Cyber Security Training in Braga

This instructor-led, live training in Braga (online or onsite) is aimed at advanced-level cybersecurity professionals, AI engineers, and IoT developers who wish to implement robust security measures and resilience strategies for Edge AI systems.

By the end of this training, participants will be able to:

• Understand security risks and vulnerabilities in Edge AI deployments.
• Implement encryption and authentication techniques for data protection.
• Design resilient Edge AI architectures that can withstand cyber threats.
• Apply secure AI model deployment strategies in edge environments.

This instructor-led, live training in Braga (online or onsite) is aimed at intermediate-level cybersecurity professionals and data scientists who wish to utilize LLMs for enhancing cybersecurity measures and threat intelligence.

By the end of this training, participants will be able to:

• Understand the role of LLMs in cybersecurity.
• Implement LLMs for threat detection and analysis.
• Utilize LLMs for security automation and response.
• Integrate LLMs with existing security infrastructure.

This instructor-led, live training in Braga (online or onsite) is aimed at intermediate-level to advanced-level cybersecurity professionals and technical leads who wish to understand how to implement AI models to enhance security processes, automate threat detection and response, and perform predictive analysis.

By the end of this training, participants will be able to:

• Understand the role of AI in modern cyber security.
• Develop machine learning models for anomaly and threat detection.
• Implement AI for automating incident response and security operations.
• Evaluate the ethical and operational considerations of AI in cybersecurity.

Encryption Key Management is the discipline of securely creating, storing, distributing, rotating, and retiring cryptographic keys to protect sensitive data and ensure regulatory compliance.

This instructor-led, live training (online or onsite) is aimed at intermediate-level IT and security professionals who wish to implement robust encryption key management practices and systems across enterprise environments.

By the end of this training, participants will be able to:

• Understand the lifecycle of encryption keys and best practices for their protection.
• Set up and manage key management systems (KMS) both on-prem and in the cloud.
• Implement access control and auditing for key usage.
• Comply with regulations and standards related to encryption key security.

Format of the Course

• Interactive lecture and discussion.
• Hands-on use of key management tools in lab environments.
• Guided exercises focused on secure key lifecycle implementation.

Course Customization Options

• To request a customized training for this course based on your infrastructure or compliance requirements, please contact us to arrange.

This instructor-led, live training in Braga (online or onsite) is aimed at intermediate-level analysts who wish to effectively analyze, secure, and protect their organization's data and networks from cyber threats.

By the end of this training, participants will be able to:

• Gain a comprehensive understanding of the current cybersecurity landscape.
• Learn and apply industry-standard cybersecurity frameworks (e.g., NIST, ISO/IEC 27001) and best practices to enhance the security posture of their organization.
• Implement effective network security measures, including configuring firewalls, VPNs, IDS/IPS systems, and applying encryption techniques to protect data at rest and in transit.
• Identify, analyze, and respond to cybersecurity incidents using threat intelligence, SIEM tools, and incident response plans.

This instructor-led, live training in Braga (online or onsite) is aimed at beginner-level security professionals who wish to gain the knowledge and skills necessary to adapt to the rapidly evolving digital landscape in the security industry.

By the end of this training, participants will be able to:

• Understanding Digital Transformation in security.
• Learn how digital solutions can improve security operations, efficiency, and effectiveness.
• Manage security-related data for informed decision-making.

This instructor-led, live training in Braga (online or onsite) is aimed at experienced developers who wish to gain a comprehensive understanding of Python programming and its applications in cybersecurity.

By the end of this training, participants will be able to:

• Use Python programming for defensive cybersecurity.
• Understand and use Python for ethical offensive techniques and digital forensics tasks.
• Recognize legal and ethical considerations surrounding offensive cybersecurity and vulnerability disclosure.

This instructor-led, live training in Braga (online or onsite) is aimed at intermediate-level to advanced-level developers who wish to understand and apply secure coding practices, identify security risks in software, and implement defenses against cyber threats.

By the end of this training, participants will be able to:

• Understand common security vulnerabilities in web and software applications.
• Analyze security threats and exploit techniques used by attackers.
• Implement secure coding practices to mitigate security risks.
• Use security testing tools to identify and fix vulnerabilities.

Objectives

• Familiarization with the proposed changes
• Gaining knowledge on how to prepare for changes

This instructor-led, live training in Braga (online or onsite) is aimed at developers and anyone who wishes to learn and use OAuth to provide applications with secure delegated access.

By the end of this training, participants will be able to:

• Learn the fundamentals of OAuth.
• Understand the native applications and their unique security issues when using OAuth.
• Learn and understand the common extensions to the OAuth protocols.
• Integrate with any OAuth authorization server.

User session recording technology is used to capture, monitor, and audit user activity on IT systems, providing insights for security, compliance, and forensic investigations.

This instructor-led, live training (online or onsite) is aimed at beginner-level to intermediate-level IT and security professionals who wish to implement user session recording solutions to enhance monitoring, compliance, and accountability.

By the end of this training, participants will be able to:

• Understand the principles of user session recording.
• Deploy and configure session recording solutions.
• Analyze and audit recorded sessions for compliance.
• Integrate session recording with security monitoring systems.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Braga (online or onsite) is aimed at system administrators who wish to use Microsoft Active Directory to manage and secure data access.

By the end of this training, participants will be able to:

• Set up and configure Active Directory.
• Set up a domain and define access rights of users and devices.
• Manage users and machines through Group Policies.
• Control access to file servers.
• Set up a Certificate Service and manage certificates.
• Implement and manage services such as encryption, certificates, and authentication.

Who is it for:

Anyone with an interest in information security, whether as a career or for general business knowledge.

This certificate is relevant to anyone requiring an understanding of Information Security Management Principles as well as those with an interest in information security either as a potential career or as an additional part of their general business knowledge. It is very much a firm foundation on which other qualifications can be built or which provides a thorough general understanding to enable organisations to begin to ensure their information is protected appropriately.

What will I learn:

Candidates should be able to demonstrate: 

• Knowledge of the concepts relating to information security management. 
• Understanding of current national legislation and regulations which impact upon information security management. 
• Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security.  
• Understanding of the current business and common technical environments in which information security management must operate. 
• Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.

Android is an open platform for mobile devices such as handsets and tablets. It has a large variety of security features to make developing secure software easier; however, it is also missing certain security aspects that are present in other hand-held platforms. The course gives a comprehensive overview of these features, and points out the most critical shortcomings to be aware of related to the underlying Linux, the file system and the environment in general, as well as regarding using permissions and other Android software development components.

Typical security pitfalls and vulnerabilities are described both for native code and Java applications, along with recommendations and best practices to avoid and mitigate them. In many cases discussed issues are supported with real-life examples and case studies. Finally, we give a brief overview on how to use security testing tools to reveal any security relevant programming bugs.

Participants attending this course will 

• Understand basic concepts of security, IT security and secure coding
• Learn the security solutions on Android
• Learn to use various security features of the Android platform
• Get information about some recent vulnerabilities in Java on Android
• Learn about typical coding mistakes and how to avoid them
• Get understanding on native code vulnerabilities on Android
• Realize the severe consequences of unsecure buffer handling in native code
• Understand the architectural protection techniques and their weaknesses
• Get sources and further readings on secure coding practices

Audience

Professionals

Migrating to the cloud introduces immense benefits for companies and individuals in terms of efficiency and costs. With respect to security, the effects are quite diverse, but it is a common perception that using cloud services impacts security in a positive manner. Opinions, however, diverge many times even on defining who is responsible for ensuring the security of cloud resources.

Covering IaaS, PaaS and SaaS, first the security of the infrastructure is discussed: hardening and configuration issues as well as various solutions for authentication and authorization alongside identity management that should be at the core of all security architecture. This is followed by some basics regarding legal and contractual issues, namely how trust is established and governed in the cloud.

The journey through cloud security continues with understanding cloud-specific threats and the attackers’ goals and motivations as well as typical attack steps taken against cloud solutions. Special focus is also given to auditing the cloud and providing security evaluation of cloud solutions on all levels, including penetration testing and vulnerability analysis.

The focus of the course is on application security issues, dealing both with data security and the security of the applications themselves. From the standpoint of application security, cloud computing security is not substantially different from general software security, and therefore basically all OWASP-enlisted vulnerabilities are relevant in this domain as well. It is the set of threats and risks that makes the difference, and thus the training is concluded with the enumeration of various cloud-specific attack vectors connected to the weaknesses discussed beforehand.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Understand major threats and risks in the cloud domain
• Learn about elementary cloud security solutions
• Get information about the trust and the governance regarding the cloud
• Have a practical understanding of cryptography
• Get extensive knowledge in application security in the cloud
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Understand the challenges of auditing and evaluating cloud systems for security
• Learn how to secure the cloud environment and infrastructure
• Get sources and further readings on secure coding practices

Audience

Developers, Managers, Professionals

A number of programming languages are available today to compile code to .NET and ASP.NET frameworks. The environment provides powerful means for security development, but developers should know how to apply the architecture- and coding-level programming techniques in order to implement the desired security functionality and avoid vulnerabilities or limit their exploitation.

The aim of this course is to teach developers through numerous hands-on exercises how to prevent untrusted code from performing privileged actions, protect resources through strong authentication and authorization, provide remote procedure calls, handle sessions, introduce different implementations for certain functionality, and many more.

Introduction of different vulnerabilities starts with presenting some typical programming problems committed when using .NET, while the discussion of vulnerabilities of the ASP.NET also deals with various environment settings and their effects. Finally, the topic of ASP.NET-specific vulnerabilities not only deals with some general web application security challenges, but also with special issues and attack methods like attacking the ViewState, or the string termination attacks.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn to use various security features of the .NET development environment
• Get practical knowledge in using security testing tools
• Learn about typical coding mistakes and how to avoid them
• Get information about some recent vulnerabilities in .NET and ASP.NET
• Get sources and further readings on secure coding practices

Audience

Developers

Web Application Security is the discipline of protecting online applications from modern security threats and vulnerabilities, including those that are platform-agnostic and affect core application architecture and input handling.

This instructor-led, live training (online or onsite) is aimed at intermediate-level developers who wish to understand and apply secure coding techniques to mitigate web vulnerabilities and implement robust web application security.

By the end of this training, participants will be able to:

• Understand basic concepts of security, IT security and secure coding.
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them.
• Learn client-side vulnerabilities and secure coding practices.
• Have a practical understanding of cryptography.
• Understand security concepts of Web services.
• Get practical knowledge in using security testing tools.
• Get sources and further readings on secure coding practices.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Cyber Security is the practice of applying technologies, controls, and processes to protect computer systems, servers, networks, devices, programs, and data from malicious cyber attacks.

This instructor-led, live training (online or onsite) is aimed at anyone who wish to learn how to protect internet-connected systems from different kinds of cyber threats.

By the end of this training, participants will be able to:

• Understand the concept of Cyber Security.
• Learn and understand the different Cyber Security threats.
• Learn processes and best practices to protect internet-connected systems from cyber attacks.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Braga (online or onsite) is aimed at IT professionals who wish to learn and apply the fundamentals of Cybersecurity practices, processes, and tools in their organization.

By the end of this training, participants will be able to:

• Understand the Cybersecurity concepts, definitions, architecture, and principles.
• Learn how to secure and protect digital assets (networks, systems, applications, and data).
• Implement security models, frameworks, operational techniques, and incident handling.
• Evaluate and mitigate the impact of cyber attacks, risks, threats, and vulnerabilities.
• Gain insights on cybersecurity challenges with emerging technologies.

This instructor-led, live training in Braga (online or onsite) is aimed at software engineers and IT professionals who wish to gain a deeper knowledge on CyBOK and strengthen theoretical and applied skills in cyber security.

By the end of this training, participants will be able to:

• Understand the fundamental concepts, definitions, and principles of cyber security.
• Acquire in-depth expertise in cyber security by implementing the CyBOK knowledge areas.
• Gain extensive and foundational knowledge to operationalize the CyBOK framework.
• Facilitate community and organization enablement to increase focus on data security and privacy.
• Expand opportunities to earn specialization and credentials for cyber security professions.

The course is intended for those requiring intelligence or evidence from the Dark Web. This will usually be those working in government or law enforcement though may also be in the private sector.

In this course, you will learn the principles and techniques for digital forensics investigation and the spectrum of available computer forensics tools. You will learn about core forensics procedures to ensure court admissibility of evidence, as well as the legal and ethical implications.

You will learn how to perform a forensic investigation on both Unix/Linux and Windows systems with different file systems. with many advanced topics like wireless, network, web, DB and Mobile crimes investigation    
 

This course provides an expert introduction to the newly enacted Accessibility Law and equips developers with the practical skills to design, develop, and maintain fully accessible applications. Starting with a contextual discussion on the law's importance and implications, the course quickly shifts to hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

This course provides leaders and managers with an overview of issues and activities associated with cybersecurity.

Leaders will receive information in various topics that will build their knowledge and hone executive decision-making in regard to the cybersecurity threat.    
 

By the end of this training, participants will be able to:

• Understand the Internet, social network Privacy
• Know PII and why it is important
• Know how to secure the Online Activates
• Know how to maintain the Privacy of business users
• Know more of the Cyber laws that protect the Privacy

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Braga (online or onsite) is aimed at system administrators who wish to use FreeIPA to centralize the authentication, authorization and account information for their organization's users, groups, and machines.

By the end of this training, participants will be able to:

• Install and configure FreeIPA.
• Manage Linux users and clients from a single central location.
• Use FreeIPA's CLI, Web UI and RPC interface to set up and manage permissions.
• Enable Single Sign On authentication across all systems, services and applications.
• Integrate FreeIPA with Windows Active Directory.
• Backup, replicate and migrate an FreeIPA server.

This training course teaches how risk assessment for information security is done by combining the information on ISO/IEC 27005:2022 and ISO/IEC 27001. In addition to theoretical knowledge, this training course is equipped with practical exercises, quizzes, case studies, all of which make it a very engaging training course.

The Certified Ethical Hacker certification is a sought-after cybersecurity certification around the world.

This program incorporates instruction and practice to get students ready to take the CEH certification exam as well as the CEH Practical Exam. Candidates who successfully pass both exams earn the CEH Master credential as well as their CEH certification.

Students are given the choice to add either the CPENT or the CHFI course to their package.

Training for either the Certified Penetration Testing Professional (CPENT) course or the Computer Hacking Forensic Investigator (CHFI) course will be given to each student via EC-Council’s online, self-paced, streaming video program.

CPENT (Pen-test):
Teaches students how to apply the concepts and tools taught in the CEH program to a pen-test methodology in a live cyber range.

CHFI (Computer Forensics):
Teaches students a methodological approach to computer forensics including searching and seizing, chain-of-custody, acquisition, preservation, analysis and reporting of digital evidence.

Course Description

CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so you will be better positioned to set up your security infrastructure and defend against future attacks. An understanding of system weaknesses and vulnerabilities helps organizations strengthen their system security controls to minimize the risk of an incident.

CEH was built to incorporate a hands-on environment and systematic process across each ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to achieve the CEH credential. You will be exposed to an entirely different posture toward the responsibilities and measures required to be secure.

Who Should Attend

• Law enforcement personnel
• System administrators
• Security officers
• Defense and military personnel
• Legal professionals
• Bankers
• Security professionals

About the Certified Ethical Hacker Master

To earn the CEH Master certification, you must pass the CEH Practical exam. The CEH Practical Exam was designed to give students a chance to prove they can execute the principals taught in the CEH course. The practical exam requires you to demonstrate the application of ethical hacking techniques such as threat vector identification, network scanning, OS detection, vulnerability analysis, system hacking, and more.

The CEH Practical does not contain simulations. Rather, you will be challenging a live range which was designed to mimic a corporate network through the use of live virtual machines, networks, and applications.

Successfully completing the challenges found in the CEH Practical Exam is the next step after attaining the Certified Ethical Hacker (CEH) certification. Successfully passing both the CEH exam and the CEH Practical will earn you the additional certification of CEH Master.

About the Certified Ethical Hacker Practical

To prove that you are skilled in ethical hacking, we test your abilities with real-world challenges in a real-world environment, using labs and tools requiring you to complete specific ethical hacking challenges within a time limit, just as you would face in the real world.

The EC-Council CEH (Practical) exam is comprised of a complex network that replicates a large organization’s real-life network and consists of various network systems (including DMZ, Firewalls, etc.). You must apply your ethical hacking skills to discover and exploit real-time vulnerabilities while also auditing the systems.

About CPENT

EC-Council’s Certified Penetration Tester (CPENT) program is all about the pen test and will teach you to perform in an enterprise network environment that must be attacked, exploited, evaded, and defended. If you have only been working in flat networks, CPENT’s live practice range will teach you to take your skills to the next level by teaching you to pen test IoT systems, OT systems, as well as how to write your own exploits, build your own tools, conduct advanced binaries exploitation, double pivot to access hidden networks, and customization of scripts and exploits to get into the innermost segments of the network.

About CHFI

The Computer Hacking Forensic Investigator (CHFI) course delivers the security discipline of digital forensics from a vendor-neutral perspective. CHFI is a comprehensive course covering major forensic investigation scenarios and enabling students to acquire necessary hands-on experience with various forensic investigation techniques and standard forensic tools necessary to successfully carry out a computer forensic investigation.

This instructor-led, live training in Braga (online or onsite) focuses on analyzing the risks of Open Data while reducing vulnerability to disaster or data loss.

By the end of this training, participants will be able to:

• Understand the concepts and benefits of Open Data.
• Identify the different types of data.
• Understand the risks of Open Data and how to mitigate them.
• Learn how to manage Open Data risks and create a contingency plan.
• Implement Open Data risk mitigation strategies to reduce disaster risk.

This instructor-led, live Payment Card Industry Professional training in Braga (online or onsite) provides an individual qualification for industry practitioners who wish to demonstrate their professional expertise and understanding of the PCI Data Security Standard (PCI DSS).

By the end of this training, participants will be able to:

• Understand the payment process and the PCI standards designed to protect it.
• Understand the roles and responsibilities for entities involved in the payment industry.
• Have deep insight into, and understanding of, the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and how it applies to organizations that are involved in the transaction process.

This instructor-led, live training in Braga (online or onsite) is aimed at security engineers who wish to use IBM Qradar SIEM to address pressing security use cases.

By the end of this training, participants will be able to:

• Gain visibility into enterprise data across on-premise and cloud environments.
• Automate security intelligence to hunt threats and to contain risks.
• Detect, identify, and prioritize threats.