Cyber Security Training in Qatar

This instructor-led, live training in Qatar (online or onsite) is aimed at advanced-level cybersecurity professionals, AI engineers, and IoT developers who wish to implement robust security measures and resilience strategies for Edge AI systems.

By the end of this training, participants will be able to:

• Understand security risks and vulnerabilities in Edge AI deployments.
• Implement encryption and authentication techniques for data protection.
• Design resilient Edge AI architectures that can withstand cyber threats.
• Apply secure AI model deployment strategies in edge environments.

This instructor-led, live training in Qatar (online or onsite) is aimed at intermediate-level cybersecurity professionals and data scientists who wish to utilize LLMs for enhancing cybersecurity measures and threat intelligence.

By the end of this training, participants will be able to:

• Understand the role of LLMs in cybersecurity.
• Implement LLMs for threat detection and analysis.
• Utilize LLMs for security automation and response.
• Integrate LLMs with existing security infrastructure.

This instructor-led, live training in Qatar (online or onsite) is aimed at intermediate-level to advanced-level cybersecurity professionals and technical leads who wish to understand how to implement AI models to enhance security processes, automate threat detection and response, and perform predictive analysis.

By the end of this training, participants will be able to:

• Understand the role of AI in modern cyber security.
• Develop machine learning models for anomaly and threat detection.
• Implement AI for automating incident response and security operations.
• Evaluate the ethical and operational considerations of AI in cybersecurity.

This instructor-led, live training in Qatar (online or onsite) is aimed at intermediate-level analysts who wish to effectively analyze, secure, and protect their organization's data and networks from cyber threats.

By the end of this training, participants will be able to:

• Gain a comprehensive understanding of the current cybersecurity landscape.
• Learn and apply industry-standard cybersecurity frameworks (e.g., NIST, ISO/IEC 27001) and best practices to enhance the security posture of their organization.
• Implement effective network security measures, including configuring firewalls, VPNs, IDS/IPS systems, and applying encryption techniques to protect data at rest and in transit.
• Identify, analyze, and respond to cybersecurity incidents using threat intelligence, SIEM tools, and incident response plans.

This instructor-led, live training in Qatar (online or onsite) is aimed at intermediate-level network administrators who wish to gain the essential skills to manage, administer, monitor, and maintain Fortinet security systems.

By the end of this training, participants will be able to:

• Configure and manage FortiGate firewalls.
• Monitor network traffic and manage incidents with FortiAnalyzer.
• Automate tasks and manage policies through FortiManager.
• Apply preventive maintenance strategies and troubleshoot network issues.

This instructor-led, live training in Qatar (online or onsite) is aimed at beginner-level network administrators who wish to use FortiGate 1100E to manage and secure their network environments effectively.

By the end of this training, participants will be able to:

• Understand the basic architecture and features of FortiGate 1100E.
• Learn how to deploy FortiGate 1100E in various network environments.
• Gain hands-on experience with basic configuration and management tasks.
• Understand security policies, NAT, and VPNs.
• Learn to monitor and maintain FortiGate 1100E.

This instructor-led, live training in Qatar (online or onsite) is aimed at intermediate-level network administrators who wish to manage and secure their networks using FortiGate firewalls.

By the end of this training, participants will be able to:

• Understand Fortigate features and functionalities, particularly those introduced or enhanced in version 7.4.
• Configure and manage FortiGate devices and implement advanced security features.
• Deploy and manage advanced security measures like IPS, antivirus, web filtering, and threat management.
• Monitor network activities, analyze logs, and generate reports for auditing and compliance.

This instructor-led, live training in Qatar (online or onsite) is aimed at intermediate-level technical professionals who wish to delve deeper into the technical aspects and functionalities of Fortinet’s product line to effectively recommend, sell, and implement Fortinet security solutions.

By the end of this training, participants will be able to:

• Gain in-depth knowledge of Fortinet’s advanced security solutions and products.
• Understand the technical features, benefits, and deployment scenarios for each core Fortinet product.
• Configure, manage, and troubleshoot Fortinet solutions in diverse environments.
• Apply Fortinet products to address complex security challenges and requirements.

This instructor-led, live training in Qatar (online or onsite) is aimed at security professionals who wish to learn how to use Cortex XDR in preventing and stopping the occurrence of sophisticated attacks and threats.

By the end of this training, participants will be able to:

• Understand the architecture and components of Cortex XDR.
• Create and manage profiles for exploit and malware prevention.
• Analyze behavioral threats and monitor response actions.
• Perform basic Cortex app troubleshooting.

This instructor-led, live training in Qatar (online or onsite) is aimed at beginner-level technical professionals who wish to learn the concept of the Security Fabric and how it evolved to address the cybersecurity needs of organizations.

By the end of this training, participants will be able to:

• Learn the evolution of cybersecurity and how it has shaped current security technologies.
• Use Fortinet products to protect against specific types of cyber threats and attacks.
• Understand the integration and automation capabilities of Fortinet solutions in providing a coordinated response to cyber incidents.

This instructor-led, live training in Qatar (online or onsite) is aimed at security professionals who wish to learn how to troubleshoot Palo Alto Networks' next-generation firewalls.

By the end of this training, participants will be able to:

• Understand the architecture of the next-generation firewall.
• Investigate and troubleshoot networking issues using firewall tools.
• Analyze advanced logs to resolve real-life scenarios.

This instructor-led, live training in Qatar (online or onsite) is aimed at beginner-level network security professionals who wish to learn the concept of cybersecurity and the current global threat landscape.

By the end of this training, participants will be able to:

• Understand the current global threat landscape and identify the main types of cyber adversaries.
• Recognize the primary types of malware and the mechanics of cyber attacks.
• Understand the basics of network security and the importance of a layered security approach.
• Learn about Fortinet's Security Fabric and how it addresses modern cybersecurity challenges.

This instructor-led, live training in Qatar (online or onsite) is aimed at intermediate-level network and security professionals who wish to effectively manage and secure networks using Fortigate 600E equipment, with a specific focus on HA configurations for enhanced reliability and performance.

By the end of this training, participants will be able to:

• Understand the features, specifications, and operating principles of the Fortigate 600E firewall.
• Perform the initial setup of the Fortigate 600E, including basic configuration tasks like setting up interfaces, routing, and initial firewall policies.
• Configure and manage advanced security features such as SSL VPN, user authentication, antivirus, IPS, web filtering, and anti-malware capabilities to protect against a variety of network threats.
• Troubleshoot common issues in HA setups and effectively manage HA environments.

Open Source Software (OSS) Management is the practice of overseeing the lifecycle of open-source components within an organization, ensuring secure, compliant, and efficient use.

This instructor-led, live training (online or onsite) is aimed at intermediate-level IT professionals who wish to implement best practices for managing open-source software in enterprise and government environments.

By the end of this training, participants will be able to:

• Establish effective OSS policies and governance frameworks.
• Use SBOM and SCA tools to identify, track, and manage open-source dependencies.
• Mitigate risks associated with licensing and security vulnerabilities.
• Streamline OSS adoption while maximizing innovation and cost savings.

Format of the Course

• Interactive lecture and discussion.
• Case studies and scenario-based exercises.
• Hands-on demonstrations with OSS management tools.

Course Customization Options

• This course can be tailored to specific organizational OSS policies and toolchains. Please contact us to arrange.

This instructor-led, live training in Qatar (online or onsite) is aimed at security professionals who wish to learn how to manage firewalls at scale.

By the end of this training, participants will be able to:

• Design, configure, and manage the Panorama FireWall management server.
• Manage policies using device groups.
• Roll out network configurations to different firewalls.

This instructor-led, live training in Qatar (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.

By the end of this training, participants will be able to:

• Understand the key components of cybersecurity governance, risk, and compliance.
• Conduct risk assessments and develop risk mitigation strategies.
• Implement compliance measures and manage regulatory requirements.
• Develop and enforce security policies and procedures.

EC-Council Certified DevSecOps Engineer (ECDE) is a hands-on course designed to equip professionals with the skills to embed security across the DevOps lifecycle, enabling secure software development from planning to deployment.

This instructor-led, live training (online or onsite) is aimed at intermediate-level software and DevOps professionals who wish to integrate security practices into CI/CD pipelines, ensuring secure and compliant code delivery.

By the end of this training, participants will be able to:

• Understand the principles and practices of DevSecOps.
• Secure every stage of the CI/CD pipeline using automated tools.
• Implement secure coding practices and vulnerability scanning.
• Prepare for the ECDE certification with practical labs and review.

Format of the Course

• Interactive lecture and discussion.
• Hands-on use of DevSecOps tools in simulated pipelines.
• Guided exercises focused on secure development and deployment.

Course Customization Options

• To request a customized training for this course based on your team’s workflows or toolchain, please contact us to arrange.

This instructor-led, live training in Qatar (online or onsite) is aimed at security professionals who wish to learn the fundamentals of managing Palo Alto Networks' next-generation firewalls.

By the end of this training, participants will be able to:

• Configure and manage Palo Alto Networks' firewall essential features.
• Manage security and NAT policies.
• Manage threat prevention strategies.
• Monitor network threats and traffic.

User session recording technology is used to capture, monitor, and audit user activity on IT systems, providing insights for security, compliance, and forensic investigations.

This instructor-led, live training (online or onsite) is aimed at beginner-level to intermediate-level IT and security professionals who wish to implement user session recording solutions to enhance monitoring, compliance, and accountability.

By the end of this training, participants will be able to:

• Understand the principles of user session recording.
• Deploy and configure session recording solutions.
• Analyze and audit recorded sessions for compliance.
• Integrate session recording with security monitoring systems.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

ISO/IEC 27002 Lead Manager training enables you to develop the necessary expertise and knowledge to support an organization in implementing and managing Information Security controls as specified in ISO/IEC 27002. 

After completing this course, you can sit for the exam and apply for the “PECB Certified ISO/IEC 27002 Lead Manager” credential.  A PECB Lead Manager Certification, proves that you have mastered the principles and techniques for the implementation and management of Information Security Controls based on ISO/IEC 27002.

Who should attend?

• Managers or consultants seeking to implement an Information Security Management System (ISMS) based on ISO/IEC 27001 and ISO/IEC 27002
• Project managers or consultants seeking to master the Information Security Management System implementation process
• Individuals responsible for the information security, compliance, risk, and governance, in an organization
• Members of information security teams
• Expert advisors in information technology
• Information Security officers
• Privacy officers
• IT professionals
• CTOs, CIOs and CISOs

Learning objectives

• Master the implementation of Information Security controls by adhering to the framework and principles of ISO/IEC 27002
• Gain a comprehensive understanding of the concepts, approaches, standards, methods and techniques required for the effective implementation and management of Information Security controls
• Comprehend the relationship between the components of Information Security controls, including responsibility, strategy, acquisition, performance, conformance, and human behavior
• Understand the importance of information security for the strategy of the organization
• Master the implementation of information security management processes
• Master the formulation and implementation of security requirements and objectives

Educational approach

• This training is based on both theory and practice
• Sessions of lectures illustrated with examples based on real cases
• Practical exercises based on case studies
• Review exercises to assist the exam preparation
• Practice test similar to the certification exam

General Information

• Certification fees are included on the exam price
• Training material containing over 500 pages of information and practical examples will be distributed to the participants
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued to the participants
• In case of exam failure, you can retake the exam within 12 months for free

Objectives:

In this course, you will identify many of the common risks involved in using conventional end-user technology, as well as ways to use it safely, to protect yourself from those risks.

You will:

• Identify security compliance measures.
• Address social engineering attempts.
• Secure devices such as desktops, laptops, tablets, smartphones, and more.
• Use the Internet securely.

Target Student

This course is designed for you as a non-technical end user of computers, mobile devices, networks, and the Internet, to enable you to use technology more securely to minimize digital risks.

This course is also designed for you to prepare for the Certified CyberSAFE credential. You can obtain your Certified CyberSAFE certificate by completing the Certified CyberSAFE credential process on the CHOICE platform following the course presentation.

This instructor-led, live training in Qatar (online or onsite) is aimed at sysadmins who wish to use 389 Directory Server to configure and manage LDAP-based authentication and authorization.

By the end of this training, participants will be able to:

• Install and configure 389 Directory Server.
• Understand the features and architecture of 389 Directory Server.
• Learn how to configure the directory server using the web console and CLI.
• Set up and monitor replication for high availability and load balancing.
• Manage LDAP authentication using SSSD for faster performance.
• Integrate 389 Directory Server with Microsoft Active Directory.

By the end of this training, participants will be able to:

• Explain application security and vulnerabilities
• Describe ABAP programming best practices and handling of SY-SUBRC
• Understand injection vulnerabilities
• Describe security testing tools
• Explain ATC and CVA

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

This instructor-led, live training in Qatar (online or onsite) is aimed at system administrators who wish to use Microsoft Active Directory to manage and secure data access.

By the end of this training, participants will be able to:

• Set up and configure Active Directory.
• Set up a domain and define access rights of users and devices.
• Manage users and machines through Group Policies.
• Control access to file servers.
• Set up a Certificate Service and manage certificates.
• Implement and manage services such as encryption, certificates, and authentication.

This course covers the secure coding essential topics that are relevant to a large number of web application developers. It will teach students concepts of secure programming and involves looking at a specific piece of code, identifying a security flaw, and implementing a fix for that flaw.

In this course you will watch demos of real word attacks and how to prevent them, and gain confidence in the journey to improving the security of your applications.

Duration: 3 days
Who Should Attend: Developers looking to extend their knowledge in secure coding.

Upon Completion
• Students will get knowledge in:
• Web Application Security.
• Common Web Application Risks.
• Demo Web Application Penetration
• Data Validation
• Authentication.
• Session Management.
• Secure SDLC.

Implementing a secure networked application can be difficult, even for developers who may have used various cryptographic building blocks (such as encryption and digital signatures) beforehand. In order to make the participants understand the role and usage of these cryptographic primitives, first a solid foundation on the main requirements of secure communication – secure acknowledgement, integrity, confidentiality, remote identification and anonymity – is given, while also presenting the typical problems that may damage these requirements along with real-world solutions.

As a critical aspect of network security is cryptography, the most important cryptographic algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement are also discussed. Instead of presenting an in-depth mathematical background, these elements are discussed from a developer's perspective, showing typical use-case examples and practical considerations related to the use of crypto, such as public key infrastructures. Security protocols in many areas of secure communication are introduced, with an in-depth discussion on the most widely-used protocol families such as IPSEC and SSL/TLS.

Typical crypto vulnerabilities are discussed both related to certain crypto algorithms and cryptographic protocols, such as BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding oracle, Lucky Thirteen, POODLE and similar, as well as the RSA timing attack. In each case, the practical considerations and potential consequences are described for each problem, again, without going into deep mathematical details.

Finally, as XML technology is central for data exchange by networked applications, the security aspects of XML are described. This includes the usage of XML within web services and SOAP messages alongside protection measures such as XML signature and XML encryption – as well as weaknesses in those protection measures and XML-specific security issues such as XML injection, XML external entity (XXE) attacks, XML bombs, and XPath injection.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Understand the requirements of secure communication
• Learn about network attacks and defenses at different OSI layers
• Have a practical understanding of cryptography
• Understand essential security protocols
• Understand some recent attacks against cryptosystems
• Get information about some recent related vulnerabilities
• Understand security concepts of Web services
• Get sources and further readings on secure coding practices

Audience

Developers, Professionals

Writing secure C and C++ code requires rigorous defense against malicious exploitation, memory corruption, and input validation bypasses. This program examines vulnerability patterns including buffer overflows, use-after-free, integer overflows, and type confusion. Participants apply secure coding guidelines, static analysis tools, and defensive programming techniques to eliminate weaknesses, enforce input sanitization, and deliver hardened software resilient against cyberattacks.

Even experienced Java programmers are not mastering by all means the various security services offered by Java, and are likewise not aware of the different vulnerabilities that are relevant for web applications written in Java.

The course – besides introducing security components of Standard Java Edition – deals with security issues of Java Enterprise Edition (JEE) and web services. Discussion of specific services is preceded with the foundations of cryptography and secure communication. Various exercises deal with declarative and programmatic security techniques in JEE, while both transport-layer and end-to-end security of web services is discussed. The use of all components is presented through several practical exercises, where participants can try out the discussed APIs and tools for themselves.

The course also goes through and explains the most frequent and severe programming flaws of the Java language and platform and web-related vulnerabilities. Besides the typical bugs committed by Java programmers, the introduced security vulnerabilities cover both language-specific issues and problems stemming from the runtime environment. All vulnerabilities and the relevant attacks are demonstrated through easy-to-understand exercises, followed by the recommended coding guidelines and the possible mitigation techniques.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Understand security concepts of Web services
• Learn to use various security features of the Java development environment
• Have a practical understanding of cryptography
• Understand security solutions of Java EE
• Learn about typical coding mistakes and how to avoid them
• Get information about some recent vulnerabilities in the Java framework
• Get practical knowledge in using security testing tools
• Get sources and further readings on secure coding practices

Audience

Developers

A number of programming languages are available today to compile code to .NET and ASP.NET frameworks. The environment provides powerful means for security development, but developers should know how to apply the architecture- and coding-level programming techniques in order to implement the desired security functionality and avoid vulnerabilities or limit their exploitation.

The aim of this course is to teach developers through numerous hands-on exercises how to prevent untrusted code from performing privileged actions, protect resources through strong authentication and authorization, provide remote procedure calls, handle sessions, introduce different implementations for certain functionality, and many more.

Introduction of different vulnerabilities starts with presenting some typical programming problems committed when using .NET, while the discussion of vulnerabilities of the ASP.NET also deals with various environment settings and their effects. Finally, the topic of ASP.NET-specific vulnerabilities not only deals with some general web application security challenges, but also with special issues and attack methods like attacking the ViewState, or the string termination attacks.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn to use various security features of the .NET development environment
• Get practical knowledge in using security testing tools
• Learn about typical coding mistakes and how to avoid them
• Get information about some recent vulnerabilities in .NET and ASP.NET
• Get sources and further readings on secure coding practices

Audience

Developers

The course provides essential skills for PHP developers necessary to make their applications resistant to contemporary attacks through the Internet. Web vulnerabilities are discussed through PHP-based examples going beyond the OWASP top ten, tackling various injection attacks, script injections, attacks against session handling of PHP, insecure direct object references, issues with file upload, and many others. PHP-related vulnerabilities are introduced grouped into the standard vulnerability types of missing or improper input validation, incorrect error and exception handling, improper use of security features and time- and state-related problems. For this latter we discuss attacks like the open_basedir circumvention, denial-of-service through magic float or the hash table collision attack. In all cases participants will get familiar with the most important techniques and functions to be used to mitigate the enlisted risks.

A special focus is given to client-side security tackling security issues of JavaScript, Ajax and HTML5. A number of security-related extensions to PHP are introduced like hash, mcrypt and OpenSSL for cryptography, or Ctype, ext/filter and HTML Purifier for input validation. The best hardening practices are given in connection with PHP configuration (setting php.ini), Apache and the server in general. Finally, an overview is given to various security testing tools and techniques which developers and testers can use, including security scanners, penetration testing and exploit packs, sniffers, proxy servers, fuzzing tools and static source code analyzers.

Both the introduction of vulnerabilities and the configuration practices are supported by a number of hands-on exercises demonstrating the consequences of successful attacks, showing how to apply mitigation techniques and introducing the use of various extensions and tools.

Participants attending this course will

• Understand basic concepts of security, IT security and secure coding
• Learn Web vulnerabilities beyond OWASP Top Ten and know how to avoid them
• Learn client-side vulnerabilities and secure coding practices
• Have a practical understanding of cryptography
• Learn to use various security features of PHP
• Learn about typical coding mistakes and how to avoid them
• Be informed about recent vulnerabilities of the PHP framework
• Get practical knowledge in using security testing tools
• Get sources and further readings on secure coding practices

Audience

Developers

The Combined SDL core training gives an insight into secure software design, development and testing through Microsoft Secure Development Lifecycle (SDL). It provides a level 100 overview of the fundamental building blocks of SDL, followed by design techniques to apply to detect and fix flaws in early stages of the development process.

Dealing with the development phase, the course gives an overview of the typical security relevant programming bugs of both managed and native code. Attack methods are presented for the discussed vulnerabilities along with the associated mitigation techniques, all explained through a number of hands-on exercises providing live hacking fun for the participants. Introduction of different security testing methods is followed by demonstrating the effectiveness of various testing tools. Participants can understand the operation of these tools through a number of practical exercises by applying the tools to the already discussed vulnerable code.

Participants attending this course will

Understand basic concepts of security, IT security and secure coding

Get known to the essential steps of Microsoft Secure Development Lifecycle

Learn secure design and development practices

Learn about secure implementation principles

Understand security testing methodology

• Get sources and further readings on secure coding practices

Audience

Developers, Managers

This instructor-led, live training in Qatar (online or onsite) is aimed at payment services compliance professionals who wish to create, implement, and enforce a compliance program within an organization.

By the end of this training, participants will be able to:

• Understand the rules set forth by government regulators for payment service providers.
• Create the internal policies and procedures needed to satisfy government regulations.
• Implement a compliance program that adheres to relevant laws.
• Ensures that all corporate processes and procedures comply with the compliance program.
• Uphold the business's reputation while protecting it from lawsuits.

This course caters to individuals such as software developers, testers, and architects involved in creating software using different programming languages and platforms like desktop, web, cloud, and mobile. It aims to enhance their capacity to produce software of superior quality, with a special focus on security and privacy aspects.

Cyber Security is the practice of applying technologies, controls, and processes to protect computer systems, servers, networks, devices, programs, and data from malicious cyber attacks.

This instructor-led, live training (online or onsite) is aimed at anyone who wish to learn how to protect internet-connected systems from different kinds of cyber threats.

By the end of this training, participants will be able to:

• Understand the concept of Cyber Security.
• Learn and understand the different Cyber Security threats.
• Learn processes and best practices to protect internet-connected systems from cyber attacks.

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Qatar (online or onsite) covers the different aspects of enterprise security, from AI to database security. It also includes coverage of the latest tools, processes and mindset needed to protect from attacks. 

In this instructor-led, live course in Qatar, participants will learn how to formulate the proper security strategy to face the DevOps security challenge.

This course provides an expert introduction to the newly enacted Accessibility Law and equips developers with the practical skills to design, develop, and maintain fully accessible applications. Starting with a contextual discussion on the law's importance and implications, the course quickly shifts to hands-on coding practices, tools, and testing techniques to ensure compliance and inclusivity for users with disabilities.

This course provides leaders and managers with an overview of issues and activities associated with cybersecurity.

Leaders will receive information in various topics that will build their knowledge and hone executive decision-making in regard to the cybersecurity threat.    
 

By the end of this training, participants will be able to:

• Understand the Internet, social network Privacy
• Know PII and why it is important
• Know how to secure the Online Activates
• Know how to maintain the Privacy of business users
• Know more of the Cyber laws that protect the Privacy

Format of the Course

• Interactive lecture and discussion.
• Lots of exercises and practice.
• Hands-on implementation in a live-lab environment.

Course Customization Options

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live training in Qatar (online or onsite) is aimed at system administrators who wish to use FreeIPA to centralize the authentication, authorization and account information for their organization's users, groups, and machines.

By the end of this training, participants will be able to:

• Install and configure FreeIPA.
• Manage Linux users and clients from a single central location.
• Use FreeIPA's CLI, Web UI and RPC interface to set up and manage permissions.
• Enable Single Sign On authentication across all systems, services and applications.
• Integrate FreeIPA with Windows Active Directory.
• Backup, replicate and migrate an FreeIPA server.

This instructor-led, live training in Qatar (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

• Understand the key concepts of the HiTrust CSF (Common Security Framework).
• Identify the HITRUST CSF administrative and security control domains.
• Learn about the different types of HiTrust assessments and scoring.
• Understand the certification process and requirements for HiTrust compliance.
• Know the best practices and tips for adopting the HiTrust approach.

Information security threats and attacks increase and improve constantly. The best form of defense against them is the proper implementation and management of information security controls and best practices. Information security is also a key expectation and requirement of customers, legislators, and other interested parties.

This training course is designed to prepare participants in implementing an information security management system (ISMS) based on ISO/IEC 27001. It aims to provide a comprehensive understanding of the best practices of an ISMS and a framework for its continual management and improvement.

After attending the training course, you can take the exam. If you successfully pass it, you can apply for a “PECB Certified ISO/IEC 27001 Lead Implementer” credential, which demonstrates your ability and practical knowledge to implement an ISMS based on the requirements of ISO/IEC 27001.

Who Can Attend?

• Project managers and consultants involved in and concerned with the implementation of an ISMS
• Expert advisors seeking to master the implementation of an ISMS
• Individuals responsible for ensuring conformity to information security requirements within an organization
• Members of an ISMS implementation team

General information

• Certification fees are included in the exam price
• Training material containing over 450 pages of information and practical examples will be distributed
• A participation certificate of 31 CPD (Continuing Professional Development) credits will be issued
• In case of exam failure, you can retake the exam within 12 months free of charge

Educational approach

• This training course contains essay-type exercises, multiple-choice quizzes, examples, and best practices used in the implementation of an ISMS.
• The participants are encouraged to communicate with each other and engage in discussions when completing quizzes and exercises.
• The exercises are based on a case study.
• The structure of the quizzes is similar to that of the certification exam.

Learning objectives

This training course will help you:

• Gain a comprehensive understanding of the concepts, approaches, methods, and techniques used for the implementation and effective management of an ISMS
• Acknowledge the correlation between ISO/IEC 27001, ISO/IEC 27002, and other standards and regulatory frameworks
• Understand the operation of an information security management system and its processes based on ISO/IEC 27001
• Learn how to interpret and implement the requirements of ISO/IEC 27001 in the specific context of an organization
• Acquire the necessary knowledge to support an organization in effectively planning, implementing, managing, monitoring, and maintaining an ISMS

Audience

This course is intended for all employees who require a practical understanding of Compliance and effective Risk Management.

Format of the course

The training is delivered through a blended approach that includes:

• Facilitated discussions
• Slide-based presentations
• Case studies
• Real-world examples

Course Objectives

By the end of the course, participants will be able to:

Develop a solid understanding of the key aspects of Compliance, along with national and international initiatives aimed at managing associated risks.

Explain how organizations and their teams can establish an effective Compliance Risk Management Framework.

Describe the responsibilities of the Compliance Officer and the Money Laundering Reporting Officer, and understand how these roles integrate within a business structure.

Identify critical risk areas in Financial Crime, particularly in the context of international operations, offshore centres, and high-net-worth clients.

This instructor-led, live training in Qatar (online or onsite) is aimed at software testers who wish to protect their organization's network with Nmap.

By the end of this training, participants will be able to:

• Set up the necessary testing environment to start using Nmap.
• Scan network systems for security vulnerabilities.
• Discover active and vulnerable hosts.

This instructor-led, live training in Qatar (online or onsite) is aimed at system administrators who wish to use Okta for identity and access management.

By the end of this training, participants will be able to:

• Configure, integrate, and manage Okta.
• Integrate Okta into an existing application.
• Implement security with multi-factor authentication.

This instructor-led, live training in Qatar (online or onsite) is aimed at system administrators who wish to use OpenAM to manage identity and access controls for web applications.

By the end of this training, participants will be able to:

• Set up the necessary server environment to start configuring authentication and access controls using OpenAM.
• Implement single sign-on (SSO), multi-factor authentication (MFA), and user self-service features for web applications.
• Use federation services (OAuth 2.0, OpenID, SAML v2.0, etc.) to extend identity management securely across different systems or applications.
• Access and manage authentication, authorization, and identity services through REST APIs.

OpenVAS is an advanced open source framework which consists of several services and tools for network vulnerability scanning and management.

In this instructor-led, live training, participants will learn how to use OpenVAS for network vulnerability scanning.

By the end of this training, participants will be able to:

• Install and configure OpenVAS
• Learn the fundamental features and components of OpenVAS
• Configure and implement network vulnerability scans with OpenVAS
• Review and interpret OpenVAS scan results

Audience

• Network engineers
• Network administrators

Format of the course

• Part lecture, part discussion, exercises and heavy hands-on practice

Note

• To request a customized training for this course, please contact us to arrange.

This instructor-led, live Payment Card Industry Professional training in Qatar (online or onsite) provides an individual qualification for industry practitioners who wish to demonstrate their professional expertise and understanding of the PCI Data Security Standard (PCI DSS).

By the end of this training, participants will be able to:

• Understand the payment process and the PCI standards designed to protect it.
• Understand the roles and responsibilities for entities involved in the payment industry.
• Have deep insight into, and understanding of, the 12 PCI DSS requirements.
• Demonstrate knowledge of PCI DSS and how it applies to organizations that are involved in the transaction process.

This Course in Qatar aims to help in the following:

1. Help Developers to master the techniques of writing Secure Code
2. Help Software Testers to test the security of the application before publishing to the production environment
3. Help Software Architects to understand the risks surrounding the applications
4. Help Team Leaders to set the security base lines for the developers
5. Help Web Masters to configure the Servers to avoid miss-configurations

This course covers the secure coding concepts and principals with Java through Open Web Application Security Project (OWASP) methodology of testing. The Open Web Application Security Project is an online community which creates freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.

This course covers the secure coding concepts and principals with ASP.net through the Open Web Application Security Project (OWASP) methodology of testing , OWASP is an online community which creates freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. 

This Course explores the Dot Net Framework Security features and how to secure web applications.   
    
    
    
    
    

CompTIA SecurityX is an expert-level cybersecurity certification for security architects and senior security engineers charged with leading and improving an enterprise’s cybersecurity readiness.