"Amateurs hack systems, professionals hack people." (Bruce Schneier)
To completely understand computer security, it's vital to step outside the fence and to think outside the box. Computer security is not just about firewalls, Intrusion Prevention Systems or antiviruses. It's also about tricking people into doing whatever a hacker wishes, for their benefit. A secure system, network or infrastructure is also about informed people. That's it what about this course is all about. Knowing how easy is for a hacker to make a regular user to do something harmful for himself, even being aware that is making a bit mistake.
This course covers both theoretical and practical aspects and contains hands-on labs.
Disclaimerr: this course is intended for ethical hackers and those who want to protect against this kind of attacks. Those are only theoretical examples in a lab environment. Hacking is illegal without explicit permission!
Senior Information Security Consultant
I work on the Internet security team, focused on ethical hacking - deliberately and purposefully challenging the IT security assumptions, strategies, and methods of protecting vital assets and information by emulating an adversary. I act as an effective participant on a multidisciplinary security project team.
-Scan and exploit for a wide variety of data center infrastructure and application vulnerabilities, following defined rules of engagement and attack scenarios (ethical hacking)
-Make recommendations on security weaknesses and report on activities and findings
- Perform Internet penetration testing (black box / white box testing) and code reviews (manual and automated)
- Use testing tools as NetBIOS scanning, network pinging and testing, packet crafting and analyzing, port scanning for vulnerability assessment
- Perform analysis and testing to verify the strengths and weaknesses of Web Applications and Web Services (SML, SOAP, WSDL, UDDI, etc.)
- Perform analysis and testing to verify the strengths and weaknesses of a variety of operating systems, network devices, web applications, and security architectures
- Assist with the development of remediation services for identified findings - Customize, operate, audit, and maintain security related tools and applications
- Trainer for Web Application Hacking and Network Infrastructure Hacking - Training students for CCNA and CCNA Security Certification - Training NDG Linux Basics - Legal Main Contact - Curriculum Leader
- CREST Registered Penetration Tester (CRT)
- ISO 270001 Lead Auditor
- CEH (Certified Ethical Hacker)
- CCNA and CCNA Security
- CCNP Routing and CCNP Switching
- Advanced Linux&InfoSEC
- VMWare vSphere Install, Configure, Manage
- Microsoft Certified Technology Specialist (MCTS/MCP 70-642): Microsoft Windows Server 2008 Network Infrastructure, etc.