code and infrastructure that does not protect against unauthorised changes to the target application or software. In this section, students will learn the impact of vulnerabilities such as supply chain attack, deserialization of untrusted data, and including cross-domain scripts in their applications.
Security Logging and Monitoring Failures
This section will expound on the impact of not having a proper audit logging. Insufficient logging and monitoring of auditable events such as logins (failed and success) and high-value transactions, application warnings and errors, and any type of suspicious behaviours or anomalies will result in security logging and monitoring failure.
Service Side Request Forgery (SSRF)
SSRF vulnerability happens when a web application is fetching a remote resource without validating the user-supplied URL. This can allow an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall, VPN, or another type of network access control list (ACL).
Students are provided with slides that allow them to further their research to understand web application security verification processes, secure developer guides, secure code review guides, web application testing guides, and the OWASP Top 10.
Final questions are then answered to close off the training to ensure that students leave with confidence that they are able to identify security vulnerabilities within their applications.
Tesserent is a full-service cybersecurity and secure cloud services provider, partnering with clients from all industries and all levels of government. Let’s talk.