7safe 2016 cyber development training prospectus

Cyber Development Training Prospectus

2016Advanced skills training programmes and professional cyber development for current and future security professionals in:

Ethical hacking (penetration testing) Digital forensics Cyber incident response Information security

Discover | Develop | Secure

www.7safe.com

Contents 03 Cyber Development Training

04 Why Train with 7Safe?

05 7 Good Reasons to Choose 7Safe

06 7Safe Training Passports

07 Our Training Locations

08 7Safe Cyber Development Skills

10 Ethical Hacking Courses

11 Certified Security Testing Associate (CSTA)

12 Certified Security Testing Professional (CSTP)

13 Certified Wireless Security Analyst (CWSA)

14 Certified Mobile Security Tester (CMST)

15 Certified Application Security Tester (CAST)

16 Digital Forensics Courses

17 Certified Data Collection Technician (CDaCT)

18 Certified Forensic Investigation Practitioner (CFIP)

19 Certified Malware Investigator (CMI)

20 Certified Mac Forensics Specialist (CMFS)

21 Certified Linux Forensic Practitioner (CLFP)

22 Certified Forensic Investigation Specialist (CFIS)

23 Certified Cyber Investigator (CCI)

24 Information Security Training

25 Hacking Insight for Managers (HIM)

26 Certified ISO 27001 Implementation Practitioner (CIIP)

27 Payment Card Industry Data Security Standard (PCI DSS) Implementation

28 Software Security Certified Secure Coding for Software Developers (CSCSD)

29 MSC in Professional Practice in Digital Forensics and Security

30 7Safe Services Cyber Security Capabilities

32 Digital Investigation Capabilities

33 Cyber Incident Response

34 eDiscovery

35 Information Governance

2 7Safe Cyber Development Prospectus 2016

“ We look forward to partnering with you to combat the growing cyber threat across all industry sectors, through the delivery of the highest quality cyber security training.” Richard Allen Education Business Development Manager

7Safe Cyber Development Prospectus 2016 3

Professional cyber development training at 7SafeEach year, around 500 of the world’s leading cyber experts start and develop their vocational training with 7Safe. Some of them go on to lead their organisation’s security procedures and tackle serious crime, and others become technical leaders protecting technical assets.

Cyber Security and Digital Investigations are rapid growth areas within IT and the skills required are in demand.

7Safe training is intensive: our consultants coach individual delegates so that they leave with the confidence to do the job that they are training for. Our aim is to create skilled professionals capable of undertaking work as penetration testers, reviewing and testing software code for security flaws, and performing digital forensics analysis.

The traditional graduate recruitment and training route to acquiring these skills and qualifications would typically take around two years.

We maintain regular contact with all our Alumni, supporting them throughout their career progression.

Who are 7Safe?We provide cyber security and digital investigation advice, education and technical services to all technology-enabled organisations.

Since 2001, we have been helping organisations to develop, maintain and grow their cyber security and information investigation capabilities, increasing their overall trust in the systems that they operate, the information that they hold and the people who have access to it.

We offer a range of consultancy services, including: Penetration testing and technical security assessments Digital forensic investigations PCI and ISO27001 audit and compliance Information security policy, and reviews of best practice eDiscovery document and audio review, and secure data hosting Information governance and data risk assessments

Professional cyber development is the cornerstone of effective security and we underpin the services above with our portfolio of university and industry-accredited courses and certifications.

As part of PA Consulting Group, we offer a comprehensive set of IT, cyber security and education services that few can compete with.



“ Whatever stage you are at in your career, we’re here to help you. We are committed to helping people develop their skills and gain professional qualifications not only as they enter the cyber security industry, but as they progress through it.” Kathryn Hurcomb, Education Co-ordinator

Our courses are all taught by practising consultants who are either former police officers and government security professionals, industry-experienced penetration testers, and/or respected digital forensics specialists who are engaged by police forces in the UK (and around the world) to provide evidence in high-profile criminal cases.

Accredited by CREST and the IISP, our courses offer current, relevant skills that are designed for your work place, as well as the support of joining our exclusive Alumni Network. Unlike other Cyber Academies, 7Safe’s Development Centre provides regular courses throughout the year. We even take our training to prestigious city venues around the UK and to Europe.

Would you like to be one of the few who make the grade?This prospectus shows just some of the training courses and experiences on offer to IT professionals and entry-level delegates, with information on how to book your place.

Current, relevant courses delivered by practising consultants… developed, delivered and regularly revised to reflect latest developments, techniques, exploits, and defensive recommendations, an approach that guarantees up-to-date, highly relevant real-world content.

Work-based, practical approach that satisfies real-world requirementsHands-on practical exercises transfer skills needed in the workplace, and unlike so many courses in this field, when delegates complete the exam, they are ready to do the job.

Membership of 7Safe Alumni Network 7Safe’s Alumni Network gives our delegates exclusive membership access to all the latest updates in our courses, so that they never fall behind when things change. It’s also the perfect community for crowdsourcing technical advice when needed back at your work place.

Skills needed by industry and government7Safe’s technical training courses provide industry recognised certifications with delegates coming to us from all sectors including law enforcement agencies and even our competitors to increase their in-house capability and peer recognition.

7Safe Training provides:

Why train with 7Safe?

To find out if our cyber training is right for you, and to make a booking, contact our education team on 01763 285 285 or email [email protected]

7 good reasons to choose 7SafeYou will become:1. A recognised cyber professional:

you will join a growing community of cyber experts who seek to uphold the standards required to protect businesses and individuals alike.

2. A visionary for improvement: the knowledge and advice you will receive in the latest cyber security techniques will enable you to apply your learning to real world scenarios.

3. Well-informed and able to gather the right critical information: you will learn to understand the root cause of problems and act based on fact, not guesswork.

4. Able to secure the respect of others: you will learn to follow the best practice recommended by partners IISP, CREST, and ACPO.

5. Capable of strategic thinking within your area of specialism: you will learn from our consultants how to anticipate trends in cybercrime associated with the rapid development of info tech.

6. Proficient at cyber project management: you will learn to carry out your work in a highly-proficient, methodological and managed way.

7. Confident at achieving your goals: you will be able to measure and review your progress towards career objectives.


7Safe training passportsDiscounted training with 7Safe’s Training Passports are the most economical way to get all the training that you or your team needs. Each Training Passport enables you to purchase a set number of training days – which can be used across our entire portfolio of courses – for a discounted rate compared to when booking the courses individually.


Gain the most up-to-date skills Significantly reduce your training costs

Greater flexibility with class scheduling

Visit our website for latest deals regarding our Training Passports and prices.

7Safe Training AlumniAs a 7Safe training alumni, you are fundamental to our continued success, so we are keen to keep in touch with you. Your lifelong connection with us offers you many benefits:

Networking opportunities Professional development Discounts on new courses (loyalty discounts)

Lifelong learning – from access to white papers or briefings on the latest cyber security issues

Key Benefits:


Cambridge Cyber Development Centre 7Safe courses are taught in several locations, including our flagship Cambridge Cyber Development Centre (CDC) at Melbourn. At the CDC, our trainers use purpose-built facilities to create the right environment in which to provide structured hands-on training. Many of our delegates remark that our approach is different and advantageous because of the personal attention they receive in this unique educational setting. However, if you would prefer to train at your organisation’s site, or at a public training venue closer to your home or company location, we offer these alternative options:

On-site training: For groups of 8 people or more, we can design a tailor-made package to meet your company’s cyber skills requirements delivered onyour site. For more details, see:www.7safe.com/professionaldevelopment/custom-courses

7Safe training ‘at a City near you’Convenient training venuesaround the UK, including:

London Manchester Reading

For the latest venues anddates, see: www.7safe.com/professional-development

Accredited training partners7Safe Accredited TrainingPartners (ATP) based in USA,Ireland and Cyprus, offer access to our market leading cyber trainingprogrammes outside the UK.

We are also planning on-site and public training courses in EU countries and welcome enquiries by telephone, email or the web.

Our training locations7Safe offers you a wide choice of venues designed to suit your needs and budget, starting with our flagship training centre close to the vibrant City of Cambridge.

The opportunity to perform ‘hands-on’ hacking and forensic work using the latest equipment is one feature of our Cyber Training Programme; others include:

Up-to-date technology and training rooms Free lunch and coffees throughout your course Air-conditioned training rooms in well-lit, spacious surroundings Free on-site car parking with no restrictions for private car users Near to major road network (M11/A10/A505) and train stations Only 36 minutes by train from central London*

Where to find usBy car60 miles from London105 miles from Birmingham95 miles from Oxford

By trainLondon Kings Cross to Royston station36 minute direct train journey and 10 minute taxi to Cambridge Technology Centre

* plus short taxi ride.

Ethical Hacking• Penetration Tester/Ethical Hacker• Intrusion Detection and Attack

Monitoring• IT Security Manager

Information Security• Hacking Awareness Training• PCI DSS Awareness• ISO27001 Implementation

Software Security• Secure Coding for Software

Developers

7Safe cyber development skills overview

Awareness Fundamentals

Digital Forensics• Computer Forensics Consultant• Cyber Security Analyst• Data Forensics Technician• Forensic Computer Analyst

CDaCT Data Collection

Technician

CIIP ISO 27001

Implementation

PCI DSSPCI DSS

Implementation

HIM Hacking Insight for Managers


7Safe Cyber Development Prospectus 2016 97Safe Cyber Development Prospectus 2016 9


Course accreditations

Meet the trainersOur courses are all taught by practising consultants whoare either former government security professionals or police officers, industry experienced penetration testers or respected digital forensics specialists.

Aleksander GorkowienkoPenetration Testing Training Team Manager

Digital Forensics Training TeamPaul CainDave SwindenSteve Shepherd

Core Specialist

CCINetwork Forensic

Investigation

CFIS Forensic

Investigation

CLFP Linux Forensic Investigation

CMFS Apple Mac

Forensic

CMI Malware

Investigation

CFIP Forensic

Investigation

CSCSD Secure Coding

CMSTMobile App

security

CASTAdvanced Web

App Security

CSTPEthical Web

Hacking

CSTA Ethical Hacking

CWSAWireless Security


Ethical hacking courses and certifications overview7Safe’s ethical hacking courses are aimed at penetration testers, software developers, system administrators and network architects. We provide the latest techniques as well as valuable insight into the attack methods used by hackers and how to defend your systems against them. Our courses are between two and four days of hands-on experience, using practical exercises to discover and learn techniques/methods that will provide both developing and experienced cyber professionals with the latest in-depth knowledge.

“ After completing the CSTP Ethical Web Application Hacking training course I applied for a few pen-testing positions and I recently joined Marks & Spencer as an Ethical Hacker. The training at 7Safe consolidated my previous knowledge in web application security and therefore helped me a lot in my career.” Ethical Hacker, Marks and Spencer


Ethical hacking courses and certifications overview


What will I learn? You will learn a series of attack methodologies and gain practical experience using a range of tools to undertake an infrastructure penetration test across a multi-OS environment

Once you are able to identify and exploit vulnerabilities in a safe manner, you will be introduced to a range of defensive countermeasures, allowing you to protect your network and respond to cyber threats

How will I benefit?This course in particular will give you:

Valuable preparation and hands-on practice in preparation for the CREST Registered Penetration Tester (CRT) examination

Understanding of common infrastructure vulnerabilities and how to exploit or resolve them

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Security Testing Associate (CSTA) qualification, accredited by both CREST and the IISP. Who should attend?If you are looking to improve your career prospects by starting or transitioning into a cyber security role e.g.

Network engineers Systems administrators Systems architects or developers

CSTA prerequisites:Basic understanding of TCP/IP networking and comfortable with Windows and Linux command line.

CSTA is also a good source of information on TCP/IP networking, should you wish to refresh your knowledge.

This infrastructure ethical hacking course is our most popular core-level technical course for people from a wide variety of network related and security roles across all industry sectors looking to develop their own capability to support their organisation’s in-house cyber team.

“ I found it all very interesting, the hardware and software system was excellent, everything worked as planned. The content was extremely relevant to our organisation.” CSTA Delegate SuperWebs Ltd

Ethical HackingCertified Security Testing Associate (CSTA)Core-level course 7 good reasons to choose 7Safe - see page 5


Accreditations

CSTA is accredited by CREST and helps you prepare for the CREST Registered Penetration Tester examination.

Covering the IISP skill areas of Level 1: A6, B2 and C1; Level 1+: D1, D2, D3


What will I learn? You will be introduced to a range of defensive countermeasures to become more resistant to attack

You will learn how to exploit these vulnerabilities to access data and functionality beyond your remit

How will I benefit?This course will give you:

Valuable preparation for the CREST Registered Penetration Tester (CRT) examination and the knowledge required to join our CAST course (advanced web application security)

The skills and understanding to progress to the next stage in your career as a security professional

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Security Testing Professional (CTSP) qualification.

Who should attend?Anyone with responsibility for, or an interest in, the security of web applications, including:

System administrators Software developers Budding penetration testers Anyone subject to the requirements of the Payment Card Industry Data Security Standard (PCI DSS)

CSTP prerequisitesAn understanding of how a web page is requested and delivered:

Are you familiar with the high-level components involved, e.g. browsers, web servers, web applications and databases?

What are HTTP and HTML? An understanding of databases and SQL would also be an advantage

If you are a web developer looking for a secure coding course, please see our Certified Secure Coding for Software Developers (CSCSD). See page 28.

This web application ethical hacking course is designed to give you the skills you need to ensure valuable data assets are effectively protected.

“ Sarantis is a great instructor. The course content helped to reinforce my existing knowledge and give real world examples and practical exercises for the key features of the content and syllabus.” CSTP Delegate NewVoiceMedia Ltd

Ethical HackingCertified Security Testing Professional (CSTP) Core-level course 7 good reasons to choose 7Safe - see page 5


Accreditations

CSTP is accredited by CREST and helps you prepare for the CREST Registered Penetration Tester examination.

Covering the IISP skill areas of Level 1: A6, B2 and C1; Level 1+: D2


What will I learn? You will learn how hackers bypass wireless security, and gain an understanding of the principles of wireless cryptography

Once able to identify and exploit vulnerabilities, you will be introduced to a range of defensive countermeasures, allowing you to complete the final exercise of building a secure wireless network to protect information assets


Valuable preparation for the CREST Registered Penetration Tester (CRT) examination

A thorough understanding of how hackers target wireless networks and how to protect wireless networks (and clients) from attack in the real world

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Wireless Security Analyst (CWSA) qualification.

Who should attend?Anyone with responsibility for, or an interest in, the security of wireless networks and Wi-Fi enabled devices, including:

IT managers Systems/network administrators IT security professionals Forensic/network investigators

CWSA prerequisitesBasic understanding of TCP/IP networking:

Are you familiar with the OSI model? Can you name a layer 2 and layer 3 protocol?

Can you describe how a request reaches a web server through Ethernet, IP and TCP?

If you are planning to do both the CSTA and CWSA courses, we recommend you take CSTA first.See page 11.

This two-day course is for people involved in a variety of wireless network-related roles. It is designed to give you the skills you need to develop a more secure infrastructure around critical data and applications, and defend systems from unauthorised wireless attacks.

“ An essential course for those designing and configuring all aspects of wireless networking.” CWSA Delegate New Vision Group Ltd

Ethical HackingCertified Wireless Security Analyst (CWSA) Core-level course 7 good reasons to choose 7Safe - see page 5


Accreditations

CWSA is accredited by CREST and helpsyou prepare for the CREST Registered Penetration Tester examination and the CREST Wireless Specialist examination.

Covering the IISP skill areas of Level 1:A6, B2 and C1; Level 1+: D2


What will I learn? You will be led through the current OWASP Mobile Top Ten, the most critical mobile application security risks that leave organisations and their customers’ data vulnerable to attack

Once able to identify and exploit vulnerabilities in both iOS and Android platforms, you will be introduced to a range of defensive countermeasures, allowing you to develop applications that are more resistant to attack


An understanding of whether the sensitive information stored on mobile devices is sufficiently protected and what the risk would be if the device fell into the hands of an attacker

The ability to use a variety of tools and techniques, including static and run-time analysis, binary patching and reverse engineering, to improve mobile application security

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Mobile Security Tester (CMST) qualification.

Who should attend?Anyone looking to understand the fundamentals of mobile application security, including:

App developers IT security officers Penetration testers Network and systems administrators

CMST prerequisitesA basic understanding of:

How the iOS and Android platform and devices work

HTTP protocol Programming Windows and Linux command line Java and Objective-C languages

This three-day course is for people in a wide variety of mobile application-related roles. It introduces the fundamentals of mobile application security and gives you an understanding of whether the sensitive information stored on mobile devices is sufficiently protected.

“ The whole course was excellent, I did not realise what a massive and interesting field security is. It has opened my eyes to what the hackers do to try and steal sensitive data.” CMST Delegate Z-Tech Control Systems Ltd

Ethical HackingCertified Mobile Security Tester (CMST) Specialist-level course 7 good reasons to choose 7Safe - see page 5



What will I learn? You will be led through a range of state-of-the-art hacking tools and techniques to allow you to conduct a complete web application security assessment

Once able to identify and exploit vulnerabilities, you will learn a range of defensive counter measures, allowing you to develop applications that are more resistant to attack and provide a better protection for data assets


An industry recognised qualification, accredited by CREST and the IISP

Essential preparation for the CREST Certified Tester (application) exam

Security vulnerability identification and avoidance

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Application Security Tester (CAST) qualification.

Who should attend?People working in an application testing (security assessment/administration) or developer environment, including experienced:

Penetration testers Application developers Security professionals

CAST prerequisites Completion of the 7Safe CSTP course or equivalent knowledge

Practical experience of backend web application technologies (ef HTML, Java Script, PHP, ASP, MSSQL, MySQL)

Hands-on experience of modern hacking trends, tools and technologies would be an advantage

This specialist four-day web hacking course is for people in a wide range of application development and testing roles. It is designed to give you an in-depth knowledge of how to identify security vulnerabilities and an understanding of the real risk that these vulnerabilities pose by exploiting them.

“ Had a fantastic time on the course, well delivered, useful and eye opening to say the least. Heading off to take the CREST exam shortly! Thanks for all your help.” CAST Delegate MarketingSource Ltd

Ethical HackingCertified Application Security Tester (CAST) Specialist-level course 7 good reasons to choose 7Safe - see page 5


Accreditations

CAST is accredited by CREST and helps you prepare for the Certified Web Application Tester examination.

Covering the IISP skill areas of Level 1: A6, B2 and C1; Level 1+: D2

Digital forensics courses and certifications overview7Safe has successfully delivered its certified digital forensic training courses to numerous law enforcement and legal professionals as well as private corporations across all industry sectors. Our programme is aimed at forensic investigators, digital security practitioners and those with computer forensic experience wanting to develop skills further in order to conduct thorough, efficient and comprehensive investigations. Expert-led trainers and practical technical exercises will ensure you have the latest industry best practice knowledge and tools to conduct the most effective digital forensic investigations for your organisation.

“ Instructor was very knowledgeable and able to give examples of experience which supported and enhanced knowledge of the course material. Excellent material covered with the theory in the manual backed up by the exercises. Where material was more complex the instructor supported this by explaining it further or drawing diagrams, doing demos, etc.” CFIP Delegate, The Babraham Institute


Covering the IISP skills areas of Level 1: A2, A6 and H1; Level 1+: D1, F3


What will I learn? You will be introduced to the legalities, best practice and current techniques used for data acquisition as part of forensic investigation, eDiscovery or other regulatory proceedings

You will carry out forensic imaging in a number of environments, using different methods and software

You will learn how to extract individual mailboxes from a live Microsoft Exchange email server, as well as live system memory and volatile data capture


The skills you need to be competent in handling data during the initial stages of investigation

The opportunity to practice identifying and collecting electronic evidence/data and build your confidence

An industry-recognised qualification in data collection

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Data Collection Technician (CDaCT) qualification.

Who should attend?Anyone responsible for the process of data acquisition, including:

Law enforcement officers and agents

Network administrators IT security officers Civil litigation lawyers/legal council

Litigation support managers eDiscovery consultants

CDaCT prerequisitesA general appreciation of information technology and computer forensic principles/methods is desirable, but not essential.

This is a fundamentals-level course for people who have to handle or advise on electronic evidence/data on a regular basis and provides them with the skills to ensure that forensic and evidential integrity is retained when data is transferred or copied.

“ Steve Shepherd MBE has a great personality for teaching and has the ability to make the course fun and interesting. I have thoroughly enjoyed the course and will be sending my team on it.” CDaCT Delegate City Docs Ltd

Digital ForensicsCertified Data Collection Technician (CDaCT) Fundamentals-level course 7 good reasons to choose 7Safe - see page 5


Accreditations

Covering the IISP skills areas of Level 1: A2, A6; Level 1+: F2, F3


What will I learn? You will learn the principles and guidelines for static computer forensic investigations; the fundamentals of the complete forensic investigation process; how to preserve evidence and the methodology for conducting a forensic investigation

You will use practical, hands-on exercises to help you understand how data is stored on electronic media, how to work with key forensic investigation tools and how to identify Windows-based OS forensic artefacts

How will I benefit?The course will give you:

An understanding of each stage of a forensic investigation, from evidence seizure through to data investigation and interpretation, to report and presentation of findings

The skills to allow you to undertake the forensic acquisition of an electronic device

Confidence in working with key forensic investigation products

An industry-recognised qualification in forensic investigation and ideal preparation for the 7Safe CFIS advanced course

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Forensic Investigation Practitioner (CFIP) qualification.

Who should attend?Anyone who is or wants to be responsible for computer forensic investigations, including:

Cyber forensic and network investigators

IT security officers Law enforcement officials

CFIP prerequisitesExperience with Microsoft Windows OS and, ideally, a general appreciation of forensic principles, practices and software.

This core-level technical course is designed for people looking to develop their computer forensics investigation skills, either for a career in digital investigations or as part of their current cyber role.

“ Excellent course with very knowledgeable tutor, highly recommended.” CFIP Delegate Staffordshire University

Digital ForensicsCertified Forensic Investigation Practitioner (CFIP)Core-level course 7 good reasons to choose 7Safe - see page 5


Accreditations


What will I learn? You will learn how to identify, analyse and interpret malicious software and associated forensic artefacts, including trojan horses, viruses and worms

You will practice malware investigations from mounted, booted and network perspectives, and undertake real-world exercises, including the conversion of E01 forensic images to bootable virtual machine disks

How will I benefit?The course will give you:

The skills to analyse and interpret malicious software, and investigate network activity initiated by malicious software infection

An understanding of how to simplify complex evidence, and collate and report results

An industry-recognised qualification in malware investigation

What qualification will I receive?Upon successful completion of the exam, you will be awarded the

Certified Malware Investigator (CMI) qualification.

Who should attend?Digital forensic analysts, law enforcement officers, cyberincident investigators and system administrators looking to develop their skills in malware identification and analysis.

CMI prerequisitesCompletion of the 7Safe CFIP course is highly recommended. Otherwise you will need:

Knowledge of the principles surrounding forensic investigation and an understanding of the preliminary forensic investigation case considerations

Sound experience with the Microsoft Windows operating systems

An understanding of how a web page is requested and delivered

Ideally an understanding of Command Line Interface (CLI) and TCP/IP networking concepts

This is a core-level technical course for people looking to extend their digital forensic knowledge beyond conventional device analysis. It will help you protect your IT environment by showing you how to conduct malware analysis, from first principles all theway to investigating network activity stemming from malicioussoftware infection that your AV software has failed to detect.

“ Instructor was interesting and engaging. Obviously knew the subject well. I thoroughly enjoyed the course.” CMI Delegate Assured Security Control Ltd

Digital ForensicsCertified Malware Investigator (CMI)Core-level course 7 good reasons to choose 7Safe - see page 5


Accreditations

CMI is accredited by CREST as useful preparation for the CREST-Registered Intrusion Analyst examination.

Covering the IISP skill areas of Level 1: C1 and E1; Level 1+: F2 and F3


What will I learn? You will learn the underlying data structures of Apple devices and the many forensic artefacts specific to Mac OS X and iOS

You will practice using real life examples identifying, finding, extracting, decoding and interpreting the data stored on an Apple device from a forensic practitioner’s perspective

How will I benefit?This course will give you the opportunity to:

Learn effective techniques for the identification and interpretation of forensic artefacts on OS X and iOS devices

Understand Apple disk partitioning and develop confidence when identifying and isolating artefacts from Apple devices

Improve your ability to respond effectively to a wider range of forensic incidents

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Mac Forensics Specialist (CMFS) qualification.

Who should attend?Forensic practitioners, systems administrators and cyber investigators who want to extend their experience with Window-based systems to the Mac OS X and iOS environments.

CMFS prerequisitesCompletion of the 7Safe CFIP course is highly recommended. Otherwise you will need:

Knowledge of the principles and guidelines surrounding forensic investigation

Basic knowledge of data structures, e.g. binary and hexadecimal

This specialist-level course is for experienced forensic investigators whose role requires them to expertly examine Apple devices, giving them knowledge and confidence in handling the data and forensic evidence in Mac OS X and iOS environments.

“ An excellent course which gave a thorough overview of Mac Forensics, the HFS+ file system and important artefacts and their locations on the file system. The exercises supported the theory well and helped build on the course content. As a non-Mac user, I now feel a lot more confident working with Macs, not just for forensic analysis, but generally.” CMFS Delegate The Babraham Institute

Digital ForensicsCertified Mac Forensics Specialist (CMFS) Specialist-level course 7 good reasons to choose 7Safe - see page 5


Covering the IISP skill areas of Level 1: A6, B1, C1 and F2; Level 1+: F3

Accreditations


What will I learn? You will develop a core understanding of the file system data structures and key files in Linux-based systems so that you can be confident of capturing potential digital evidence

You will practice using both Linux GUI and command line environments, and learn how to use Linux for forensic imaging

You will capture RAM and basic volatile data from a live Linux system, and use forensic software to create an image of a Linux system

How will I benefit?On this course, you will:

Understand the data structures associated with the ‘ext’ file systems

Learn effective techniques to extract data from a Linux environment

Develop confidence when identifying and capturing Linux system artefacts

Improve your ability to respond effectively to a wider range of forensic incidents

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Linux Forensic Practitioner (CLFP) qualification.

Who should attend?Forensic practitioners, systems administrators and cyber investigators who want to extend their experience from Window-based systems to the Linux environment.

CLFP prerequisitesCompletion of the 7Safe CFIP course is highly recommended. Alternatively you will need an understanding of digital forensic principles and practices. No Linux experience is necessary.

This specialist-level course is for experienced forensic investigators who want to acquire the knowledge and skills to navigate, identify, capture and examine data from Linux-based systems.

“ Very good course, well paced and provided a good understanding of the Linux platform and analysis.” CLFP Delegate Huron Consulting

Digital ForensicsCertified Linux Forensic Practitioner (CLFP)Specialist-level course 7 good reasons to choose 7Safe - see page 5


Covering the IISP skill areas of Level 1: A6, E2; Level 1+: F2 and F3

Accreditations


What will I learn? You will learn to capture volatile and stored data from a system in a ‘live’ and ‘booted’ state and from remote and virtualised systems, and to capture mailboxes from a Microsoft Exchange Server and webmail accounts

You will practice your new skills using a realistic data/IP theft scenario employing a range of forensic tools, scripts and techniques. You will identify data from the Windows domain controller, network file shares and FTP logs before moving to more conventional analysis of a forensic image of a workstation

How will I benefit?This course will enable you to:

Develop your forensic investigation skills to an advanced level

Practise new techniques suitable for evidence identification, capture and analysis in a ‘live’ environment

Acquire an industry-recognised qualification to support your career progress

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Forensic Investigation Specialist (CFIS) qualification.

Who should attend?Experienced forensic investigators and digital security practitioners who have computer forensic experience who want to dig deeper and develop their skills. This course is a natural progression from the 7Safe CFIP course.

CFIS prerequisites Knowledge of the principles and general guidelines surrounding forensic investigations

Experience of carrying out forensic investigations

Attendance of a basic computer forensic course, e.g. 7Safe’s CFIP course

This specialist-level course is for professionals whose role requires them to capture and analyse data from ‘live’ systems. It introduces the latest guidelines and artefacts on current Windows operating systems, and teaches essential skills for conducting an efficient and comprehensive investigation.

“ The course was brilliant. I really enjoyed it. It helped me to improve and develop my knowledge. I look forward to using the skills I have gained at work.” CFIS Delegate Computer Sciences Corporation

Digital ForensicsCertified Forensic Investigation Specialist (CFIS) Specialist-level course 7 good reasons to choose 7Safe - see page 5


Accreditations

CFIS is accredited by CREST as useful for those preparing for the CREST-Certified Host Intrusion Analyst examination.

Covering the IISP skill areas of Level 1: A2 and A6; Level 1+: F2 and F3


What will I learn? You will learn and practice the critical skills needed to identify the correct forensic artefacts in a live network environment during or after a cyber event, and how to preserve and collect that data

You will practice how to correctly acquire and handle dynamic data so that you do not inadvertently alter or destroy vital clues that could result in your investigation failing or the resultant evidence being inadmissible in court

How will I benefit?This course will enable you to:

Learn a number of methodologies for undertaking a sound cyber investigation

Acquire and practice new techniques to extract relevant data from a live networked environment

Gain confidence when identifying and capturing live operating system artefacts

Improve your ability to respond effectively to a cyber event

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Cyber Investigator (CCI) qualification.

Who should attend?Experienced forensic investigators and cyber security practitioners who already have a good knowledge of forensic investigation and want to extend their skills.

CCI prerequisitesYou will need a good understanding and experience of:

The forensic investigation process Windows and Linux operating systems

Command line interface Computer networks

We strongly recommend completion of the 7Safe CFIP and CLFP courses as a minimum before attending thiscourse.

This specialist-level course is for professionals who are looking to develop and improve their ability to respond effectively to a cyber event. It helps you develop the skills needed to isolate, investigate and extract evidence from a live networked environment during or after a cyber incident.

“ This was the most useful networking investigation course I have been on in recent years. I came away with a substantial increase in my knowledge along with some very useful documentation. If you’re going to do one networking investigation course year, make it this one.” CCI Delegate Regional Cyber Crime Unit

Digital ForensicsCertified Cyber Investigator (CCI) Specialist-level course 7 good reasons to choose 7Safe - see page 5


Information security training courses and certifications overview7Safe’s information security courses are focused towards anyone with responsibility for, or with an interest in, protecting an organisation’s IT systems & data, including those employed in IT, Business, Financial and HR Management. The courses last between one and three days and provide a high-level understanding of the techniques and current trends used in hacking or the steps involved in planning, implementing and maintaining ISO 27001 or Payment Card Industry Data Security Standard (PCI DSS).


Covering the IISP skills areas of Level 1: A5, B1, B2, D2, E3, F1


What will I learn? You will gain an insight into the mindset and motivation of hackers, and learn how they infiltrate organisations and the damage that can follow

You will find out how organisations are exposed through the various routes of attack, including the internet, employees, social engineering, emails and wireless

You will learn about the security lapses behind a number of real-world, high-profile attacks

You will have the chance to try your hand at some simple web application attacks in our ‘hack lab’

How will I benefit?On this course, you will:

Gain an understanding of IT security from an attacker’s perspective

Be able to evaluate the possible risks to your business from hackers

Understand the principles of how to defend your organisation effectively from the risk of attack

Who should attend?Anyone interested in understanding the risks that hackers pose, including:

IT managers Systems analysts IT security professionals and auditors

Security officers and data protection representatives

For a course with more hands-on technical content, delegates should consider 7Safe’s CSTA and CSTP courses on pages 11 and 12

HIM prerequisites No information security knowledge is needed, just basic computer literacy

We recommend you read up on the concept of domain names and IP addresses before the course

Bring a Wi-Fi enabled device to join the ‘hack lab’ (e.g. laptop or tablet)

This one-day awareness course is for people who need a high-level understanding of hacking rather than practical know-how. It introduces the basic technical concepts behind the various stages of a hacking attack, as well as some common tools used by hackers and security professionals.

“ Excellent instruction; clear and concise overview, perfect for non-specialists.” HIM Delegate PA Consulting Group

Information SecurityHIM Hacking Insight for ManagersAwareness-level course 7 good reasons to choose 7Safe - see page 5

Information security training courses and certifications overview


Accreditations

Covering the IISP skills areas of Level 1: A1, A2, A3, A4, A5, A6, D1, E1, E2, G1 Level 1+: B1, B2


What will I learn? You will gain an understanding of the key steps involved in planning, implementing and maintaining an ISO 27001-compliant information security management system (ISMS)

You will learn what an ISMS is and how to define information security policies for your organisation

You will gain the skills needed to identify information assets and undertake a risk assessment, and will acquire effective techniques for managing risk

How will I benefit?With this course, you will:

Gain an in-depth understanding of information security and how it applies to your organisation

Learn how to define information assets in a way that’s suitable for your organisation and how to undertake a risk assessment

Gain confidence that certification is within reach and obtain guidance on applying for certification

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified ISO 27001 Implementation Practitioner (CIIP) qualification.

Who should attend?Anyone with responsibility for, or with an interest in, information security, including:

People employed in IT, financial and HR management

Computer auditors IT security officers Information security professionals

CIIP prerequisitesThis course is suitable for non-technical staff and no prior knowledge is required.

This three-day practical ISO 27001 training course is for peoplewho want to understand the component parts of the ISO Standard with a view to setting up an implementation project. You will learn how to define and risk-assess your organisation’s information assets, and prepare for the essential requirements needed to obtain ISO 27001 certification.

“ Solid coverage of the standard, referenced well to the point of applicability and usability.” CIIP Delegate Bluefish Communications

Information SecurityCertified ISO 27001 Implementation Practitioner (CIIP) Fundamentals-level course 7 good reasons to choose 7Safe - see page 5


Accreditations


What will I learn? You will gain a clear understanding of the PCI DSS and how to apply your knowledge when assisting with PCI DSS assessments

You will learn how the Standard developed, its benefits and who it applies to

You will find out about the key requirements of the Standard and how to become compliant


Gain an appreciation of the controls necessary for your organisation to be able to continue dealing with cardholder data

Learn the key principles and requirements of the Standard

Develop an understanding of the route to compliance (self-assessment and audit)

Be in a position to prepare an implementation plan for your organisation, improving your chances of a successful audit

Who should attend?This course is for:

Anybody accepting credit card payments, including:

Merchants

Third-party service providers

Acquirers Anybody processing, storing or transmitting credit card data

Finance, internal audit, IT, sales department staff

PCI DSS prerequisitesThis course is suitable for non-technical staff and no prior knowledge is required.

This one-day awareness training course is for people who want to learn how the Payment Card Industry Data Security Standard (PCI DSS) is implemented. It covers the importance of the Standard to all organisations processing, storing or transmitting credit card information.

Information SecurityPayment Card Industry Data Security Standard (PCI DSS) Implementation Awareness-level course 7 good reasons to choose 7Safe - see page 5



What will I learn? You will learn about the vulnerabilities that arise from insecure coding and the array of hacking techniques that many attackers use to disrupt the way an application’s programming/business logic work

You will find out how to take a ‘defence in depth’ approach and ensure you consider all the security issues that may arise while developing applications

You will gain an understanding of the most important principles in secure coding and apply your new knowledge with examples and exercises in Java


Have access to a purpose-built controlled environment specifically created to demonstrate the main areas of vulnerability and the key mitigation strategies

Get the chance to practise techniques to address common insecure coding practices

Build your skills and confidence in coding secure applications

What qualification will I receive?Upon successful completion of the exam, you will be awarded the Certified Secure Coding for Software Developers (CSCSD) qualification.

Who should attend?This course is for people who want to learn secure coding, including:

Penetration testers Professional software developers

Software architects Software security auditors Security managers

CSCSD prerequisitesA basic understanding of web application coding, preferably in Java.

This two-day course is for people who want to understand the technical controls used to prevent software vulnerabilities. It focuses on common insecure coding practices and examines how these can be addressed to make secure applications.

Software SecurityCertified Secure Coding for Software Developers (CSCSD) Specialist-level course 7 good reasons to choose 7Safe - see page 5


“ The course was excellent and highly relevant to my work as a web developer. A variety of topics were covered and I thought that a good level of time was dedicated to the most prevalent and serious exploits.” CSCSD Delegate Falck Safety Services


What will I learn? You will acquire a thorough and practical knowledge of the very latest computer forensics and security principles, practices, tools and techniques. The key modules covered are: network security and ethical hacking, wireless security, forensic investigations, malware investigations and implementing ISO 27001

You will gain an understanding of the main academic, professional and research concerns of computer security and forensics through a research-led module that will help prepare you for your MSc project/dissertation

How will I benefit?This course will provide you with:

The latest tools, techniques and knowledge in one of the most exciting areas of modern computing

Expert staff with extensive experience in the field of forensics and security

Excellent career prospects in a rapidly expanding industry

What qualification will I receive?The MSc course consists of seven 7Safe training courses (CSTA, CSTP, CWSA, CFIP, CMI, CFIS and CIIP), eight University modules and an MSc project/dissertation. Upon successful completion of the MSc, you will therefore have seven industry-recognised professional certificates as well as the MSc qualification.

Who is this course for?Anyone ambitious to build a career in information security by completing a part-time or full-time post-graduate course. When taking the course as a part-time pathway you should expect to study for a minimum of two to three years, and must be completed within six years.

MSc prerequisitesAfter successfully completing one or more 7Safe courses, the MSC is the most practical and natural progression to further your cyber knowledge and career development.

This programme, delivered in partnership with De Montfort University (DMU), is for people who want to gain a postgraduate-level qualification in information security. This qualification is based on 7Safe’s technical hands-on training courses, combined with academic modules delivered by the University.

MSc in Professional Practice in Digital Forensics and Security

Specialist-level course 7 good reasons to choose 7Safe - see page 5


“ As a self-employed software and system security specialist, I wanted a Master’s program that would allow me to continue my current lifestyle and gain further academic recognition. The 7Safe MSc Training Programme has allowed me to do this. I took just over a year to complete the seven 7Safe courses without any impact on my contracts that ran during this period and the support from 7Safe in creating a programme to allow this was invaluable.” Delegate on De Montfort University MSc Programme


7Safe Services7Safe’s Cyber Security Capabilities

We are at the forefront of providing penetration testing services to clients around the world, offering not only exceptional technical expertise but outstanding client services. These include website, application and infrastructure assessments, hardening UNIX and Windows systems, code reviews, wireless security assessments and social engineering.

Our expert consultants will help you to convert the findings of our technical reports into immediately actionable and positive business impact.

Penetration Testing (Pen Testing)We are passionate about our penetration testing service - providing you with the maximum value by finding security vulnerabilities and working with you to understand the risks posed.

Managed Vulnerability ScanningOur managed vulnerability scanning service provides updates on new vulnerabilities giving you additional peace of mind and reducing activity around your regular penetration test.

Code ReviewsWe have a team of highly-experienced code reviewers who will check your code for flaws, finding and removing common

vulnerabilities that might not be detected through testing alone.

Firewall ReviewsThis detailed analysis and test of your firewall examines vulnerabilities associated with a specific vendor’s solution. Vulnerabilities include susceptibility of the firewall to focused connection, information- driven attacks and exploits, and misconfigurations that allow an attacker to overcome specific firewall protections.

Database AssessmentsDatabase security assessment involves checking various information security controls aimed at protecting databases against compromises of their confidentiality, integrity and availability. We will analyse your database (MS SQL, Oracle, MySQL, etc.) and check its configuration, security features, access rights, system and object privileges and more.

Server Build ReviewsOur server build review will provide you with transparency over the security of your server builds, allowing you maintain compliance with regulatory or internal standards. Very often, such testing is conducted as part of a wider information security assessment which is a strategic piece of work.

Social EngineeringSocial engineering is the process of manipulating or deceiving a person(s) into performing actions or divulging sensitive information. We will check whether your

Technical Security Services

organisation is resistant to a variety of simulated social engineering attacks, conducted though the Internet, over the phone or physically at your premises.

VOIP SecurityVoice over Internet Protocol (VoIP) is a good cost saving option for any organisation, however as with any benefit, comes risk. The risk increases when VoIP is integrated directly into your internal network. Our combined approach of assessing the VoIP network helps to identify and effectively remediate risks.

Wireless AssessmentsRegular security tests of the features of your wireless network, which are an extension to an organisation’s overall network security and part of any infrastructure penetration test or vulnerability testing exercise. We will review your wireless LANs (identification, security and encryption features), and identify any rogue access points.

Mobile Application and Device SecurityWith the increase in mobile devices being used in everyday life as well as in corporate environments, there is a heightened demand for the security of mobile applications. 7Safe delivers comprehensive mobile application security assessments – giving peace of mind to you and your customers by ensuring that your applications are secure.


7Safe’s Cyber Security Capabilities


7Safe Services7Safe’s Digital Investigation Capabilities

At 7Safe, we have been providing digital forensic services since 2002. We pride ourselves in the technical skills of our consultants and their ability to adapt those skills and techniques to suit even the most challenging of technical tasks and investigations.

Whether you are looking to identify ‘lost’ data on an encrypted drive or you are attempting to quickly identify what data was compromised within your network and how it was done, we have the expertise and skills to help you.

We provide you with four main forensic services, all of which will be tailored to suit your specific requirements. We provide :

Digital device investigationsDigital device, network and enterprise analysis and investigation services. This forensic analysis and investigation service can be provided as part of an ongoing investigation (criminal or regulatory) or dispute (civil) or as part of our incident response service (see below).

Cyber incident response (inc incident technical advisory services and malware analysis).Cyber investigations are complex and will include the examination

of data from computers, servers, switches, routers and many other network devices.

Most organisations that we

help with incident response have a well-defined response capability and plans that they enact as soon as they become

DigitalForensics


7Safe’s Digital Investigation Capabilities

aware of a breach. We augment this by providing a quick-reacting, on-site technical expertise to help you when you need to

identify and isolate ‘rogue’ digital code whilst gathering evidence of the ‘cyber event’; all of which is essential to help identify the root

cause and to be able to identify malicious intruders.

Data acquisition and data collectionData acquisition and collection services for multi-nationals, government departments, prosecuting and regulatory bodies in both criminal and civil matters. We have deep experience in collecting volatile and static data from technologies including web, database and email servers, memory, virtual environments and all manner of conventional (and some unconventional) digital devices used by private individuals and businesses.

Evidential reports and Expert witnessAll our work, whatever the size and goal, is performed to the same evidential rigour and standards required by the criminal courts in the UK. We prepare full evidential packages for you and, if required, for disclosure to your Board, Regulators or the Authorities. Some of our work results in a requirement to attend at court to present this expert evidence – all our senior investigators have extensive experience of giving expert evidence at court.

Talk to a 7Safe DigitalForensics Consultant+44(0) 870 600 [email protected]


7Safe Services

We provide advanced technical eDiscovery services to law firms, general counsel and government regulators to help them manage and investigate the large volumes of unstructured data typically found in disputes, litigation and regulatory procedures.

Early Case Assessment We generate early case visibility using our own unique tools and processes to provide you focus and help in the early stages of a case using:

DocReview: DocReview is a quick-to-use, fixed-price, document review service that allows you to start reviewing large volumes of client emails/documents (up to 4GB) within 4 hours

Doc Discovery: Doc Discovery is a simple, accurate and safe email search tool that will help you quickly search all messages and their attachments. Doc Discovery can be downloaded for free from www.docdiscovery.net

Data preparation and processing Our focus always is the price point and speed selection balance. Our Nuix data processing capability runs at industry leading speed, therefore giving you high quality results can be achieved fast and at minimal cost. If time is not an issue,

then we have more cost effective solutions for dispute teams working to tight budgets.

Technology assisted review We configure our workflow processes and algorithms together with you to best suit your matter and achieve the very best outcome using such predictive technologies.

Document Review Platform A secure, fast, enterprise Relativity platform designed to support many hundreds of users.

Audio discovery Our Nexidia audio discovery service can accurately search audio/video data using carefully crafted phonetic search terms. We use proprietary phonetic definition improvement methods to ensure

all dialects and speech examples are correctly identified in the search results. This dramatically increases the speed of the review and much reduces the cost when compared with ‘voice-to-text’ or other audio technologies.

Air-gapped, on-site review solutions When legislative, privacy or security concerns constrain the specific location of data, we deploy solutions to ensure total control over where data is processed and reviewed.

eDiscovery

7Safe’s Document Investigation Capabilities

Talk to a 7Safe DigitalForensics Consultant+44(0) 870 600 [email protected]


We have developed some leading tools and methods to help modern organisations with the Information Governance challenges. In particular those created by their changing environments that are transitioning from an ‘analogue IT’ to a fully digital way of working.

Identifying data at riskModern digital environments generate, analyse and share more data than ever before. We can help you identify and isolate regulated or commercially sensitive data that has inadvertently leaked out of the core secure enterprise systems that would normally protect such data from misuse or abuse. For example, this may be personal data of your customers and clients or new product blueprints that your Innovation Lab has created that have been shared on less secure networks.

Structuring unstructured dataPlenty of quantitative as well as empirical data is collected and stored in unstructured formats, making it slow to identify and analyse. Data held within Word tables, or even PDF copies make search and research tasks very laborious and uneconomical. We use methods developed and refined in the eDiscovery world to convert large quantities of unstructured data into formats suitable for storage and use in databases.

Information Governance


www.7safe.com

“ The CSTA course is well laid out and has a very good balance between the theory and practical elements. In addition, the lab and exercises are well set out and reflect a practical network. What I found even more valuable was the additional tips and leads provided by a knowledgeable instructor demonstrated by real life scenarios and examples. All in all, a fantastic experience and by far the best training course I have attended. Highly recommended.” IT Security Analyst

7Safe, Cambridge Technology Centre,

Melbourn, Herts, SG8 6DP United Kingdom

tel: +44(0) 1763 285 285 [email protected]

7safe 2016 cyber development training prospectus

Documents