Cyber Security Training in Curitiba

This instructor-led, live training in Curitiba (online or onsite) is designed for advanced cybersecurity professionals, AI engineers, and IoT developers looking to implement strong security measures and resilience strategies for Edge AI systems.

Upon completing this training, participants will be able to:

• Identify security risks and vulnerabilities associated with Edge AI deployments.
• Apply encryption and authentication techniques to protect data.
• Architect resilient Edge AI systems capable of withstanding cyber threats.
• Deploy AI models securely within edge environments.

This instructor-led, live training in Curitiba (online or onsite) is aimed at intermediate-level cybersecurity professionals and data scientists who wish to utilize LLMs for enhancing cybersecurity measures and threat intelligence.

By the end of this training, participants will be able to:

• Understand the role of LLMs in cybersecurity.
• Implement LLMs for threat detection and analysis.
• Utilize LLMs for security automation and response.
• Integrate LLMs with existing security infrastructure.

This instructor-led, live training in Curitiba (online or onsite) is designed for intermediate to advanced cybersecurity professionals and technical leads who want to learn how to implement AI models to improve security workflows, automate threat detection and response, and conduct predictive analysis.

By the end of this training, participants will be able to:

• Grasp the role of AI in modern cybersecurity.
• Create machine learning models for anomaly and threat detection.
• Apply AI to automate incident response and security operations.
• Assess the ethical and operational implications of using AI in cybersecurity.

This instructor-led, live training in Curitiba (online or onsite) is aimed at intermediate-level analysts who wish to effectively analyze, secure, and protect their organization's data and networks from cyber threats.

By the end of this training, participants will be able to:

• Gain a comprehensive understanding of the current cybersecurity landscape.
• Learn and apply industry-standard cybersecurity frameworks (e.g., NIST, ISO/IEC 27001) and best practices to enhance the security posture of their organization.
• Implement effective network security measures, including configuring firewalls, VPNs, IDS/IPS systems, and applying encryption techniques to protect data at rest and in transit.
• Identify, analyze, and respond to cybersecurity incidents using threat intelligence, SIEM tools, and incident response plans.

This instructor-led, live training in Curitiba (online or onsite) is designed for intermediate-level network administrators who wish to gain the essential skills to manage, administer, monitor, and maintain Fortinet security systems.

By the end of this training, participants will be able to:

• Configure and manage FortiGate firewalls.
• Monitor network traffic and manage incidents with FortiAnalyzer.
• Automate tasks and manage policies through FortiManager.
• Apply preventive maintenance strategies and troubleshoot network issues.

This instructor-led, live training in Curitiba (online or onsite) is aimed at beginner-level network administrators who wish to use FortiGate 1100E to manage and secure their network environments effectively.

By the end of this training, participants will be able to:

• Understand the basic architecture and features of FortiGate 1100E.
• Learn how to deploy FortiGate 1100E in various network environments.
• Gain hands-on experience with basic configuration and management tasks.
• Understand security policies, NAT, and VPNs.
• Learn to monitor and maintain FortiGate 1100E.

This instructor-led, live training in Curitiba (online or onsite) is designed for advanced-level professionals who wish to gain a comprehensive understanding of fraud examination concepts and prepare for the Certified Fraud Examiner (CFE) exam.

Upon completion of this training, participants will be able to:

• Acquire comprehensive knowledge of fraud examination principles and the overall examination process.
• Learn to identify, investigate, and prevent various forms of financial fraud.
• Understand the legal landscape surrounding fraud, including the legal components of fraud, applicable laws, and regulations.
• Develop practical skills for conducting fraud investigations, such as evidence collection, interviewing techniques, and data analysis.
• Learn to design and implement effective fraud prevention and deterrence programs within organizations.
• Gain the confidence and knowledge necessary to successfully pass the Certified Fraud Examiner (CFE) exam.

This instructor-led, live training in Curitiba (online or onsite) is aimed at intermediate-level network administrators who wish to manage and secure their networks using FortiGate firewalls.

By the end of this training, participants will be able to:

• Understand FortiGate features and functionalities, particularly those introduced or enhanced in version 7.4.
• Configure and manage FortiGate devices and implement advanced security features.
• Deploy and manage advanced security measures like IPS, antivirus, web filtering, and threat management.
• Monitor network activities, analyze logs, and generate reports for auditing and compliance.

This instructor-led, live training in Curitiba (online or onsite) is aimed at intermediate-level technical professionals who wish to delve deeper into the technical aspects and functionalities of Fortinet’s product line to effectively recommend, sell, and implement Fortinet security solutions.

By the end of this training, participants will be able to:

• Gain in-depth knowledge of Fortinet’s advanced security solutions and products.
• Understand the technical features, benefits, and deployment scenarios for each core Fortinet product.
• Configure, manage, and troubleshoot Fortinet solutions in diverse environments.
• Apply Fortinet products to address complex security challenges and requirements.

This instructor-led, live training in Curitiba (online or onsite) is aimed at security professionals who wish to learn how to use Cortex XDR in preventing and stopping the occurrence of sophisticated attacks and threats.

By the end of this training, participants will be able to:

• Grasp the architecture and components of Cortex XDR.
• Create and manage profiles for exploit and malware prevention.
• Analyze behavioral threats and monitor response actions.
• Perform basic Cortex app troubleshooting.

This instructor-led, live training in Curitiba (online or onsite) targets beginner-level technical professionals seeking to learn about the Security Fabric concept and its evolution in addressing organizational cybersecurity needs.

By the end of this training, participants will be able to:

• Understand the evolution of cybersecurity and its influence on modern security technologies.
• Utilize Fortinet products to protect against specific cyber threats and attacks.
• Recognize the integration and automation capabilities of Fortinet solutions for coordinated incident response.

This instructor-led live training in Curitiba (online or onsite) is aimed at security professionals who wish to learn how to troubleshoot Palo Alto Networks' next-generation firewalls.

By the end of this training, participants will be able to:

• Understand the architecture of the next-generation firewall.
• Investigate and troubleshoot networking issues using firewall tools.
• Analyze advanced logs to resolve real-life scenarios.

This instructor-led, live training in Curitiba (online or onsite) is aimed at beginner-level network security professionals who wish to learn the concept of cybersecurity and the current global threat landscape.

By the end of this training, participants will be able to:

• Understand the current global threat landscape and identify the main types of cyber adversaries.
• Recognize the primary types of malware and the mechanics of cyber attacks.
• Understand the basics of network security and the importance of a layered security approach.
• Learn about Fortinet's Security Fabric and how it addresses modern cybersecurity challenges.

This instructor-led, live training in Curitiba (online or onsite) is designed for intermediate-level network and security professionals who want to effectively manage and secure networks using Fortigate 600E equipment, with a specific focus on HA configurations to enhance reliability and performance.

Upon completion of this training, participants will be able to:

• Comprehend the features, specifications, and operational principles of the Fortigate 600E firewall.
• Carry out the initial setup of the Fortigate 600E, including fundamental configuration tasks such as interface setup, routing, and establishing initial firewall policies.
• Configure and manage advanced security features like SSL VPN, user authentication, antivirus, IPS, web filtering, and anti-malware capabilities to protect against a wide range of network threats.
• Troubleshoot common issues within HA setups and effectively manage HA environments.

Managing Open Source Software (OSS) involves overseeing the entire lifecycle of open-source components within an organization to ensure their secure, compliant, and efficient utilization.

This instructor-led, live training (available online or onsite) targets intermediate IT professionals seeking to implement best practices for managing open-source software in enterprise and government settings.

Upon completing this training, participants will be capable of:

• Creating effective OSS policies and governance frameworks.
• Leveraging SBOM and SCA tools to identify, track, and manage open-source dependencies.
• Reducing risks related to licensing and security vulnerabilities.
• Accelerating OSS adoption to maximize innovation and cost savings.

Course Format

• Interactive lectures and discussions.
• Case studies and scenario-based exercises.
• Hands-on demonstrations using OSS management tools.

Customization Options

• This course can be customized to align with your organization's specific OSS policies and toolchains. Please contact us to arrange this.

This instructor-led, live training in Curitiba (online or onsite) is designed for security professionals who wish to learn how to manage firewalls at scale.

Upon completion of this training, participants will be able to:

• Design, configure, and manage the Panorama Firewall management server.
• Manage policies through device groups.
• Deploy network configurations across various firewalls.

This instructor-led, live training in Curitiba (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

The EC-Council Certified DevSecOps Engineer (ECDE) is a practical, hands-on program designed to empower professionals with the expertise needed to weave security throughout the entire DevOps lifecycle, ensuring robust security from the initial planning phases through to final deployment.

This live, instructor-led training—available both online and on-site—is tailored for intermediate-level software engineers and DevOps specialists who aim to incorporate security protocols into their CI/CD pipelines, guaranteeing the delivery of secure and compliant code.

Upon completion of this training, participants will be equipped to:

• Comprehend the core principles and practices of DevSecOps.
• Secure all stages of the CI/CD pipeline utilizing automated tools.
• Adopt secure coding standards and perform vulnerability scanning.
• Prepare effectively for the ECDE certification through practical laboratory exercises and review sessions.

Course Format

• Engaging lectures and interactive discussions.
• Practical application of DevSecOps tools within simulated pipelines.
• Guided exercises concentrating on secure development and deployment methodologies.

Customization Options

• For a tailored training experience aligned with your team’s specific workflows or toolchain, please reach out to us to arrange your custom session.

This instructor-led live training in Curitiba (online or onsite) is designed for security professionals eager to learn the fundamentals of managing Palo Alto Networks' next-generation firewalls.

By the end of this training, participants will be able to:

• Configure and manage essential firewall features of Palo Alto Networks.
• Manage security and NAT policies.
• Implement threat prevention strategies.
• Monitor network threats and traffic.

User session recording technology is utilized to capture, monitor, and audit user activity on IT systems, providing critical insights for security, compliance, and forensic investigations.

This instructor-led, live training (available online or onsite) is designed for beginner to intermediate-level IT and security professionals who aim to implement user session recording solutions to enhance monitoring, compliance, and accountability.

Upon completion of this training, participants will be able to:

• Grasp the principles of user session recording.
• Deploy and configure session recording solutions.
• Analyze and audit recorded sessions for compliance.
• Integrate session recording with security monitoring systems.

Format of the Course

• Interactive lecture and discussion.
• Abundant exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

The ISO/IEC 27002 Lead Manager training empowers you with the essential expertise and knowledge to support an organization in implementing and managing Information Security controls as outlined in ISO/IEC 27002.

Upon completing this course, you will be eligible to take the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential. A PECB Lead Manager Certification demonstrates that you have mastered the principles and techniques for implementing and managing Information Security Controls based on ISO/IEC 27002.

Who should attend?

• Managers or consultants aiming to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants looking to master the Information Security Management System implementation process
• Individuals responsible for information security, compliance, risk, and governance within an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs, and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Gain a comprehensive understanding of the concepts, approaches, standards, methods, and techniques required for the effective implementation and management of Information Security controls
• Comprehend the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Understand the importance of information security for the organization’s strategy
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training is based on both theory and practice
• Sessions of lectures illustrated with examples based on real cases
• Practical exercises based on case studies
• Review exercises to assist exam preparation
• Practice test similar to the certification exam

General Information

• Certification fees are included in the exam price
• Training material containing over 500 pages of information and practical examples will be distributed to participants
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to participants
• In case of exam failure, you can retake the exam within 12 months for free

This instructor-led live training in Curitiba (online or onsite) targets system administrators who wish to use 389 Directory Server to configure and manage LDAP-based authentication and authorization.

Upon completing this training, participants will be able to:

• Install and configure 389 Directory Server.
• Grasp the features and architecture of 389 Directory Server.
• Learn to configure the directory server via the web console and CLI.
• Establish and monitor replication to ensure high availability and load balancing.
• Manage LDAP authentication using SSSD for improved performance.
• Integrate 389 Directory Server with Microsoft Active Directory.

Upon completion of this training, participants will be equipped to:

• Articulate the principles of application security and potential vulnerabilities
• Outline ABAP programming best practices, including the proper handling of SY-SUBRC
• Gain a deep understanding of injection vulnerabilities
• Identify and utilize security testing tools
• Explain the functionality of ATC and CVA

Course Format

• Interactive lectures and discussions.
• Extensive exercises and practical practice.
• Hands-on implementation within a live-lab environment.

This instructor-led, live training in Curitiba (online or onsite) is aimed at system administrators who wish to use Microsoft Active Directory to manage and secure data access.

By the end of this training, participants will be able to:

• Set up and configure Active Directory.
• Set up a domain and define access rights of users and devices.
• Manage users and machines through Group Policies.
• Control access to file servers.
• Set up a Certificate Service and manage certificates.
• Implement and manage services such as encryption, certificates, and authentication.

Accountability in Professional Regulatory Boards is an applied course focusing on the legal framework, procedural duties, and TCU jurisprudence that guide oversight and accountability for professional councils in Brazil.

This instructor-led, live training (online or onsite) is aimed at intermediate-level to advanced-level professionals who wish to understand TCU oversight, prevent common irregularities, and strengthen internal controls and responses to audit findings.

By the end of this training, participants will be able to:

• Explain the institutional role of the TCU and the legal nature of professional councils.
• Identify common irregularities found by the TCU and understand relevant jurisprudence.
• Design internal control measures and segregation of duties to mitigate accountability risks.
• Prepare compliant annual accountability submissions (SISTC / e-Contas) and structured responses to TCU determinations.

Format of the Course

• Interactive lecture and legal analysis.
• Case study review and group discussion.
• Practical workshop and simulation exercises.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

Developing a secure networked application can be challenging, even for developers familiar with cryptographic building blocks like encryption and digital signatures. To help participants grasp the role and application of these cryptographic primitives, the course begins by establishing a solid foundation on the core requirements of secure communication—secure acknowledgment, integrity, confidentiality, remote identification, and anonymity. It also addresses common threats that compromise these requirements and presents real-world solutions.

As cryptography is central to network security, the course covers key algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement. Rather than focusing on complex mathematics, these topics are explored from a developer’s perspective, featuring typical use-case examples and practical considerations such as public key infrastructures. The course introduces security protocols used in secure communication, offering an in-depth look at widely adopted protocol families like IPsec and SSL/TLS.

Common cryptographic vulnerabilities are discussed, covering issues related to specific algorithms and protocols such as BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding oracle, Lucky Thirteen, POODLE, and RSA timing attacks. For each problem, the course outlines practical implications and potential consequences without delving into deep mathematical details.

Finally, recognizing the centrality of XML technology in data exchange for networked applications, the course examines the security aspects of XML. This includes the use of XML in web services and SOAP messages, along with protection mechanisms like XML Signature and XML Encryption. It also addresses weaknesses in these protections and XML-specific security issues such as XML injection, XML External Entity (XXE) attacks, XML bombs, and XPath injection.

Participants attending this course will

• Understand fundamental concepts of security, IT security, and secure coding
• Comprehend the requirements of secure communication
• Learn about network attacks and defenses across different OSI layers
• Gain practical knowledge of cryptography
• Understand essential security protocols
• Learn about recent attacks against cryptosystems
• Receive information on recent related vulnerabilities
• Grasp security concepts for web services
• Access resources and further readings on secure coding practices

Audience

Developers, Professionals

Developing secure C and C++ applications demands robust protection against malicious exploitation, memory corruption, and the circumvention of input validation. This program explores common vulnerability patterns such as buffer overflows, use-after-free errors, integer overflows, and type confusion. Participants will learn to apply secure coding standards, utilize static analysis tools, and implement defensive programming practices to eliminate weaknesses, ensure proper input sanitization, and build software that is resilient against cyber threats.

Even seasoned Java developers often struggle to fully master the extensive array of security services provided by Java, while also remaining unaware of the diverse vulnerabilities that can affect web applications built with Java.

In addition to introducing the security components of the Standard Java Edition, this course addresses security concerns within Java Enterprise Edition (JEE) and web services. The discussion begins with the foundational principles of cryptography and secure communication before moving on to specific services. Various exercises focus on declarative and programmatic security techniques in JEE, while covering both transport-layer and end-to-end security for web services. Participants will gain hands-on experience through practical exercises, allowing them to explore the discussed APIs and tools firsthand.

The course also examines and explains the most common and severe programming flaws associated with the Java language and platform, as well as web-related vulnerabilities. Beyond typical errors made by Java programmers, the covered security vulnerabilities include language-specific issues and problems arising from the runtime environment. All vulnerabilities and related attack vectors are demonstrated through clear, easy-to-understand exercises, followed by recommended coding guidelines and possible mitigation techniques.

Participants attending this course will

• Grasp the basic concepts of security, IT security, and secure coding
• Learn about web vulnerabilities beyond the OWASP Top Ten and understand how to avoid them
• Comprehend the security concepts underlying web services
• Acquire skills in using various security features of the Java development environment
• Gain a practical understanding of cryptography
• Understand the security solutions provided by Java EE
• Learn about typical coding mistakes and strategies to prevent them
• Receive information regarding recent vulnerabilities in the Java framework
• Obtain practical knowledge in using security testing tools
• Access sources and further reading materials on secure coding practices

Audience

Developers

Today, numerous programming languages can compile code for the .NET and ASP.NET frameworks. While this environment offers robust security development capabilities, developers must understand how to apply architecture-level and coding-level techniques to implement desired security features, prevent vulnerabilities, and mitigate their exploitation.

This course aims to equip developers with the skills to prevent untrusted code from executing privileged actions, safeguard resources through strong authentication and authorization, manage remote procedure calls and sessions, and explore various implementation strategies through extensive hands-on exercises.

The course introduces various vulnerabilities by highlighting common programming issues in .NET development. It also examines ASP.NET vulnerabilities, including the impact of different environment settings. Additionally, it covers ASP.NET-specific security challenges, such as ViewState attacks and string termination attacks, alongside broader web application security concerns.

Participants in this course will

• Grasp the fundamental concepts of security, IT security, and secure coding practices
• Identify web vulnerabilities beyond the OWASP Top Ten and learn how to avoid them
• Utilize the various security features available in the .NET development environment
• Acquire practical experience with security testing tools
• Recognize typical coding errors and understand how to prevent them
• Stay informed about recent vulnerabilities in .NET and ASP.NET
• Access resources and further reading materials on secure coding practices

Audience

Developers

This course equips PHP developers with the essential skills needed to build applications that are resilient against modern internet-based threats. We explore web vulnerabilities through PHP examples, extending beyond the OWASP Top Ten to cover a wide range of issues, including various injection attacks, script injections, weaknesses in PHP session handling, insecure direct object references, file upload vulnerabilities, and more. PHP-related vulnerabilities are categorized into standard types such as missing or improper input validation, incorrect error and exception handling, misuse of security features, and time- and state-related issues. For the latter, we examine attacks like open_basedir circumvention, denial-of-service via magic floats, and hash table collision attacks. In every scenario, participants will learn the key techniques and functions required to mitigate these risks.

A special emphasis is placed on client-side security, addressing security concerns related to JavaScript, Ajax, and HTML5. We introduce several PHP extensions for security purposes, such as hash, mcrypt, and OpenSSL for cryptography, as well as Ctype, ext/filter, and HTML Purifier for input validation. Best practices for hardening are provided in the context of PHP configuration (php.ini), Apache, and general server settings. Finally, we provide an overview of various security testing tools and techniques that developers and testers can utilize, including security scanners, penetration testing and exploit packs, sniffers, proxy servers, fuzzing tools, and static source code analyzers.

Both the introduction of vulnerabilities and the configuration practices are supported by hands-on exercises that demonstrate the consequences of successful attacks, show how to apply mitigation techniques, and introduce the use of various extensions and tools.

Participants attending this course will

• Grasp fundamental concepts of security, IT security, and secure coding
• Learn about web vulnerabilities beyond the OWASP Top Ten and understand how to prevent them
• Gain insight into client-side vulnerabilities and secure coding practices
• Develop a practical understanding of cryptography
• Learn to utilize various security features within PHP
• Identify typical coding mistakes and learn how to avoid them
• Stay informed about recent vulnerabilities in the PHP framework
• Acquire practical knowledge in using security testing tools
• Receive sources and further reading on secure coding practices

Audience

Developers

This comprehensive SDL core training offers a deep dive into secure software design, development, and testing methodologies via the Microsoft Secure Development Lifecycle (SDL). It begins with a foundational Level 100 overview of the essential building blocks of SDL, progressing to design techniques aimed at identifying and remedying flaws during the early stages of the development process.

Focusing on the development phase, the course examines common security-related programming bugs in both managed and native code. It presents attack vectors associated with these vulnerabilities alongside corresponding mitigation strategies, all illustrated through hands-on exercises that provide participants with practical, live hacking experience. The training then introduces various security testing methods and demonstrates the effectiveness of different testing tools. Participants gain insight into how these tools operate by applying them to previously discussed vulnerable code through practical exercises.

Participants attending this course will

Grasp fundamental concepts of security, IT security, and secure coding.

Become familiar with the essential steps of the Microsoft Secure Development Lifecycle.

Learn secure design and development practices.

Understand principles of secure implementation.

Comprehend security testing methodology.

• Access resources and further readings on secure coding practices.

Audience

Developers, Managers

This instructor-led, live training in Curitiba (online or onsite) is designed for payment services compliance professionals who wish to create, implement, and enforce a robust compliance program within their organization.

By the end of this training, participants will be able to:

• Understand the rules set forth by government regulators for payment service providers.
• Create the internal policies and procedures needed to satisfy government regulations.
• Implement a compliance program that adheres to relevant laws.
• Ensures that all corporate processes and procedures comply with the compliance program.
• Uphold the business's reputation while protecting it from lawsuits.

Cybersecurity involves applying technologies, controls, and processes to safeguard computer systems, servers, networks, devices, software, and data against malicious cyber attacks.

This instructor-led live training (available online or onsite) is designed for anyone looking to learn how to protect internet-connected systems from various cyber threats.

By the end of this training, participants will be able to:

• Understand the core concept of cybersecurity.
• Learn and comprehend different types of cybersecurity threats.
• Master the processes and best practices for protecting internet-connected systems from cyber attacks.

Course Format

• Interactive lectures and discussions.
• Extensive exercises and practice sessions.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Curitiba (online or onsite) explores various facets of enterprise security, ranging from AI to database protection. The curriculum also covers the latest tools, processes, and mindsets required to effectively defend against attacks.

In this instructor-led live course in Curitiba, participants will learn how to formulate a proper security strategy to tackle DevOps security challenges.

This course offers an expert introduction to the newly enacted Accessibility Law, equipping developers with the practical skills needed to design, develop, and maintain fully accessible applications. Beginning with a contextual discussion on the law's importance and implications, the course quickly transitions to hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

This program offers leaders and managers a comprehensive overview of the key issues and activities related to cybersecurity.

Leaders will gain insights across various topics, building their knowledge and refining their executive decision-making capabilities regarding cyber threats.

By the conclusion of this training, participants will be equipped to:

• Understand privacy concerns on the Internet and social networks
• Recognize what PII is and why it matters
• Learn how to secure online activities
• Maintain the privacy of business users
• Gain knowledge of cyber laws that protect privacy

Course Format

• Interactive lectures and discussions
• Extensive exercises and practice
• Hands-on implementation in a live-lab environment

Course Customization Options

• To request customized training for this course, please contact us to arrange.

This instructor-led, live training in Curitiba (online or onsite) targets system administrators who wish to use FreeIPA to centralize the authentication, authorization, and account information for their organization's users, groups, and machines.

By the end of this training, participants will be able to:

• Install and configure FreeIPA.
• Manage Linux users and clients from a single central location.
• Use FreeIPA's CLI, Web UI, and RPC interface to set up and manage permissions.
• Enable Single Sign-On authentication across all systems, services, and applications.
• Integrate FreeIPA with Windows Active Directory.
• Backup, replicate, and migrate a FreeIPA server.

This instructor-led, live training in Curitiba (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

Information security threats and attacks are constantly evolving and becoming more sophisticated. The most effective defense against these risks is the proper implementation and management of information security controls and best practices. Additionally, robust information security is a key expectation and requirement from customers, regulators, and other stakeholders.

This training course is designed to equip participants with the skills needed to implement an Information Security Management System (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of ISMS best practices and a framework for its ongoing management and improvement.

Upon completing the training course, you can take the associated exam. If you pass successfully, you may apply for the “PECB Certified ISO/IEC 27001 Lead Implementer” credential, demonstrating your ability and practical knowledge to implement an ISMS in accordance with the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in or responsible for the implementation of an ISMS
• Expert advisors seeking to master ISMS implementation
• Individuals responsible for ensuring organizational conformity to information security requirements
• Members of an ISMS implementation team

General Information

• Certification fees are included in the exam price
• Training material, comprising over 450 pages of content and practical examples, will be provided
• A participation certificate awarding 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam free of charge within 12 months

Educational Approach

• This training course includes essay-type exercises, multiple-choice quizzes, examples, and best practices relevant to ISMS implementation.
• Participants are encouraged to communicate and engage in discussions while completing quizzes and exercises.
• The exercises are based on a case study.
• The structure of the quizzes mirrors that of the certification exam.

Learning Objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for implementing and effectively managing an ISMS
• Recognize the relationship between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes as defined by ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 within the specific context of an organization
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

Why should you attend?

The Certified Lead Ethical Hacker training course empowers you to develop the necessary expertise to carry out information system penetration tests by applying recognized principles, procedures, and penetration testing techniques. This allows you to identify potential threats within a computer network. Throughout this training, you will acquire the knowledge and skills required to manage a penetration testing project or team, as well as to plan and execute both internal and external pentests, in compliance with various standards such as the Penetration Testing Execution Standard (PTES) and the Open Source Security Testing Methodology Manual (OSSTMM). Additionally, you will gain a comprehensive understanding of how to draft reports and propose countermeasures. Through practical exercises, you will master penetration testing techniques and acquire the skills needed to manage a pentest team, as well as handle customer communication and conflict resolution.

The Certified Lead Ethical Hacking training course provides a technical perspective on information security through ethical hacking, utilizing common techniques such as information gathering and vulnerability detection, both inside and outside a business network.

The training is also aligned with the NICE (The National Initiative for Cybersecurity Education) Protect and Defend framework.

After mastering the necessary knowledge and skills in ethical hacking, you can take the exam and apply for the "PECB Certified Lead Ethical Hacker" credential. By holding a PECB Lead Ethical Hacker certificate, you will demonstrate that you have acquired the practical skills for performing and managing penetration tests according to best practices.

Who should attend?

• Individuals interested in IT Security, particularly in Ethical Hacking, who wish to learn more about the topic or begin a process of professional reorientation.
• Information security officers and professionals seeking to master ethical hacking and penetration testing techniques.
• Managers or consultants wishing to learn how to control the penetration testing process.
• Auditors wishing to perform and conduct professional penetration tests.
• Persons responsible for maintaining the security of information systems within an organization.
• Technical experts who want to learn how to prepare a pentest.
• Cybersecurity professionals and information security team members.

Audience

This course is designed for all employees seeking a practical grasp of Compliance and effective Risk Management.

Course Format

The training utilizes a blended methodology that incorporates:

• Facilitated discussions
• Slide-based presentations
• Case studies
• Real-world examples

Course Objectives

Upon completion of this course, participants will be able to:

Gain a robust understanding of the core aspects of Compliance, including national and international initiatives aimed at managing related risks.

Articulate how organizations and their teams can establish an effective Compliance Risk Management Framework.

Clarify the responsibilities of the Compliance Officer and the Money Laundering Reporting Officer, and comprehend how these roles are integrated within a business structure.

Identify critical risk areas in Financial Crime, with a specific focus on international operations, offshore centers, and high-net-worth clients.

This instructor-led, live training in Curitiba (online or onsite) is designed for software testers who wish to secure their organization's network using Nmap.

By the end of this training, participants will be able to:

• Set up the necessary testing environment to start using Nmap.
• Scan network systems for security vulnerabilities.
• Discover active and vulnerable hosts.

This instructor-led, live training in Curitiba (available online or onsite) is aimed at system administrators who wish to use Okta for identity and access management.

By the end of this training, participants will be able to:

• Configure, integrate, and manage Okta.
• Integrate Okta into an existing application.
• Implement security with multi-factor authentication.

This instructor-led, live training in Curitiba (online or onsite) is aimed at system administrators who wish to use OpenAM to manage identity and access controls for web applications.

By the end of this training, participants will be able to:

• Set up the necessary server environment to start configuring authentication and access controls using OpenAM.
• Implement single sign-on (SSO), multi-factor authentication (MFA), and user self-service features for web applications.
• Use federation services (OAuth 2.0, OpenID, SAML v2.0, etc.) to extend identity management securely across different systems or applications.
• Access and manage authentication, authorization, and identity services through REST APIs.

OpenVAS is a sophisticated open-source framework comprising various services and tools designed for network vulnerability scanning and management.

In this instructor-led live training, participants will gain practical skills in utilizing OpenVAS for network vulnerability scanning.

Upon completing this training, participants will be capable of:

• Installing and configuring OpenVAS
• Understanding the core features and components of OpenVAS
• Setting up and executing network vulnerability scans using OpenVAS
• Reviewing and interpreting OpenVAS scan outcomes

Target Audience

• Network engineers
• Network administrators

Course Format

• Combination of lectures, discussions, exercises, and extensive hands-on practice

Note

• To request customized training for this course, please contact us to make arrangements.

This instructor-led, live Payment Card Industry Professional training in Curitiba (online or onsite) grants an individual qualification for industry practitioners seeking to demonstrate their professional expertise and understanding of the PCI Data Security Standard (PCI DSS).

Upon completion of this training, participants will be able to:

• Grasp the payment process and the PCI standards designed to safeguard it.
• Comprehend the roles and responsibilities of entities within the payment industry.
• Gain deep insight into and understanding of the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and its application to organizations involved in the transaction process.

This instructor-led live training in Curitiba (online or onsite) is designed for security engineers who wish to use IBM QRadar SIEM to address pressing security use cases.

By the end of this training, participants will be able to:

• Gain visibility into enterprise data across on-premise and cloud environments.
• Automate security intelligence to hunt threats and contain risks.
• Detect, identify, and prioritize threats.

This Course in Curitiba aims to assist with the following:

1. Help Developers master the techniques of writing Secure Code
2. Help Software Testers verify the security of applications before publishing to the production environment
3. Help Software Architects understand the risks surrounding applications
4. Help Team Leaders establish security baselines for developers
5. Help Web Masters configure Servers to avoid misconfigurations

This course delves into secure coding principles and practices for Java, utilizing the testing methodologies of the Open Web Application Security Project (OWASP). The Open Web Application Security Project is an online community that provides freely available articles, methodologies, documentation, tools, and technologies focused on web application security.

This course explores secure coding concepts and principles for ASP.NET, guided by the Open Web Application Security Project (OWASP) testing methodology. OWASP is an online community that develops freely available articles, methodologies, documentation, tools, and technologies focused on web application security.

The course examines the security features of the .NET Framework and demonstrates how to secure web applications.