Security School Course Catalog from SearchSecurity.com

Select a course from the options below and get started today!

FEATURED LESSON - DATA PROTECTION SECURITY SCHOOL
		How to build secure applications NEW Secure software development is an across-the-board effort that requires cooperation from your executives, testers, developers and employees. In a new Security School lesson, Diana Kelley reviews important software development processes and how to build security in from the beginning. Kelley also explores the pros and cons of white box and black box testing and how to improve a poorly implemented change management system. Featuring Diana Kelley, partner of SecurityCurve. and guest instructor Ed Moyle, QSA and partner with SecurityCurve

MORE SECURITY SCHOOL LESSONS

		Financial Information Security School In this school, produced in partnership with SearchFinancialSecurity.com, students receive in-depth instruction on topics related to information security at financial services firms. LESSONS: Biometrics: Banking on secure identity management Debunking the myths, integrating with Active Directory, and securing data. Featuring Joel Dubin, CISSP, independent computer security consultant Data leak prevention: Controlling financial services threats Finding leaks, implementing the right tools and controlling insider threats Featuring Pete Lindstrom, senior analyst, Burton Group

		Data Protection Security School In this school, SearchSecurity.com provides information security professionals with the tools and tactics they need to successfully secure data throughout the enterprise -- whether in motion or at rest. LESSONS: How to build secure applications NEW Learn how to build security into the application development lifecycle. Featuring Diana Kelley, partner, SecurityCurve Mitigating Web 2.0 threats How cloud computing and social networking threaten enterprise data integrity. Featuring David Sherry, chief information security officer, Brown University Data loss prevention How to protect intellectual data and implement DLP policies. Featuring Rich Mogull, founder, Securosis LLC E-discovery and security in the enterprise FCRP, ESI and litigation preparation in the context of information security. Featuring Frank Lagorio, JD, principal analyst, Contoural Inc. Database defenses for a new era of threats Defending databases against today's emerging and ever-present threats. Featuring Rich Mogull, founder, Securosis LLC Executing a data governance strategy Implementing a data governance strategy amid disparate corporate data. Featuring Russell L. Jones, partner AERS - Security & Privacy Services, Deloitte & Touche Data encryption demystified What to encrypt, how to encrypt it and other key considerations. Featuring Tom Bowers, managing director, Security Constructs Preventing data leaks Policies and processes to contain threats from within. Featuring Richard Bejtlich, founder, Tao Security Enterprise strategies for protecting data at rest Storage-security synergies and e-discovery tactics. Featuring Perry Carpenter, security practitioner, major telco firm

		Intrusion Defense School Putting the pieces of intrusion defense -- antivirus, antispyware, IDS/IPS, etc. -- in perspective to help you implement an intrusion defense strategy that meets your organization's needs. LESSONS: Getting started with perimeter defense Discover what you may not know about intrusion defense. Security-related enhancements in Windows Server 2008 NEW An inside look at the security features of Windows Server 2008. Featuring Elizabeth Quinlan, consultant, HynesITe Anatomy of an attack Be prepared for crimeware, social engineering and other sophisticated data-mining attacks. Featuring Markus Jakobsson, principal scientist, Palo Alto Research Center The new threat landscape: Defending against next-gen attacks Thwart sophisticated attacks featuring custom rootkits, Trojans and malware. Featuring Lenny Zeltser, SANS instructor, noted author Intrusion defense in the era of Windows Vista Preparing for Vista's unique intrusion defense challenges. Featuring Peter Gregory, author and infosec practitioner Security information management systems How information/event management can improve defense posture. Featuring Tom Bowers, managing director, Security Constructs Web attack prevention and defense Checklists and best practices for Web server hardening, testing and monitoring. Featuring Michael Cobb, managing director, Cobweb Applications Ltd. Network perimeter security Getting started with perimeter-based intrusion defense. Network content security Antivirus and antispyware from architectural and technological perspectives. Defense beyond the network perimeter Defending a perimeterless network. Featured instructor Joel Snyder, senior partner, Opus One Snyder has worked in information security for more than 25 years.

		Identity and Access Management Services, Systems and Technologies Security School Explores critical topics to help establish and maintain an effective enterprise identity and access management plan. LESSONS: The new school of enterprise authentication NEW Exploring technologies that redefine successful enterprise authentication. Featuring Mark Diodati, identity/privacy analyst, Burton Group Future authentication technologies: How to choose the right product Innovative, cost-effective user authentication approaches. Featuring Mark Diodati, identity/privacy analyst, Burton Group Using IAM, password and provisioning management tools for compliance How provisioning and password management tools can save money and ease complexity. Featuring Tom Bowers, managing director, Security Constructs Endpoint security protection: Polices for endpoint control Endpoint defense tactics, policy controls and technology futures. Featuring Ben Rothke, CISSP VPNs and remote access: Secure deployment, setup and strategies Innovations in VPN technology, including IPsec VPN identity and authentication. Featuring Lisa Phifer, vice president, Core Competence Inc. Automated provisioing of hardware and Active Directory Leveraging directory services and policies, and Active Directory automated provisioning. Featuring Laura Hunter, CISSP, MCSE: Security, MCDBA, Microsoft MVP How to build an identity and access management architecture Foundational IAM, from the role of directories to effectively establishing approval workflows. Featuring Richard Mackey, ISACA, CISM, SystemsExperts Secure user authentication: Regulations, implementation and methods Authentication basics and developing an implementation strategy. Featuring Tom Bowers, managing director, Security Constructs Building network security: Evolution and vendor consolidation A look behind the network/security evolution and how to harness it as a strategic trend. Featuring Mike Rothman, president, Security Incite

		Integration of Networking and Security School In this school, SearchSecurity.com and SearchNetworking.com offer you an in-depth look at how security-related and networking-related teams, products and processes are affecting enterprise network security. LESSONS: Back to basics: Endpoint security on a budget NEW Identifying and executing on key elements to secure devices and protect data. Featuring Mike Chapple, IT security professional, University of Notre Dame Getting the most out of your SIM deployment How to get only the most relevant data from your SIM product Featuring Adrian Lane, senior security strategist, Securosis Using NAC to create a strong endpoint security strategy NAC fundamentals and guidelines for implementation and policy management. Featuring Mike Chapple, University of Notre Dame Marrying security and network management SIMs, performance management, anomaly detection and NOC/SOC integration. Featuring Sasan Hamidi, CISO, Interval International Securing the converged infrastructure Staying secure while integrating email, IM, video, VoIP and voice messaging. Featuring John Burke, principal research analyst, Nemertes Research Integrating security and network fabric Discovering how the network infrastructure can meet security needs. Featuring David Piscitello, president, Core Competence Inc. Using the network to secure the application layer Protecting Layer 7 with new and existing network assets. Featuring Michael Cobb, managing director, Cobweb Applications Locking down the endpoint: How network access control (NAC) can boost host security The latest endpoint options for network security. Featuring Joel Snyder, senior partner, Opus One Securing your first remote office: Solutions for less than $10k Securing data and devices beyond corporate headquarters. Featuring David Strom, noted network security expert/writer/speaker Fitting security into your network The convergence of NAC and SSL VPN concepts. Featuring Lisa Phifer, vice president, Core Competence Inc. Mitigating wireless security threats Protecting the over-the-air network. Featuring Lisa Phifer, vice president, Core Competence Inc.

		Messaging Security School In this school, learn strategies and techniques for keeping email, IM and mobile device messaging systems secure. LESSONS: Counterintelligence strategies for a new era of threats NEW Spear phishing, mail-borne Trojans, webmail protection and more. Featuring Sandra Kay Miller, technical editor, Information Security Spam 2.0: New threats and new strategies Mitigation techniques for the new wave of spam-related threats. Featuring Michael Cobb, managing director, Cobweb Applications Essential practices for securing mobile devices Locking down mobile platforms and thwarting emerging threats. Featuring Lisa Phifer, vice president, Core Competence Inc. Secure instant messaging An IM security overview, plus the latest attacks and safe usage tips. Featuring Michael Cobb, managing director, Cobweb Applications Countermeasures for malicious email code Learn how to thwart email malware and future email attacks. Featuring Tom Bowers, managing director, Security Constructs Securing Microsoft Exchange Protect Exchange 2003 from spam, malware and Web-based attacks. Featuring Lee Benjamin, Microsoft MVP, ExchangeGuy Consulting Email security tools, systems and threats A review of email security basics. Featuring Joel Snyder, senior partner, Opus One

		Compliance School A comprehensive look at ongoing information security compliance issues, regulations and practices. LESSONS: Automated compliance in the enterprise NEW Learn how proper organization and automation can help with compliance logging and documentation responsibilities. Featuring Eric Holmquist, president of Holmquist Advisory, and Richard E. Mackey, vice president, SystemExperts How to meet HIPAA compliance requirements Do you have policies in place to pass a HIPAA audit? Featuring Richard E. Mackey, vice president, SystemExperts Building a risk-based compliance program Mitigate risks using standards, frameworks and end-user strategies. Featuring Richard E. Mackey, vice president, SystemExperts PCI DSS compliance: Two years later NEW Breaking down PCI DSS struggles to protect cardholder data. Featuring Diana Kelley, vice president, Burton Group Must-have compliance technologies Emerging and battle-tested technologies that really work. Featuring Trent Henry, senior analyst, Burton Group Ensuring compliance across the extended enterprise SLAs and best practices for partners and providers. Compliance improvement: Get better as you go forward Mixing technology, governance and policy for continuous process improvement. Gauging your SOX progress Understanding the various SOX-related security standards; SOX Scorecard. SOX compliance basics: Taking action SOX goals, COSO and COBIT, audits, provisioning, vulnerability management, and responsibilities. Understanding compliance-related technology SOX product requirements, validity and usage. Featured instructor Richard Mackey, vice president, SystemExperts Mackey, ISACA, CISM, is the former director of collaborative development for The Open Group.

		Wireless Security Lunchtime Learning Develop a thorough understanding of the network security risks posed by Wi-Fi and implement appropriate countermeasures. LESSONS: How to counter wireless threats and vulnerabilities Business risks posed by wireless LANs and best practices for design and deployment. How to build a secure wireless infrastructure Wi-Fi security standards, WPA2 migration and using vLANs. How to implement secure access Wi-Fi access control on a budget; uses for 802.1x. How to use wireless IDS/IPS Introduction to wireless IDS/IPS, choosing sensors and fighting off attacks. About the instructor Featuring Lisa Phifer, vice president, Core Competence Inc. Phifer has worked with network and security management products for more than two decades.

		CISSP Certification Training School Benefit from a series of 10 training lessons that explore the fundamental concepts, technologies and practices of information systems security. Each lesson corresponds to a subject domain in the exam's "Common Body of Knowledge" -- the essential elements each CISSP-certified practitioner must know. DOMAINS: Lesson/Domain 1: Security management practices Security management responsibilities and the core components of security management. Lesson/Domain 2: Access control Identification methods and technologies, biometrics and more. Lesson/Domain 3: Cryptography Cryptographic components and their relationships, and government involvement in cryptography. Lesson/Domain 4: Security models and architecture Outlining how security is to be implemented, and the framework and structure of a security system. Lesson/Domain 5: Telecommunications and networking How networks work, how data is transmitted from one device to another, and how protocols transmit information. Lesson/Domain 6: Applications and system development Different types of software controls and implementations, change-control methods and more. Lesson/Domain 7: Business continuity Critical aspects of availability, including business continuity planning and disaster recovery. Lesson/Domain 8: Law, investigations and ethics Computer crime investigation processes and evidence collection; incident-handling procedures. Lesson/Domain 9: Physical security Administrative, technical and physical controls pertaining to physical security. Lesson/Domain 10: Operations security Administrative and management responsibilities, product evaluation and operational assurance and change-configuration management. About the instructor Featuring Shon Harris, president, Logical Security Harris specializes in security education and training, and has authored two best-selling CISSP training manuals.

BROWSE BY TAG Information Security Jobs and Training,   Information Security Careers, Training and Certifications,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Information Security Jobs and Training Stay or jump ship? How to be happy with your infosec job How to advance in your infosec career in the current economic storm Schneier-Ranum face-off, part 4: Cybersecurity coordinator Entering 2010: The economy and the state of information security Information security book excerpts and reviews RSA security conference 2010: news, interviews and updates Straight from the inbox: Your infosec career questions answered Despite recession, information security certification pay continues to climb Bruce Schneier on outsourcing, awareness training Creating a personal brand in information security

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Cisco Certified Security Professional (CCSP)  (SearchSecurity.com) CSO  (SearchSecurity.com) security clearance  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary