Skip to content

Latest commit

 

History

History
executable file
·
883 lines (691 loc) · 37.3 KB

README.adoc

File metadata and controls

executable file
·
883 lines (691 loc) · 37.3 KB

Cybersecurity: defense in modern organizations

GitHub Repo stars GitHub Repo changes

CRC logo
The material presented in our lectures will let you prepare to put the first steps into the Cybersecurity domain from the corporate point of view. You will have a chance to listen, discuss and even take part in a job performed by us daily. If you are interested in Information Security and want to broaden your knowledge in this field, we invite you to meet us.
We hope to see you at our lectures!
— Cybersecurity stream

2024

ℹ️

Are you looking for a 2024 sum-up? It’s in your new space. Click the red button below to check it out!

2023

Number of hours

28 hours

Number of meetings

5 meetings, 5 Saturdays

Form of meeting

on-line / hybrid

Schedule

  • 2023-03-18 09:00-16:00 +0100 (CET)

  • 2023-03-25 09:00-16:00 +0100 (CET)

  • 2023-04-01 09:00-16:00 +0200 (CEST)

  • 2023-04-15 09:00-16:00 +0200 (CEST)

  • 2023-04-22 09:00-16:00 +0200 (CEST)

Topic Trainer

1

Kickoff meeting

2

Cyber awareness

3

Risk Management - Basics

4

Risk Management - Compliance

5

Risk Management - Operational Risk Management

6

Risk Management - Audits

7

Identity and Access Management

8

Password vaults

9

Cryptography - basics

10

Secure Configuration Monitoring

11

Vulnerability Assessment

12

Offensive Cybersecurity - workshop

13

Offensive Cybersecurity - DDOS

14

Defensive Cybersecurity - HTTP traffic analysis

15

Defensive Cybersecurity - SIEM, SOAR, ETL

16

Defensive Cybersecurity - Static malware analysis

  • Mirosław Koczenasz

17

Introduction to Azure Public Cloud

feedback

Here are some opinions from our training participants in CRC'23:

CRC Cybersecurity survey 2023
This was one of the best experiences I’ve had during my time at a university.
— 2023 training participant 1
Overall it was a very interesting course. I am satisfied with it - it taught me more than 2 years of cybersecurity studies :D
— 2023 training participant 2
The course was conducted very high quality compared to other CRC courses. The commitment of the speakers was evident and their interest in the subject made a very positive impression. The course was very interesting and engaging.
— 2023 training participant 3
I am very pleased that I chose this course among many others. The topics as well as the materials presented, are very important in today’s business operations, so I was eager to listen to the lectures presented in the course. It also brought me closer to deciding to start looking for a job in this industry.
— 2023 training participant 4
Very valuable time spent with very friendly and qualified staff from ING Hubs Poland. Nicely organized, the presenter interviewed and interacted with participants on streaming quality and questions on cybersecurity topics. A lot of substantive knowledge and topical anecdotes. As a beginner in the subject, it was a great injection of knowledge and perspective on the topic. I would recommend to others and would gladly attend again and continue to gain knowledge.
— 2023 training participant 5
I am very satisfied with the course. I learned a lot about the operation of cybersecurity teams in companies. The presenters were very friendly and encouraged me to explore the world of Cybersecurity further.
— 2023 training participant 6
The course was a very interesting introduction to the world of Cybersecurity. I recommend it to people who are unsure which way they want to go in the IT world. Having classes taught by experienced industry professionals is a very good idea.
— 2023 training participant 7
Very valuable course, interesting labs, and really a lot of useful knowledge. The biggest plus was that the presenters were practitioners. Course without unnecessary clogging. 100% knowledge and inspiration!
— 2023 training participant 8
The course was very enjoyable. Some Saturdays passed very quickly, and some did not. I really liked the case study idea. All the lecturers were very substantive and explained the issues clearly.
— 2023 training participant 9
The course was conducted very well. A lot of information was presented in the lectures. A big plus is also the materials that will certainly be useful in the future to consolidate information. I am very satisfied with the course, and I hope to join ING Hubs Poland someday.
— 2023 training participant 10
I enjoyed spending time learning new things, especially about audits. I’m surprised you provided us with a schedule specifying the specific time for each class. A big thank you for that, and please continue this course because you did an excellent job. I hope to participate in Vol. 2 of this course in the future :)
— 2023 training participant 11
The course was conducted at a high standard in an interesting way. It guides us through the various levels of CyberSec, as well as gives us the opportunity to acquire new and helpful knowledge, mainly theoretical, which gives us the opportunity to get acquainted with various levels of the industry and helps us decide what is most interesting to us and in what direction we would like to develop. Everyone will find something for themselves, whether a newcomer, unfamiliar with the subject, or even an intermediate who wants to expand their knowledge. I recommend and thank you for the opportunity to participate, it was interesting :)
— 2023 training participant 12
It’s great that ING Hubs give a possibility to broaden their horizons in an eld of Cybersecurity for students without work experience. I am very happy I could participate in this course and see a little bit of every area. I’m looking forward to other courses conducted by your company! :)
— 2023 training participant 13
I think that the course is something completely transformative for me, as somebody coming from more of a software development background because that is what I did as a hobby and part of learning new technologies, mainly web technologies. I was always interested in technologies related to security. I used Kali Linux in the past to do some basic pentesting at home with an old router. And when attending this course, I was able to learn information that made me realize how broad and interesting the field of security is in IT. The professionalism of the presenters and the depth at which the topics were explained, along with very interesting practical elements, made it so that I believe I want to actively use the skills learned here in my career in the future. To sum up, it was a very positive experience.
— 2023 training participant 14
I learned a lot of new things during the course. I am glad I had the opportunity to learn about the world of Cybersecurity. The exercises were conducted in a very accessible form and in an extremely interesting way.
— 2023 training participant 15
I enjoyed the course, I have learned many interesting new things and I am happy that I participated in the course.
— 2023 training participant 16
The course, in a single word, was great. A lot of knowledge was passed on in a very friendly way. I learned a lot of useful things that will definitely help me in my development in the field of Cybersecurity, as well as useful in everyday life.
— 2023 training participant 17
You don’t need to correct anything in this course.
— 2023 training participant 18
The topics covered were discussed at length by people who clearly have a passion for what they do for a living, and I enjoyed the lectures on conducting attacks and red teaming the most.
— 2023 training participant 19
Very cool course. Hopefully, such courses will be held more often.
— 2023 training participant 20
I really enjoyed the course and the whole format. The instructors were very friendly and professional. I learned a lot of new things that I am eager to use in my future engineering thesis on Cybersecurity.
— 2023 training participant 21
My impressions of the course are very positive. I learned a lot of new things, and the wide range of topics allowed me to become familiar with the cybersecurity industry.
— 2023 training participant 22
Do more of that kind of events :)
— 2023 training participant 23
I would not correct anything, the course was great, and you do not have to correct anything. I learned a lot of new and interesting things. I recommend everyone to take such a course.
— 2023 training participant 24
Great experience - thank you so much for the informative and engaging lectures.
— 2023 training participant 25
The whole training came out great. The presenters interestingly passed on knowledge.
— 2023 training participant 26
I don’t have any background in it, but I enjoyed this course a lot. Especially risk management and audit. Case studies and real examples are always the best way to learn for me. Thank you for the course, and good luck to all of you.
— 2023 training participant 27
Thanks to the whole team for a well conducted classes. Everyone has a lot of knowledge; most importantly, they can convey it understandably. Lots of practical examples from real work, not just theory. In addition, a broad view of the whole CyberSec (VA, Risk Management, Blue Team, Red Team) there is something for everyone :)
— 2023 training participant 28
It’s a very cool and valuable course.
— 2023 training participant 29
The course contained a lot of practical and theoretical knowledge provided by practitioners, which allows one to expand knowledge and greater awareness of risks and allows further development! Super course!
— 2023 training participant 30
The course is great. I don’t have any more ideas to improve this course. Very enjoyable training sessions :)
— 2023 training participant 31

2022

Number of hours

24 hours

Number of meetings

4 meetings, 4 Saturdays

Form of meeting

on-line

Schedule

  • 2022-03-19 09:00-16:00 +0100 (CET)

  • 2022-03-26 09:00-16:00 +0100 (CET)

  • 2022-04-02 09:00-16:00 +0200 (CEST)

  • 2022-04-09 09:00-16:00 +0200 (CEST)

Topic Trainer

1

Cyber awareness

2

Risk Management - basics

3

Identity and Access Management

4

Cryptography - basics

5

Secure Configuration Monitoring

6

Password vaults

7

Vulnerability Assessment

8

Cloud Native Security

9

Offensive Cybersecurity

feedback

Here are some opinions from our training participants in CRC'22:

CRC Cybersecurity survey 2022
It was a great adventure, comparing to other CRC course that i participated you definitely exceeded my expectations, I will recommend your course to others, thanks :)
— 2022 training participant 1
I liked the opportunity to hear the opinions of many people working in different areas of cyber security.
— 2022 training participant 2
The course was really well run and interesting. Time went by very quickly and it’s hard to complain about anything.
— 2022 training participant 3
Very cool course! Awesome that you were able to include hands-on activities!
— 2022 training participant 4
Course was really good and valuable from cyber side. It was performed on the high - level quality.
— 2022 training participant 5
A must have for a newbies who want to jump into the cybersecurity.
— 2022 training participant 6
Interesting introduction to the topic of cyber security, required theory presented in an understandable way.
— 2022 training participant 7
Everything was correct in my opinion. It was very professional course and I’m very satisfied.
— 2022 training participant 8
In my opinion, all lectures were very interesting, the presenters were well-prepared. I just think that after each lecture should be more practical exercises or something like homework, to consolidate the knowledge of students.
— 2022 training participant 9
It would be great to make this course longer with more practical exercises. But overall it was really great experience.
— 2022 training participant 10
I used the class to systematize my knowledge and learn about the corporate viewpoint and approach. Considering the limited time frame of the class, the topics covered were reasonably developed. I have a very positive opinion on the whole.
— 2022 training participant 11
I think all the points covered in the course are very important, but I would have added an extra week to the course to cover more points in a practical context.
— 2022 training participant 12
It was fun - the kindness of lecturers is always appreciated :)
— 2022 training participant 13
I really enjoyed it! I found it really interesting to take a deep dive into the cybersecurity field of work and see how it’s done.
— 2022 training participant 14
A very good and valuable course.
— 2022 training participant 15
Maybe more practical lessons - and more lessons in general because the course was very interesting.
— 2022 training participant 16
I think it’s a very much digestible course with many real examples, easy to follow for the IT student.
— 2022 training participant 17
I really enjoyed the practical classes. For that reason, it’s a little bit of a pity that there weren’t enough of them.
— 2022 training participant 18
Revelation. More meetings than 4.
— 2022 training participant 19
The course was conducted by excellent professionals, in a pleasant atmosphere.
— 2022 training participant 20
I learned a lot of new interesting facts and things about cyber security, very interesting and developing course.
— 2022 training participant 21
I learned a lot of cool new information both internally and refreshed the basics, the course was really very enjoyable.
— 2022 training participant 22
Very cool course, nice to listen to people with actual experience in the field.
— 2022 training participant 23
I think it is always a good idea to spend your time on learning something new. So, in general I’m happy that I could take part in this course and (I hope) get a certificate to showcase my knowledge.
— 2022 training participant 24
I would not change anything about this course.
— 2022 training participant 25
A must have for a newbies who want to jump into the cybersecurity.
— 2022 training participant 26
Nice course, opportunity to gain practical knowledge from people working in cyber security.
— 2022 training participant 27
Overall I really enjoyed the course. If possible, even more topics could be covered in the future.
— 2022 training participant 28
Even more practice and maybe more advanced stuff! It’s been great!
— 2022 training participant 29

2021

Number of hours

10 hours

Number of meetings

2 meetings, 2 Saturdays

Form of meeting

on-line

Topic Trainer

1

Defensive Cyber Security

2

Technical State Compliance Monitoring

3

Vulnerability Assessment

4

Cloud Native Security

5

Secure Software Lifecycle

feedback

Here are some opinions from our training participants in CRC'21:

CRC Cybersecurity survey 2021
Great course, thanks!
— 2021 training participant 1
It is a pity that the course only lasted two days. There was no time to bite into the topic :)
— 2021 training participant 2
Even more labs would be welcome ;)
— 2021 training participant 3
In my opinion more practical exercises would be better, also homework tasks would be welcome too.
— 2021 training participant 4

2019

Number of hours

12 hours

Number of meetings

2 meetings, 2 Saturdays

Form of meeting

on-site

Topic Trainer

1

Light Side of Security

2

Brief introduction to CCERT & CTA responsibilities, Vulnerability Alerting Service, Responsible Disclosure Programme

  • Jędrzej Maksym

3

Phishing Employee Programme, Incident Response, Domain Monitoring

  • Jędrzej Maksym

4

Vulnerability Assessment

5

Vulnerability Detection Plugins

6

Technical State Compliance Monitoring

feedback

Here are some opinions from our training participants in CRC'19:

CRC Cybersecurity survey 2019
It was very helpful to understand security principles.
— 2019 training participant 1
I really liked hearing the entire course finished in just two meetings and all the conversations during the breaks, so I think this is definitely what should stay.
— 2019 training participant 2
Such a course should be at the university as a subject throughout the whole semester. Too many interesting things to explain in 16h.
— 2019 training participant 3
I believe that the course should consist of more classes, as a consequence of which each topic would be discussed in more detail, which would translate into its better understanding and consolidation. The course was very interesting and I am glad to be able to take part in it.
— 2019 training participant 4
Two Saturdays is not enough. Ideally, for example, 6 Saturdays.
— 2019 training participant 5

2018

Number of hours

12 hours

Number of meetings

6 meetings

Form of meeting

on-site

Topic Trainer

1

Who attacks the organization and how (OWASP TOP 10, ASVS and protection methods) - part 1

  • Krzysztof Cudak

2

Who attacks the organization and how (OWASP TOP 10, ASVS and protection methods) - part 2

  • Krzysztof Cudak

3

Simulation and detection of APT attack in an organization - part 1

  • Mariusz Derela

  • Michał Terbert

  • Krzysztof Kuźnik [linkedin]

4

Simulation and detection of APT attack in an organization - part 2

  • Mariusz Derela

  • Michał Terbert

  • Krzysztof Kuźnik [linkedin]

5

Vulnerability types, classification and detection

6

Designing tests to verify configuration and detect vulnerabilities

2017

Number of hours

15 hours

Number of meetings

5 meetings

Form of meeting

on-site

Topic Trainer

1

IT Security and Cybercrime - introduction

  • Łukasz Miedziński

2

IT Risk management processes

  • Łukasz Miedziński

3

IT security assurance in the final users environments - as the security ensurence of end-user environments

  • Łukasz Miedziński

4

IT security - networks and applications

  • Łukasz Miedziński

5

Vulnerability Management

  • Łukasz Miedziński

Instruction

⚠️

Start following the instruction below only after receiving the invitation to GitHub organization via e-mail.

  1. Join crcep Organization at GitHub by clicking green button Join @crcep in the invitation message send to your e-mail address given during registration to Corporate Readiness Certificate Educational Program.

ℹ️

Invitation will be send from noreply@github.com e-mail address as shown below.

crcep invitation

  1. Login using your GitHub account if you already heave it or create new GitHub account.

⚠️

If you decide to create new GitHub account you can use any e-mail address, but remember to verify your e-mail address at GitHub.

github new account

  1. Go to github.com/settings/organizations and check if you see crcep organization on the list of organizations at GitHub to which you belong.

ℹ️

crcep member

⚠️

If you don’t see crcep on the list of organizations go back to invitation message mentioned in the first point and click again green button Join @crcep.

You should see prompt to join CRC EP, click green button Join CRC EP as shown below.

crcep join

  1. Check rest of the details in GitHub private repository dedicated for these lectures.

All communication will be send to you via GitHub notifications.
Remember to click as shown below for this repository:

  • 👁 Watch > All activity

  • ⭐️ Star

crcep watch star

  1. Check lectures timetable 🗓.

  2. Check passing criteria ✅.

  3. Say hello 👋 to everyone and introduce yourself.

  4. Feel free to start new discussions. Remember to tag appropriate group to make sure that they will receive notification about your post.

    • @crcep/cybersecurity-trainers-2024

    • @crcep/cybersecurity-class-2024

💡

You can install GitHub app on your smartphone, go to github.com/mobile to have even easier access to all information needed or to take a part in discussions.