SCORE 4/5 by Smals Colleagues Deze cursus is een van de materialen die gebruikt worden in de sensibiliseringscampagne rond veiligheid. De inhoud is bedoeld om acties te beschrijven die iedereen kan ondernemen om de informatiebeveiliging te verbeteren. Recommended by Smals Experts //

SMALS STANDARDS IAM Team, met name Identity & Access Management alsook Netwerk Security cel worden je voorgesteld. Beide teams zijn bezig met toegepaste praktijk van Application Security @ Smals.

Deze cursus bevat de opnames de webinar en deze zijn enkel beschikbaar voor de deelnemers. 

Deze infosessie  gaat over het thema ‘privacy & security aspecten van informatie systemen’. Tijdens deze sessies hebben we het specifiek over de ‘data protection impact analysis’ (DPIA), de gegevens-beschermings-effect-beoordeling.

Cybersecurity doesn’t fall solely within your IT department's purview. If you own a smartphone, work on a computer, or use the internet, then you're exposed to a variety of complex security risks on a constant daily basis. In this course, instructor Caroline Wong details what these threats are and what you can do about them—both to protect yourself and your organization. In a series of engaging scenarios, Caroline shines a spotlight on some of the most common security risks you'll encounter in your personal and work life, as well as how to mitigate them. Learn how to identify and avoid phishing, malware, counterfeit apps, and social engineering attacks. Plus, get tips on adhering to cybersecurity best practices for wireless networks, online accounts, software, intellectual property, and more. By the end of this course, you’ll also be prepared to stay safe online as a remote or hybrid worker. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Deze cursus geeft een overzicht van de verschillende regelgevingen in het domein van de privacy & security aspecten van informatie systemen; zowel algemeen als specifiek voor de Sociale Zekerheid & Gezondheid (SZ&G). De grote hoeveelheid regelgevingen op verschillende niveaus (Europees, Federaal, Gewestelijk) en de verschillende betrokken organisaties maken het een complex gegeven. Bovendien is privacy & security een domein in volle ontwikkeling. Deze cursus is dan ook niet bedoeld als een naslagwerk, die volledigheid nastreeft. Het is bedoeld als vertrekpunt voor verdere studie door de geïnteresseerde en is nuttig bij het in de praktijk brengen van het principe ‘data protection by design & by default’. Zie hiervoor meer in de presentatie rond ‘data protection by design & by default’. De cursus zelf is, naast een introductie, gestructureerd in 7 sessies, die welbepaalde domeinen van privacy & security bestrijken.

Want to keep your interconnected systems and data safe? In this course, Lisa Bock covers network security and securing an organization's infrastructure. Lisa introduces security devices such as firewalls and honeypots. In addition, she reviews the importance of isolating networks with VLANS and NAT addressing, along with a review of common security protocols. She also provides overviews of how to protect clients with antivirus software, encrypt folders and files, implement software restriction policies, and secure your cloud services. Finally, she looks at the often-overlooked topic of physical security, which includes securing a building's perimeter and the hardware within. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 2,18u. Security is a paramount concern when you’re developing websites, but what motivates hackers, what are their most common methods of attack, and most importantly, what can you do to foil their efforts? In this course, instructor Kevin Skoglund details the techniques and mindset that you need to craft solutions for these web security challenges. Learn the eight fundamental principles that underlie all security efforts, the importance of filtering input and controlling output, and how to defend against the most common types of attack. This course can help you, as a developer, to secure your clients’ websites, and offers a great introduction for anyone who wants to learn more about web security. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Though technology changes rapidly, the need to assure the confidentiality, integrity, authenticity, and accountability of information does not. Understanding the basics of cryptography is fundamental to keeping your networks, systems, and data secure. In this course, Lisa Bock reviews the historical and present-day uses of encryption, including techniques such as symmetric and asymmetric encryption, algorithms, and hashing. She also reviews message digest and passwords and discusses practical ways to apply cryptography to ensure data security and integrity. By the end of this course, you'll have a solid understanding of what it takes to move and store data securely. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

In this course, you will learn to: ● Secure your computer, your network, and your data from 99% of all attacks on the Internet ● Find and fix weaknesses and harden your computer's security ● Keep yourself safe online, at home, at school, or at work ● Test for security vulnerabilities using the tricks the bad guys use ● Avoid phishing, viruses, ransomware, and online scams Aanvraag indienen //

Wireless networks are convenient and popular, but poor configuration and encryption leave them open to attack. Hackers can use Wi-Fi vulnerabilities to infiltrate your entire network. Security professionals need to know how to detect, prevent, and counter these kinds of attacks using the latest tools and techniques—the subject of this course with cybersecurity expert Malcolm Shore. Malcolm covers everything from configuring basic security to understanding how hackers extract passwords, harvest connections at rogue access point, and attack networks via Bluetooth. He also explains how to select the right antennae for testing and introduces some sophisticated Windows and Linux tools to scan for vulnerabilities, including Acrylic, Ekahau, and Wireshark. By the end of the course, you should be able to shore up your wireless connections and gain confidence that your local network is safe to use. Note: This course is part of our test prep series for the Certified Ethical Hacker exam. Review the complete exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/. Topics include: Selecting an antenna Configuring security Extracting WEP and network passwords Testing passwords Harvesting connections from rogue access points Attacking networks via Bluetooth Capturing wireless packets with Acrylic Wi-Fi Heat mapping with Ekahau Wi-Fi sniffing with Wireshark Testing the Internet of Things Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

FREE GDPR and Incident Response Templates & Documentation - Practical GDPR and Incident Response Blueprint. In this course, you will learn to:● Understand what incident response is ● Will have a list of incident response tools and resources ● Will have a list of templates to use ● Will have a list of incident response playbooks Aanvraag indienen //

The number of IoT (Internet of Things) devices deployed is increasing exponentially, which presents significant security challenges. In this course, Lisa Bock covers topics related to the IoT and OT hacking domain from the CEH body of knowledge. Lisa dives into the myriad of security challenges that the IoT faces, highlighting the importance of conducting ethical hacking to unearth vulnerabilities within IoT and operational technology (OT) devices. The course covers strategies for managing OT and industrial control systems (ICS). Furthermore, Lisa outlines methods for executing attacks on IoT/OT systems along with ways to safeguard systems against potential attacks, to ensure participants are well-equipped to protect these technologies. To help apply these concepts, Lisa provides a list of resources for best practice frameworks and guidance on securing IoT/OT systems. At the end of the course, you will have a robust arsenal to navigate the complex landscape of IoT security. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 2,22u. Ethical hacking involves testing to see if an organization's network is vulnerable to outside attacks. It's one of the most desired skills in an IT security professional. In this course, security ambassador Lisa Bock guides you through the System Hacking competency from the CEH Body of Knowledge. Find out how hackers are able to hack into a system and gain access. Learn about privilege escalation, keyloggers, and spyware. Plus, explore countermeasures that IT security professionals can take to prevent these attacks. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Social engineering is a technique hackers use to manipulate end users and obtain information about an organization or computer systems. In order to protect their networks, IT security professionals need to understand social engineering, who is targeted, and how social engineering attacks are orchestrated. In this course, cybersecurity expert Lisa Bock discusses the methods a hacker might use, including embedding malicious links and attachments in emails and using mobile devices and social media to deploy an attack. She discusses the concept of "misuse of trust"—how hackers use charm, power, and influence to penetrate an organization—and why you need to be extra cautious with the disgruntled employee. Finally, Lisa discusses countermeasures security professionals can take to address these attacks. Note: This course maps to the Social Engineering competency of the Certified Ethical Hacker exam. You can review the exam objectives on the official EC-Council website. Topics include: Visualizing the victim Recognizing an attack Using charm, power, and influence Manipulating with social media Preventing insider attacks Stealing identities Pen testing with social engineering Taking countermeasures Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 1,91u. This course follows a proven methodology for conducting thorough and effective technical security audits and assessments based on guidelines from NIST. Learn how to develop the testing methodology essential for technical security reviews. Discover how to identify and analyze targets, use key technical testing tools, identify and mitigate findings, and more. Performing technical information security audits and assessments is essential to protecting information assets. By the end of this course, you'll know how to determine if your network is secure. Topics include: Cite the three phases of external security assessments. Explain the reasons for conducting a log review. Explain what network sniffing is and why it’s used. Describe when to use a file integrity checking tool. Differentiate between active network discovery and passive network discovery. Explain how to scan for vulnerabilities. Relate the three techniques useful for validating target vulnerabilities. Explain the four-stage methodology of conducting penetration tests. Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Security is a major concern in the DevOps world. There is a constant push for companies to move more quickly, and security teams struggle to keep up with testing. This has led to the rise of a new field: DevSecOps. This course introduces the concept of DevSecOps and explains how an organization can build out a DevSecOps program that helps teams integrate security into the application development pipeline. Learn about the role of APIs, containers, security as code, and automation, and how a continuous integration and delivery framework can help your organization run security tests as often as developers want. Instructor Tim Chase also introduces some free tools and resources for starting your DevSecOps journey. Topics include: Recognize which groups make up DevOps. Identify what should be included in the DevSecOps process. Explain how API and security testing function. Indicate the challenges and benefits of CI/CD. Recognize the central repository for containers. Describe how to secure IaC. Identify where DevSecOps test results are placed. Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Cybersecurity can be daunting because of its technical complexity and the ever-changing threats to individuals and organizations. And more than ever, cybersecurity also is a core business function for organizations of all kinds. Just like other business issues—like finance, legal, or human resources—cybersecurity has its own set of external policies, laws, rules, established practices, and resources for getting help. Getting to know these policies and resources better across your organization—and not just within your IT department—can be hugely beneficial to your company. This course seeks to make key cybersecurity policies and resources clear and understandable—whether you work in IT, in business, or are just interested in how information security fits in with our public policies and laws. Join instructor Gregory Michaelidis to improve your personal or organizational cybersecurity with grounding in the latest regulations, governmental authorities, and resources available. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Diving into cryptography with The Alpha Geek and Total Seminars team. Learn cyber security and ethical hacking. In this course, you will learn to: ● Define cryptography and the key role it plays in protecting our digital data ● Find out how Web sites use certificates to make sure our usernames, passwords, credit card numbers, and other personal data stay secure ● Understand ciphers, binary, hashing, symmetric and asymmetric cryptosystems, digital signatures and certificates, and public key infrastructure ● Learn how hashing helps us to be certain the data we receive or download is legitimate ● Prepare for the CompTIA Security+ exam by better understanding cryptography and PKI, one of the six exam domains Aanvraag indienen //

Mobile devices are used for our most sensitive transactions, including email, banking, and social media. But they have a unique set of vulnerabilities, which hackers are all too willing to exploit. Security professionals need to know how to close the gaps and protect devices, data, and users from attacks. Join cybersecurity expert Malcolm Shore as he explores the two dominant mobile operating systems, Android and iOS, and shows ways to protect devices through analysis and testing. Watch this course to review the basics of mobile OS models, the toolsets you need for testing, and the techniques for detecting and preventing the majority of security flaws. These methods are recognized by EC Council as integral part of those looking to earn their Certified Ethical Hacker certification. The complete CEH BOK can be found at https://www.eccouncil.org/Certification/certified-ethical-hacker/CEH-What-You-Will-Learn. Topics include: Statistic and dynamic analysis of mobile applications Testing on Android Analyzing Android applications Securing iOS applications Jailbreaking iOS for command-line access Analyzing iOS apps Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Hackers target PHP web applications more often than other sites because most PHP code is written by developers with little security experience. Protecting web applications from these attacks has become an essential skill for all PHP developers. PHP: Creating Secure Websites shows you how to meet the most important security challenges when developing websites with PHP. Instructor Kevin Skoglund covers the techniques and PHP code needed to develop sites that are more secure, and to avoid common mistakes. Learn how to configure PHP properly and filter input and escape output. Then check out step-by-step defenses against the most common forms of attack, including cross-site scripting and SQL injection. Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

APIs are a crucial business driver for delivering data to your applications. In this course, learn about various options for securing your RESTful API that can help you keep your application data—and your users—safe. Instructor Emmanuel Henri begins the course with an overview of top security threats and an introduction to the Open Web Application Security Project (OWASP), an important resource on security. He then steps through how to set up and secure a Node and Express API, including how to add handlers for registration and login, finalize secured endpoints, and test your finalized API. To wrap up, he shares a few alternatives for securing APIs. Topics include: Open Web Application Security Project (OWASP) Reasons for using a JSON Web Token (JWT) Adding bcrypt password hashing Adding handlers for registration and login Finalizing secured endpoints Testing APIs with Postman Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

En tant que responsable de la sécurité ou DSI, vous devez mettre en place une politique de cybersécurité pour répondre aux menaces qui pèsent sur votre informatique. Pour cela, Pierre Cabantous vous propose de faire un tour de la cybersécurité en entreprise. Dans ce cours, vous étudierez la démarche d'un pirate, avant et après l'intrusion dans un système, à la suite de l'exploitation d'une vulnérabilité. Vous verrez comment gérer ces vulnérabilités par rapport à un niveau de risque que vous apprendrez à calculer. Vous aborderez aussi une des principales menaces encourues aujourd'hui par tout service accessible en ligne : les attaques par déni de service. Puis vous découvrirez comment protéger votre organisation aux niveaux technique et organisationnel, en suivant des bonnes pratiques, des process ainsi que des normes européennes comme le RGPD. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Principles of Secure Coding offers a comprehensive exploration of secure coding practices, emphasizing the importance of incorporating security throughout the entire development process. This course will equip you with the skills and mindset necessary to protect your applications against potential threats, setting you on the path towards developing robust and resilient software. Dive into essential security concepts such as authentication, authorization, encryption, and encoding. Learn the importance of version control and best practices for maintaining sensitive information. Engage with real-life and fictional security horror stories, including an exclusive tale from YouTube sensation Tom Scott, to gain insight into the potential consequences of insecure coding. Explore secure coding techniques using C# as our primary language while emphasizing broader applicability to other programming languages. Delve into methods for safeguarding data, preventing information leaks, and mitigating vulnerabilities. Develop an understanding of security testing and code review processes to ensure your applications remain secure and compliant. Continuing the course, we'll investigate the OWASP Top Ten security risks for 2021, enabling you to recognize and address recurring security issues. By diving deep into these prevalent concerns, you'll gain invaluable insight into the mindset and thought processes that often lead to security problems. New! A bonus module examining three new online authentication methods and how they work, as well as how they fit into the context of encryption and security. Have you ever wondered how Google or Microsoft Authenticator works? We will dig into what is happening under the covers. Seize the opportunity to enhance your software development skills with this course. Enroll today and propel your skills to new heights! In this course, you will learn: Software developers looking to expand their knowledge in secure coding practicesIT professionals seeking to understand and implement secure coding techniquesComputer science students wanting to specialize in application securityWeb and mobile app developers aiming to enhance the security of their applicationsIT managers and team leads responsible for overseeing secure development practicesCybersecurity enthusiasts interested in learning about secure coding principlesFreelance developers striving to ensure the security of their clients' projects Aanvraag indienen

Learn how to configure a Cisco switch to connect and control resources on your network. Join Denise Allen-Hoyt in this course, as she explores the Cisco command-line interface using an out-of-band connection with a cable and terminal program. Denise shows how to access the switch's three modes—user EXEC, privileged EXEC, and global configuration—and use commands to configure essential settings. After addressing the switch and configuring a default gateway, Denise explains how to modify individual port modes, secure those ports, and create and manage virtual LANs (VLANs). In the final chapter, she shows how to verify your settings and reset the switch if necessary. Topics include: Accessing a switch Configuring the terminal program Configuring a switch hostname Saving and viewing configurations Securing access Encrypting passwords Assign an IP address to a switch Exploring port modes and security Creating VLANs Resetting a switch Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Are you looking to learn the basics of configuring a firewall to secure your Cisco network? In this course, security ambassador Lisa Bock focuses on the most essential Cisco firewall technologies. Explore the core concepts of a firewall, what it is, and how it works in a variety of distinct security contexts, as Lisa shows you how to configure a basic firewall, choosing the option that’s best for you. Learn about stateless, stateful, and application firewalls with best practices for deploying each. Discover the essentials of managing access control lists, implementing network address translations on Cisco ASA, and identifying when and how to leverage a zone-based firewall to monitor traffic between internal and external zones. In closing, Lisa takes a closer look at some of the key features available on the Cisco ASA, such as the basics of access management, the Cisco Modular Policy Framework, high availability technology, and the Hot Standby Router Protocol (HSRP). Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 3,24u. The OWASP Top 10 is the cybersecurity industry's most recognized framework for web application security risks, and understanding it is essential for anyone building modern software. In this beginner-friendly course, learn the 2025 edition through clear explanations, real-world breach case studies, and actionable prevention techniques. Join application security expert Caroline Wong as she breaks down each of the 10 vulnerability categories, explains how attackers exploit them, and outlines practical steps you can take to prevent these risks in your own applications. Along the way, discover how to integrate OWASP Top 10 security practices throughout the secure software development lifecycle and prioritize defenses based on your organization's needs. By the end of this course, you'll be equipped with the skills and confidence to recognize, discuss, and address the most common threats to web applications. Topics include: Define the OWASP Top 10 2025 edition and its role as the industry-standard framework for identifying and prioritizing web application security risks. Identify each of the 10 OWASP Top 10 vulnerability categories and describe common real-world examples of how they are exploited in breach scenarios. Apply secure coding practices and configuration standards to prevent OWASP Top 10 vulnerabilities in web applications. Analyze recent security breach headlines and map them to relevant OWASP Top 10 categories to identify patterns and emerging attack trends. Evaluate how OWASP Top 10 risks change over time and assess the factors that drive certain vulnerabilities to rise, merge, or decline in industry relevance. Communicate security risks and remediation priorities effectively to software developers, QA testers, and non-technical stakeholders. Create a security integration plan that addresses OWASP Top 10 risks at each phase of the software development lifecycle, from requirements through operations. Develop a role-specific action plan that makes OWASP Top 10 security practices actionable in daily development, testing, and operational activities. Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 5u. In een wereld waar digitale dreigingen steeds vaker voorkomen, is het cruciaal om uw organisatie te beschermen. Deze gratis e-learning over cybersecurity biedt u de tools en kennis die u nodig heeft om uw organisatie te beveiligen tegen de meest voorkomende cyberaanvallen. Aanvraag indienen

Duurtijd van de opleiding: 3,4u. Building security testing into the software development lifecycle is the best way to protect your app and your end users. This course identifies tools and techniques that developers can use to minimize the cost and impact of security testing—while maximizing its impact and effectiveness. Instructor Jerod Brennen focuses on dynamic application security testing, using security scanning, penetration testing, and vulnerability testing to validate code and uncover vulnerabilities. He explains the difference between positive and negative, manual and automated, and production and nonproduction testing, so you can choose the right kind for your workflow. The hands-on sections—with demos of popular tools such as OWASP ZAP and Burp Suite—prepare you to apply the lessons in the real world. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 1,1u. Pour protéger votre entreprise des cybercriminels, vous devez mettre en place des mesures techniques et organisationnelles appropriées, et les gérer correctement. Vous devez aussi comprendre les enjeux de la cybersécurité afin de vous prémunir des risques et bâtir une vraie stratégie de gouvernance. Les entreprises ont pris conscience de l'importance de la protection des données qui est de plus en plus souvent gérée par la direction. Dans ce cours, Diane Ouandji vous propose de réfléchir sur différentes problématiques liées aux risques et aux menaces. Elle vous apporte des moyens pour mettre en place une gouvernance efficace de la cybersécurité, ainsi que les éléments de base nécessaires à la compréhension des aspects techniques. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 1,5u. Software developers know how essential secure coding practices are. Luckily, with today's tools, secure code doesn't take a lot of time or effort. There are security frameworks for developers to use. Static and dynamic code analysis tools to test code are available, as well as security patterns that can be implemented at the design level. In this course, Jungwoo Ryoo, who teaches IT, cyber security, and risk analysis at Penn State, introduces secure software development tools and frameworks and teaches secure coding practices like input validation, separation of concerns, and single access point. Learn how to recognize different kinds of security threats and fortify your code. Find out how to put a system in place to test your software for vulnerabilities. Plus, explore new trends in software security and reinforce what you’ve learned with demos and case studies. Topics include: Define common software security terms. Recognize and describe the major software security threats. Define what security design patterns are in general, and explain why they are a valuable resource for software security. Define what architectural patterns are, and explain the relation between design patterns and architectural patterns. Explore what the Common Vulnerabilities and Exposures and the Common Weakness Enumeration databases are, and explain why they are considered invaluable for software security. Discuss buffer overflow attacks and their consequences. Summarize how to best defend against sensitive information exposure. Differentiate between white-box testing and black-box testing. Identify the major software security concerns with IoT. Explain how to best comply with rules and regulations such as GDPR, HIPAA, and PCI DSS. Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 3,53u. Set a rock-solid foundation for your network, users, and data by learning about the basics of cybersecurity. Join security expert Malcolm Shore as he describes how to assess and mitigate risks using various cybersecurity frameworks and control standards, such as NIST and COBIT. Malcolm details pertinent cyber threats and how they operate, including how cyber criminals hide their attacks, how advanced persistent threats work, and even how to determine what's real and what's merely cyber fear, uncertainty, and doubt (FUD). He also covers the way in which cyber risk is managed and the lifecycle of cybersecurity—from managing defense through to preparing for and responding to an incident. And since cybersecurity has taken on an increasingly visible global dimension, Malcolm concludes the course with a discussion of international cyber norms and protocols. This course is part of a Professional Certificate from Microsoft. Topics include: Differentiate between the phases of the Cyber Kill Chain. Describe the several types of cyberattacks. Explain what the NIST Cybersecurity Framework is. Interpret basic practices of cyber risk. Determine which elements are used in developing a secure architecture. Articulate the best approach to respond to an incident. Describe the seven principles for global cybersecurity users. Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 2,03u. This course is an introduction to secure development practices related to various aspects of software development. Security architect Frank Moley introduces you to risk analysis, including proactive risk identifications. Frank then looks at the most common types of vulnerabilities that plague applications today, including client/server issues, with a heavy focus on web-based and embedded and IoT focused development. The course then gets into a primer of cryptography, the role it plays in security, and its proper use by looking at the vulnerabilities around its misuse. Frank finishes the course by looking at strategies for each phase of the software development lifecycle to build a secure application development lifecycle while considering the modern development practices. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 1,41u. Most executives want to be better cyber risk managers. They want to manage cybersecurity risks in the same thoughtful and intelligent way as they manage other aspects of their business. This course provides practical, to-the-point training for the busy executive, in everyday language, complete with examples that are easy to understand. Instructor Kip Boyle describes the big picture events driving cybercrimes today and the top cyber risks affecting executives and their organizations. Kip provides examples of common cyberattacks, including actual impacts to real organizations. He uses germ theory to explain how good "security hygiene" can help you and your organization combat security threats, and introduces the top actions executives can take to avoid threats such as phishing, identity theft, hacking, and financial fraud. Plus, Kip highlights best practices for contract "firewalls", third-party cyber risk management, AI, deep fakes, and cyber insurance. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 0,98u. Cybersecurity teams collect data, but not all data creates influence. This course provides a practical, leadership-focused approach to designing security metrics and KPIs that actually matter. Explore how to connect operational performance to business outcomes, avoid common pitfalls, and build metrics that enable better decisions. Through examples and clear frameworks, the course covers how to evaluate existing metrics, tighten measurement practices, and establish a consistent reporting rhythm. Discover how to translate technical data into narratives that resonate with executives and help shape cybersecurity strategy. Develop skills to evaluate and refine current metrics, ensuring they are both accurate and valuable to stakeholders. Learn how to establish a consistent reporting format that turns complex data into clear, actionable narratives for leadership. Ideal for emerging and current cybersecurity leaders, this course emphasizes real-world application and strategic communication to enhance your influence and leadership skills. Benefit from discovering how to drive performance and strategic decisions through effective data representation. Whether you're stepping into a leadership role or refining your skills, this course empowers you to demonstrate the value and impact of your cybersecurity initiatives effectively. Topics include: Identify the characteristics of effective cybersecurity metrics and KPIs and distinguish them from vanity metrics. Design a security metrics framework that aligns operational performance with business and risk outcomes. Evaluate and refine existing cybersecurity metrics to ensure accuracy, relevance, and value to stakeholders. Create a consistent reporting cadence and structure for communicating security performance. Translate cybersecurity data into clear, compelling narratives that influence leadership decisions. Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 3,68u. Building security testing into the software development life cycle is the best way to protect your app and your end users. This course identifies tools and techniques that developers can use to minimize the cost and impact of security testing—while maximizing its impact and effectiveness. In this course, instructor Jerod Brennen focuses on offline testing activities: preparing test plans, policies, and other documentation and conducting offline source code reviews. He also explains how to conduct offline testing for the OWASP Top Ten vulnerabilities. Along the way, you can become familiar with best practices around security in the SDLC. The hands-on sections—with demos of popular tools such as Codacy and SonarQube—prepare you to apply the lessons in the real world. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 7,89u. Want to build apps so secure they make cybercriminals cry? This isn't your average security course–it's the insider's comprehensive playbook to crafting high quality applications. Learn how to identify and remediate the vulnerabilities that creep into modern applications, arming you with the same battle-tested strategies the pros use (think OWASP Top Ten). Get ready to dive into hands-on testing exercises, where you'll put this knowledge to the test. Tackle the cutting-edge threats facing APIs and LLM applications, helping you stay one step ahead of the cybercriminals. By the end of this course, you'll be equipped with the knowledge you need to ensure the apps you're building are both resilient and ready to deflect attacks. Topics include: Identify and assess the most critical security risks in modern web applications, mobile applications, APIs, and LLM applications, drawing on industry standards such as those maintained by OWASP. Design and implement secure coding practices and security controls throughout the software development lifecycle (SDLC), incorporating DevSecOps principles to improve application quality while reducing security costs. Apply specific mitigation techniques for common vulnerabilities like injection attacks, broken authentication, sensitive data exposure, and insecure configuration. Leverage security testing methodologies such as SAST, DAST, and IAST to proactively detect and remediate vulnerabilities before applications are deployed to production. Understand emerging threats in application security, such as attacks targeting large language models and mobile application vulnerabilities, and develop strategies to address them. Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen

Duurtijd van de opleiding: 13,69u. The Certified Secure Software Lifecycle Professional (CSSLP) certification is designed for software development and security professionals, including software architects, developers, project managers, security managers, quality assurance testers, and anyone responsible for ensuring the security of software applications throughout the development lifecycle. This comprehensive course with instructor Jerod Brennen helps you prepare to tackle the official CSSLP exam. Explore the core concepts and fundamental skills required for each of the eight domains of the exam: Secure Software Concepts; Secure Software Lifecycle Management; Secure Software Requirements; Secure Software Architecture and Design; Secure Software Implementation; Secure Software Testing; Software Deployment, Operations, and Maintenance; and Secure Software Supply Chain. Topics include: Deze cursus is enkel beschikbaar in het Engels. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Deze cursus is enkel beschikbaar in het Frans. Als dit voor u geen probleem vormt, dien dan gerust uw aanvraag in. Aanvraag indienen