Workshop on IT Vulnerability Assessments

The 3-day hands-on workshop is designed to provide knowledge for the whole cycle of IT security assessment – planning and tools, practical testing and evaluating the long-term effects of security assessment in an organisation.

IT security assessments provide valuable insights into the maturity level of IT security management in an organisation. In addition, the assessment gives a general overview of the state of IT governance, management processes and procedures as well as a detailed overview of potential vulnerabilities and input for risk management.

The 1st day of the training will focus on planning vulnerability assessments, testing methodologies and an overview of the tools. The instructors will also explain how to execute the tests, present technical findings and root causes, how use metrics and evaluate the impact of assessment on an organization. The whole testing cycle and different elements will be covered:

  • Information gathering
  • External perimeter testing
  • Network perimeter testing
  • Security evaluation of office network servers and workstations
  • Security testing of remote connections
  • Wireless network testing
  • Physical Security review
  • Disaster recovery plan inspection
  • Phishing campaign
  • Reporting

The last 2 days of the course are dedicated to practical hands-on exercises.