Be a security ninja: webinar recording and bonus level

Information security is one of the disciplines gaining enormous popularity in recent years. We decided to help everyone and organized a cycle of free webinars on information security. Today we publish videos and announce a bonus level dedicated to practical information security.

"Basic terms of information security"

The webinar deals with basic terms and definitions, basic concepts and approaches to ensuring information security. We talked about risk assessment, taxonomy of threats, kill-chain-scenarios describing the actions of the attacker, the development of effective protective measures, as well as the role of information security units in the company's life cycle.

"Information Security Standards"

Standards from international information security consortia such as NIST, OWASP, ISACA, PCI DSS, SANS, ISO 27XXX were reviewed at the webinar. After watching the video, you will get an idea of ​​the technical and methodological basis. Actual for those who plan to protect the infrastructure or expects to use their forces in pentest.

')

Materials

"Information Security Requirements"

The webinar reviewed several types of regulatory documents:

• defining requirements and approaches to ensuring the security of information that may have value for a company;
• determining the requirements and approaches to the use of cryptographic information security tools.

Materials

"Information Security Technologies"

The webinar reviewed the main technical tools that are used to comply with the principles of information security: antivirus, sandboxes, firewalls, IDS / IPS, honeypot, vulnerability scanners, DAM, DLP, PKI, IAM, MDM, SIEM and many others. Additionally, we talked about the main elements of building a safe ecosystem of the company's information structure.

"Information Security Trends"

This webinar discussed the main threats and motives of the attackers, the use of the concept of Data Centric Security, methods of effectively countering the modern threat landscape and security models. Plus, understand the implementation of the New Wave information security tools, such as CASB, SaaS and others.

"Secret Level"

As promised, we will complement the theoretical webinars with practical, dedicated to penetration testing.



In them you will learn how:

• Attacking the company's network perimeter - our experts will tell you how to successfully attack the perimeter, consider practical cases and tools.
  
  The “Network Perimeter Attacks” webinar will be held on October 30 from 16.00 to 18.00 Moscow time. To register for the event follow the link:
  
  jetinfosystems.timepad.ru/event/836768
• Perform onside attacks — capture a domain controller in a matter of minutes, or gain access to bank processing, while having minimal privileges in the system.
  
  The webinar "Conducting onside attacks" will be held November 6 from 16.00 to 18.00 Moscow time. To register for the event follow the link:
  
  jetinfosystems.timepad.ru/event/836790
• Attacking a company's web-based application — using web vulnerabilities to access critical data and attack a company's top management.
  
  The webinar "Attacks web applications" will be held November 13 from 16.00 to 18.00 Moscow time. To register for the event follow the link:
  
  jetinfosystems.timepad.ru/event/836810

The webinars will be conducted by employees of the Practical Security Analysis Laboratory with extensive experience in penetration testing in the banking sector, retail, e-commerce, and FINTECH.



If you have any questions, write to security@jet.su with the theme of Secret Level.