Cyber Security Training in Setúbal

This instructor-led, live training in Setúbal (online or onsite) is aimed at advanced-level cybersecurity professionals, AI engineers, and IoT developers who wish to implement robust security measures and resilience strategies for Edge AI systems.

By the end of this training, participants will be able to:

• Understand security risks and vulnerabilities in Edge AI deployments.
• Implement encryption and authentication techniques for data protection.
• Design resilient Edge AI architectures that can withstand cyber threats.
• Apply secure AI model deployment strategies in edge environments.

This instructor-led, live training in Setúbal (online or onsite) is aimed at intermediate-level cybersecurity professionals and data scientists who wish to utilize LLMs for enhancing cybersecurity measures and threat intelligence.

By the end of this training, participants will be able to:

• Understand the role of LLMs in cybersecurity.
• Implement LLMs for threat detection and analysis.
• Utilize LLMs for security automation and response.
• Integrate LLMs with existing security infrastructure.

This instructor-led, live training in Setúbal (online or onsite) is aimed at intermediate-level to advanced-level cybersecurity professionals and technical leads who wish to understand how to implement AI models to enhance security processes, automate threat detection and response, and perform predictive analysis.

By the end of this training, participants will be able to:

• Understand the role of AI in modern cyber security.
• Develop machine learning models for anomaly and threat detection.
• Implement AI for automating incident response and security operations.
• Evaluate the ethical and operational considerations of AI in cybersecurity.

This instructor-led, live training in Setúbal (online or onsite) is aimed at intermediate-level analysts who wish to effectively analyze, secure, and protect their organization's data and networks from cyber threats.

By the end of this training, participants will be able to:

• Gain a comprehensive understanding of the current cybersecurity landscape.
• Learn and apply industry-standard cybersecurity frameworks (e.g., NIST, ISO/IEC 27001) and best practices to enhance the security posture of their organization.
• Implement effective network security measures, including configuring firewalls, VPNs, IDS/IPS systems, and applying encryption techniques to protect data at rest and in transit.
• Identify, analyze, and respond to cybersecurity incidents using threat intelligence, SIEM tools, and incident response plans.

This instructor-led, live training in Setúbal (online or onsite) is aimed at beginner-level security managers and designers who wish to effectively plan, design, and implement security strategies that are integrated, technologically advanced, and compliant with legal and ethical standards.

By the end of this training, participants will be able to:

• Learn how to integrate security considerations into architectural and facility design.
• Assess threats and vulnerabilities to inform security planning.
• Develop comprehensive security plans that address a range of threats.
• Create effective emergency response and crisis management plans.

This instructor-led, live training in Setúbal (online or onsite) is aimed at experienced developers who wish to gain a comprehensive understanding of Python programming and its applications in cybersecurity.

By the end of this training, participants will be able to:

• Use Python programming for defensive cybersecurity.
• Understand and use Python for ethical offensive techniques and digital forensics tasks.
• Recognize legal and ethical considerations surrounding offensive cybersecurity and vulnerability disclosure.

This instructor-led, live training in Setúbal (online or onsite) is aimed at intermediate-level cloud architects, cloud security engineers, and DevOps professionals who wish to implement Zero Trust principles within cloud environments and leverage cloud-native security tools to enhance their organization’s security posture.

By the end of this training, participants will be able to:

• Design and implement Zero Trust architecture in a cloud environment.
• Utilize cloud security tools to enforce Zero Trust policies.
• Apply access controls and continuous monitoring in cloud-native applications.
• Integrate identity and authentication systems with cloud services.
• Assess the security of cloud environments through a Zero Trust lens.

This instructor-led, live training in Setúbal (online or onsite) is aimed at intermediate-level IT professionals who wish to effectively use and manage Sophos XG Firewall to enhance the security posture of their organizations or clients.

By the end of this training, participants will be able to:

• Understand the features and capabilities of Sophos XG Firewall.
• Perform initial setup, configure network interfaces, and create and manage firewall policies and rules.
• Understand how to integrate with various authentication services.
• Utilize Sophos XG Firewall's monitoring and reporting tools to maintain oversight of network security.

This instructor-led, live training in Setúbal (online or onsite) is aimed at intermediate-level IT professionals who wish to enhance their skills in identifying and managing IT risk and implementing information systems controls, and prepare for the CRISC certification exam.

By the end of this training, participants will be able to:

• Understand the governance and risk management aspects of IT.
• Conduct IT risk assessments and implement risk responses.
• Design and implement information systems controls.
• Prepare effectively for the CRISC certification exam.

This instructor-led, live training in Setúbal (online or onsite) is aimed at intermediate-level AI and cybersecurity professionals who wish to understand and address the security vulnerabilities specific to AI models and systems, particularly in highly regulated industries such as finance, data governance, and consulting.

By the end of this training, participants will be able to:

• Understand the types of adversarial attacks targeting AI systems and methods to defend against them.
• Implement model hardening techniques to secure machine learning pipelines.
• Ensure data security and integrity in machine learning models.
• Navigate regulatory compliance requirements related to AI security.

Objectives

• Familiarization with the proposed changes
• Gaining knowledge on how to prepare for changes

Offensive Security Certified Professional (OSCP) is a hands-on training course designed to help participants acquire practical penetration testing skills aligned with the OSCP certification objectives.

This instructor-led, live training (online or onsite) is aimed at intermediate-level security professionals who wish to identify, exploit, and remediate vulnerabilities in modern systems and networks through ethical hacking techniques.

By the end of this training, participants will be able to:

• Conduct information gathering, enumeration, and vulnerability scanning.
• Exploit systems using advanced penetration testing techniques.
• Escalate privileges and maintain access on compromised systems.
• Document and report findings in a professional penetration test report.

Format of the Course

• Interactive lecture and discussion.
• Hands-on use of Kali Linux tools in practical penetration testing scenarios.
• Guided exercises focused on exploitation, privilege escalation, and documentation.

Course Customization Options

• To request a customized training for this course based on your team's environment or OSCP exam preparation needs, please contact us to arrange.

The CCSK Foundation course starts with the fundamentals, then increases in complexity as it works through all 16 domains of the CSA Security Guidance, recommendations from the European Union Agency for Network & Information Security (ENISA), and an overview of the Cloud Controls Matrix.

This is a Cloud Security Alliance (CSA) authorized course and NobleProg is an official CSA Training Partner.

This course is delivered by CSA Authorized CCSK Instructors.
All attendees receive:

• official CSA CCSK Foundation course certificates
• official CCSK Foundation Student Handbooks
• 1 CCSK exam voucher and 1 re-attempt exam voucher

This course covers the most current version of the CCSK exam - currently version 4.1.

Open Source Intelligence (OSINT) refers to any information that can legally be gathered from free, public sources about an individual or organization. OSINT also refers to the process of collecting this data, analyzing it, and using it for intelligence purposes.

Audience

• Researchers
• Security analysts
• Investigators
• Law enforcement
• Government and military personnel

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Who is it for:

Anyone with an interest in information security, whether as a career or for general business knowledge.

This certificate is relevant to anyone requiring an understanding of Information Security Management Principles as well as those with an interest in information security either as a potential career or as an additional part of their general business knowledge. It is very much a firm foundation on which other qualifications can be built or which provides a thorough general understanding to enable organisations to begin to ensure their information is protected appropriately.

What will I learn:

Candidates should be able to demonstrate: 

• Knowledge of the concepts relating to information security management. 
• Understanding of current national legislation and regulations which impact upon information security management. 
• Awareness of current national and international standards, frameworks and organisations which facilitate the management of information security.  
• Understanding of the current business and common technical environments in which information security management must operate. 
• Knowledge of the categorisation, operation and effectiveness of controls of different types and characteristics.

Overview:

Certified Information Systems Security Professional certification is recognised as a key qualification for developing a senior career in information security, audit and IT governance management. Held by over 30,000 qualified professionals worldwide, the Certified Information Systems Security Professional qualification shows proven knowledge and is the key to a higher earning potential in roles that include CISO, CSO and senior security manager.

You will learn to:

• Use the knowledge gained in a practical manner beneficial to your organisation
• Protect your organisational assets using access control techniques and strengthen confidentiality and integrity controls from the world of cryptography
• Secure your network architecture and design (implement Cyber security)
• Achieve your organisational objectives such as legal & compliance, Information assurance, security and data governance
• Enhance IT services secure delivery via Security operations, architecture and design principles
• Implement business resiliency via Business Continuity Plan
• You will gain a thorough understanding of the 8 domains as prescribed by (ISC)2®.

The Main Goal:

• To pass your CISSP examination first time.

Target Audience:

This training is intended for individuals preparing for the CISSP certification exam.

Android is an open platform for mobile devices such as handsets and tablets. It has a large variety of security features to make developing secure software easier; however, it is also missing certain security aspects that are present in other hand-held platforms. The course gives a comprehensive overview of these features, and points out the most critical shortcomings to be aware of related to the underlying Linux, the file system and the environment in general, as well as regarding using permissions and other Android software development components.

Typical security pitfalls and vulnerabilities are described both for native code and Java applications, along with recommendations and best practices to avoid and mitigate them. In many cases discussed issues are supported with real-life examples and case studies. Finally, we give a brief overview on how to use security testing tools to reveal any security relevant programming bugs.

Participants attending this course will 

• Understand basic concepts of security, IT security and secure coding
• Learn the security solutions on Android
• Learn to use various security features of the Android platform
• Get information about some recent vulnerabilities in Java on Android
• Learn about typical coding mistakes and how to avoid them
• Get understanding on native code vulnerabilities on Android
• Realize the severe consequences of unsecure buffer handling in native code
• Understand the architectural protection techniques and their weaknesses
• Get sources and further readings on secure coding practices

Audience

Professionals

The course provides essential skills for PHP developers necessary to make their applications resistant to contemporary attacks through the Internet. Web vulnerabilities are discussed through PHP-based examples going beyond the OWASP top ten, tackling various injection attacks, script injections, attacks against session handling of PHP, insecure direct object references, issues with file upload, and many others. PHP-related vulnerabilities are introduced grouped into the standard vulnerability types of missing or improper input validation, incorrect error and exception handling, improper use of security features and time- and state-related problems. For this latter we discuss attacks like the open_basedir circumvention, denial-of-service through magic float or the hash table collision attack. In all cases participants will get familiar with the most important techniques and functions to be used to mitigate the enlisted risks.

A special focus is given to client-side security tackling security issues of JavaScript, Ajax and HTML5. A number of security-related extensions to PHP are introduced like hash, mcrypt and OpenSSL for cryptography, or Ctype, ext/filter and HTML Purifier for input validation. The best hardening practices are given in connection with PHP configuration (setting php.ini), Apache and the server in general. Finally, an overview is given to various security testing tools and techniques which developers and testers can use, including security scanners, penetration testing and exploit packs, sniffers, proxy servers, fuzzing tools and static source code analyzers.

Both the introduction of vulnerabilities and the configuration practices are supported by a number of hands-on exercises demonstrating the consequences of successful attacks, showing how to apply mitigation techniques and introducing the use of various extensions and tools.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn client-side vulnerabilities and secure coding practices
• Have a practical understanding of cryptography
• Learn to use various security features of PHP
• Learn about typical coding mistakes and how to avoid them
• Be informed about recent vulnerabilities of the PHP framework
• Get practical knowledge in using security testing tools
• Get sources and further readings on secure coding practices

Audience

Developers

The Combined SDL core training gives an insight into secure software design, development and testing through Microsoft Secure Development Lifecycle (SDL). It provides a level 100 overview of the fundamental building blocks of SDL, followed by design techniques to apply to detect and fix flaws in early stages of the development process.

Dealing with the development phase, the course gives an overview of the typical security relevant programming bugs of both managed and native code. Attack methods are presented for the discussed vulnerabilities along with the associated mitigation techniques, all explained through a number of hands-on exercises providing live hacking fun for the participants. Introduction of different security testing methods is followed by demonstrating the effectiveness of various testing tools. Participants can understand the operation of these tools through a number of practical exercises by applying the tools to the already discussed vulnerable code.

Participants attending this course will 

Understand basic concepts of security, IT security and secure coding

Get known to the essential steps of Microsoft Secure Development Lifecycle

Learn secure design and development practices

Learn about secure implementation principles

Understand security testing methodology

• Get sources and further readings on secure coding practices

Audience

Developers, Managers

Cyber Security is the practice of applying technologies, controls, and processes to protect computer systems, servers, networks, devices, programs, and data from malicious cyber attacks.

This instructor-led, live training (online or onsite) is aimed at anyone who wish to learn how to protect internet-connected systems from different kinds of cyber threats.

By the end of this training, participants will be able to:

• Understand the concept of Cyber Security.
• Learn and understand the different Cyber Security threats.
• Learn processes and best practices to protect internet-connected systems from cyber attacks.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Setúbal (online or onsite) is aimed at IT professionals who wish to learn and apply the fundamentals of Cybersecurity practices, processes, and tools in their organization.

By the end of this training, participants will be able to:

• Understand the Cybersecurity concepts, definitions, architecture, and principles.
• Learn how to secure and protect digital assets (networks, systems, applications, and data).
• Implement security models, frameworks, operational techniques, and incident handling.
• Evaluate and mitigate the impact of cyber attacks, risks, threats, and vulnerabilities.
• Gain insights on cybersecurity challenges with emerging technologies.

This instructor-led, live training in Setúbal (online or onsite) is aimed at software engineers and IT professionals who wish to gain a deeper knowledge on CyBOK and strengthen theoretical and applied skills in cyber security.

By the end of this training, participants will be able to:

• Understand the fundamental concepts, definitions, and principles of cyber security.
• Acquire in-depth expertise in cyber security by implementing the CyBOK knowledge areas.
• Gain extensive and foundational knowledge to operationalize the CyBOK framework.
• Facilitate community and organization enablement to increase focus on data security and privacy.
• Expand opportunities to earn specialization and credentials for cyber security professions.

The RESILIA course starts with the purpose, key terms, the distinction between resilience and security, and the benefits of implementing cyber resilience. It introduces risk management and the key activities needed to address risks and opportunities. Further, it explains the relevance of common management standards and best practice frameworks to achieve cyber resilience. Subsequently, it identifies the cyber resilience processes, the associated control objectives, interactions and activities that should be aligned with corresponding ITSM activities. In the final part of the course, it describes the segregation of duties and dual controls related to cyber resilience roles and responsibilities.

The course is intended for those requiring intelligence or evidence from the Dark Web. This will usually be those working in government or law enforcement though may also be in the private sector.

This course provides an expert introduction to the newly enacted Accessibility Law and equips developers with the practical skills to design, develop, and maintain fully accessible applications. Starting with a contextual discussion on the law's importance and implications, the course quickly shifts to hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

This course provides leaders and managers with an overview of issues and activities associated with cybersecurity.

Leaders will receive information in various topics that will build their knowledge and hone executive decision-making in regard to the cybersecurity threat.    
 

By the end of this training, participants will be able to:

• Understand the Internet, social network Privacy
• Know PII and why it is important
• Know how to secure the Online Activates
• Know how to maintain the Privacy of business users
• Know more of the Cyber laws that protect the Privacy

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

HIPAA (Health Insurance Portability and Accountability Act of 1996) is a legislation in the United States that provides provisions for data privacy and security for handling and storing medical information. These guidelines are a good standard to follow in developing health applications, regardless of territory. HIPAA compliant applications are recognized and more trusted globally.

In this instructor-led, live training (remote), participants will learn the fundamentals of HIPAA as they step through a series of hands-on live-lab exercises.

By the end of this training, participants will be able to:

• Understand the basics of HIPAA
• Develop health applications that are compliant with HIPAA
• Use developer tools for HIPAA compliance

Audience

• Developers
• Product Managers
• Data Privacy Officers

Format of the Course

• Part lecture, part discussion, exercises and heavy hands-on practice.

Note

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Setúbal (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

This instructor-led, live training in  (online or onsite) is aimed at developers, engineers, and architects seeking to secure their web apps and services.

By the end of this training, participants will be able to integrate, test, protect, and analyze their web apps and services using the OWASP testing framework and tools

This instructor-led, live training in Setúbal (online or onsite) is aimed at information analysts who wish to learn the techniques and processes behind social engineering so as to protect sensitive company information.

By the end of this training, participants will be able to:

• Set up the necessary development environment to start creating custom malware.
• Backdoor legitimate web applications undetected.
• Deliver evil files as normal file types.
• Use social engineering techniques to lead targets into a fake website.