Prérequis
No industrial safety experience required. However, knowledge of industrial systems and some notions of IT, electronics and embedded software are desirable.
- A PC / MAC with Teams installed and unrestricted access to the Internet.
If remote :
- Stable Internet access via Ethernet or Wi-Fi with a decent bandwidth (1.2 Mb/s minimum downstream is recommended).
Public concerné
This course is aimed at people interested in the design aspects of industrial architecture. Electronics enthusiasts and professionals, as well as IT security professionals (developers, architects, integrators, hardware designers, project managers).
Objectif
This training course aims to raise awareness among system and product architects of the cybersecurity concerns, issues, constraints and challenges that can impact their current responsibilities, deliverables and day-to-day work.
Formateur
Expert in web cybersecurity.
Teaching methods
- Projected PowerPoint presentation
- Interactive web platform (Klaxoon)
- Practical scenario of an attack on a vulnerable WEB application
Assessment methods
Assessments at the beginning and end of the course, quizzes, etc.
A training certificate complying with the provisions of Article L.6353-1 paragraph 2 is issued to the trainee.
Registration deadline
5 working days before the course start date (if financed by OPCO).
Programme
INTRODUCTION TO CYBERSECURITY
- Vocabulary and definition
- Understanding the need and its evolution over time
- The notion of “attack surface”
FRAMEWORKS
- OWASP Top 10 Presentation
- CWE Top 25 Presentation
VULNERABILITY ECOSYSTEM
- CVE: Common Vulnerability Enumeration
- CVSS: Common Vulnerability Scoring System
- Find and report a vulnerability
A01:2021-FAULTY ACCESS CONTROL
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
A02:2021-CRYPTOGRAPHIC FAILURE
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
A03:2021-INJECTION
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
A04:221-INSECURE DESIGN
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
A05:2021-SECURITY MISCONFIGURATION
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
A06:2021-VULNERABLE AND OBSOLETE COMPONENTS
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
A07:2021-FAILED IDENTIFICATION AND AUTHENTICATION
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
A08:2021-DATA AND SOFTWARE INTEGRITY DEFICIENCY
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
A09:2021-INSUFFICIENT MONITORING AND LOGGING
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
A10:2021-SERVER-SIDE REQUEST FORGERY
- Presentation of the vulnerability category
- Exercise/Demo
- Remediation/Tools
Sessions
- Date sur demande, toute l'année (Remote learning)
Tarif
- Price intra-company : On request
- Price Online : On request
REGISTRATIONS and INFORMATIONS :
- Email : formation@serma.com
- Tel. : +33 (0)5 57 26 29 92
- Fax : +33 (0)5 57 26 08 98
- Via the Contact form