Siber Güvenlik Eğitimleri

Siber Güvenlik Setleri

Son Güncelleme: 05.02.2019

Toplam 64 Eğitim Seti içerisinde 193 doküman ve 28 sanal makina görüntüsü ile 47 Video Eğitim yer almaktadır.

ENISA European Union Agency for Network and Information Security
Avrupa Birliği

ENISA

Avrupa Birliği Ağ ve Bilgi Güvenliği Ajansı
Siber Güvenlik Eğitim Setleri

MIT-OCW
OpenCourseware

MIT

Massachusetts Institute of Technology
Siber Güvenlik Eğitim Setleri

Temel Kavramlar Sözlüğü
SGEP

TÜBİTAK BİLGEM

Siber Güvenlik Eğitim Portali
Siber Güvenlik Eğitim Setleri

resources-02-02

Diğer
Eğitim Kaynakları

Siber Güvenlik Eğitim Setleri

HAZIRLIK KAYNAKLARI

NATO

Siber Tanımlar

SOPHOS

Cyber Threatsaurus

TÜBİTAK

Temel Kavramlar Sözlüğü

OPEN COURSEWARE EĞİTİMLERİ

CSIRT SİBER GÜVENLİK EĞİTİMLERİ

Technical Training

Building Artefact Handling and Analysis Environment

enisa01

Purpose:

The main objective is to create safe and useful artifact analysis environment, based on current best practices.

Duration:

  • 7 Hours

Processing and Storing Artefacts

enisa02

Purpose:

Present the trainees various methods of malicious artifacts acquisition with emphasis on artifacts collected through spam e-mails monitoring. Teach how to correctly set up spam collecting environment and simple artifacts repository. Exercise also provides knowledge how to modify and patch created system to better suit lab environment needs.

Duration:

  • 5 Hours

Artefact Analysis Fundamentals

enisa03b

Purpose:

Present the trainees malicious artifact analysis fundamentals and various types of analyses. Present how to safely execute suspicious code in the controlled environment along with most important security precautions.

Duration:

  • 8 Hours

Advanced Artefact Handling

enisa04

Purpose:

Teach students how to obtain memory images from different sources and to analyse them. Both Windows and Linux systems will be covered.

Duration:

  • 8 Hours

Forensic Analysis: Local Incident Response

enisa05

Purpose:

This three-day training module will follow the tracks of an incident handler and investigator, teaching best practices and covering both sides of the breach. It is technical in nature and has the aim to provide a guided training for both incident handlers and investigators while providing lifelike conditions. Training material mainly uses open source and free tools.

Duration:

  • 3 Days

Forensic Analysis: Network Incident Response

enisa05

Purpose:

The main goal of this training is to teach trainees network forensic techniques and extend trainees operating system forensic capabilities beyond Microsoft Windows systems to include Linux. Trainees will follow traces in the workstation and discover that analysed network captures together with logs, lead to another machine on the network.

Duration:

  • Not Defined

Forensic Analysis: Web Server Analysis

enisa05

Purpose:

This training requires the students to perform a forensic analysis of three (web) servers, identified during the first two exercises as taking part in a malicious campaign.

Duration:

  • Not Defined

Developing Countermeasures

enisa06

Purpose:

Learn how to leverage information gathered during analysis into actionable signatures. Both network and system oriented signatures will be discussed.

Duration:

  • 8 Hours

Common Framework for Artefact Analysis Activities

enisa07

Purpose:

Learn how to collect, store and correlate different types of information about samples and how to make use of this information with the assumption that having a structured and organised database is a good way to reaching synergy in the area of artifact analysis and incident investigation.

Duration:

  • 8 Hours

Introduction to Advanced Artefact Analysis

enisa08

Purpose:

This training presents the introduction to the advanced artefact analysis. It is the first part of a three-day course introducing assembly language and tools commonly used for the advanced artefact analysis.

Duration:

  • 4 Hours

Downloads:

Dynamic Analysis of Artefacts

enisa09

Purpose:

This training presents methods and techniques of dynamic artefact analysis with the use of OllyDbg debugger package.

Duration:

  • 9 Hours

Downloads:

Static Analysis of Artefacts

enisa10

Purpose:

The goal of this training is to introduce the participants to all aspects of static artefact analysis.

Duration:

  • 10 Hours

Downloads:

Processing and Storing Artefacts

enisa02

Purpose:

Present the trainees various methods of malicious artifacts acquisition with emphasis on artifacts collected through spam e-mails monitoring. Teach how to correctly set up spam collecting environment and simple artifacts repository. Exercise also provides knowledge how to modify and patch created system to better suit lab environment needs.

Duration:

  • 5 Hours

Using Indicators to Enhance Defence Capabilities

enisa11

Purpose:

Learn how to create and deploy indicators of compromise using Collaborative Research into Threats (CRITs) platform. Additionally, demonstrate how to leverage CRITs to visualize relationships among different elements of a campaign, how to extract indicators from incident data, develop mitigation actions, and track those actions.

Duration:

  • 7 Hours

Identification and Handling of Electronic Evidence

enisa03b

Purpose:

Present the trainees with the principles of evidence gathering. Establish a common knowledge of the requirements regarding evidence admissibility in a court of law. This task also gives an overview of popular malware characteristics, methods of identification and tools that may be used at the scene.

Duration:

  • 4 Hours

Digital Forensics

enisa05

Purpose:

Present the trainees with the principles of digital forensics and evidence gathering.

Duration:

  • 6 Hours

Proactive Incident Detection

enisa12

Purpose:

Setting up and working with AbuseHelper.

Duration:

  • 4 Hours

Mobile Threats Incident Handling

enisa13

Purpose:

Make the students familiar with special requirements and tools to do incident handling and forensics with mobile/smartphone computing platforms.

Duration:

  • 4 Hours

Mobile Threats Incident Handling (Part II)

enisa14

Purpose:

The goal of this training is to introduce the threats found in mobile environment, and to familiarise the participants with various tools and techniques used in Mobile Forensics and Incident Handling.

Duration:

  • 24 Hours

Downloads:

Automation in Incident Handling

enisa15

Purpose:

The purpose of this task is to develop students’ abilities to create custom scripts and filters dealing with large amounts of data such as IP addresses. After completing the exercise students should be able to extract useful information from bulk data, even in non-standard formats.

Duration:

  • 2 Hours

Downloads:

Introduction to Network Forensics

enisa05

Purpose:

The training materials are based on good practices, and include all needed methodologies, tools and procedures. The training includes the performance indicators and means, supporting those who use it to increase their operational competence. It is made available in a ready-to use version.  The training consists of an extensive introduction (sections 1–4) and three exercises (section 5). The updated scenarios also include content that is in line with the current technologies and methodologies.

Duration:

  • 24 Hours

Honeypots

enisa16

Purpose:

Familiarise students with two kinds of honeypots: server-side honeypots and client-side honeypots.

Duration:

  • 3 Hours

Vulnerability Handling

enisa17

Purpose:

To provide a practical overview of the vulnerability handling process and how vulnerabilities reported to a CERT team should be handled. Also, to provide some hands-on experience with difficult situations that may arise through the role of coordinator.

Duration:

  • 3 Hours

Downloads:

Presenting, Correlating and Filtering Various Feeds

enisa18

Purpose:

Technical aspects of using visualisation to present, correlate and filter various feeds. The scenario will also cover the organisational aspects. In this scenario the students will be part of the CERT for a fictitious organisation which is analysing cybercrime activities.

Duration:

  • 6 Hours
egitim-operasyonel

Incident Handling during an Attack on Critical Information Infrastructure

enisa19

Purpose:

Make CERT members aware of requirements during incident handling in CII/SCADA environments.

Duration:

  • 5 Hours

Advanced Persistent Threat Incident Handling

enisa02

Purpose:

This task provides students with information about methods commonly used by attackers during the Advanced Persistent Threat (APT) attacks as well as methods of discovering and protecting internal resources against these attacks. Examples used in the exercise are based on real incidents and observations. The objective is also to involve participants in creative approaches to building CERT capability to deal effectively with and resolve the problem of APT attacks within an organisation.

Duration:

  • 3 Hours

Downloads:

Social Networks used as an Attack Vector for Targeted Attacks

enisa20

Purpose:

In this task, participants will investigate the vulnerabilities of social networks, using an Advanced Persistent Threat scenario as a test case to illustrate some examples of social network compromises. They will also examine the capabilities of social networks to respond to these kinds of threats.

Duration:

  • 3 Hours

Downloads:

Writing Security Advisories

enisa21

Purpose:

The objective of the exercise is to provide a practical overview of what constitutes a good and a bad advisory publication for a CERT constituency.

Duration:

  • 4 Hours

Downloads:

Cost of ICT Incident

enisa22

Purpose:

Make the CERT team familiar with one solution for estimating the costs of different information security incidents.

Duration:

  • 2 Hours

Incident Handling in Live Role Playing

enisa23

Purpose:

Simulate a real-life incident, involving many parties with conflicts of interests, different mindsets and legal frameworks, etc. With the introduction of such aspects as vulnerability handling, responsible disclosure and company security management, it helps the students to understand why incident handling is, in many cases, a complex task and what kinds of technical and social skills are required for this job.

Duration:

  • 3 Hours

Downloads:

Incident Handling in the Cloud

enisa24

Purpose:

Investigate methods to address cloud-based security vulnerabilities through a scenario where data is not always fixed to one physical server or location.

Duration:

  • 4 Hours

Downloads:

Large Scale Incident Handling

enisa25

Purpose:

Teach incident handlers the key information and actions required for the successful resolution of large-scale incidents.

Duration:

  • 5 Hours

Downloads:

egitim-mevzuat

Establishing External Contacts

enisa26

Purpose:

To enhance students’ skills in establishing contacts with other CERTs, administrators of ISPs, and other parties responsible for the mitigation of security incidents in their networks around the globe.

Duration:

  • 3 Hours

Downloads:

Cooperation with Law Enforcement Agencies - Advising in Cyber Crime Cases

enisa27

Purpose:

Explain a CERT’s role in advising in a cyber-crime case and the basis for its effective cooperation with an LEA.

Duration:

  • 5 Hours

Downloads:

Assessing and Testing Communication Channels with CERTs and all their Stakeholders

enisa28

Purpose:

In this exercise, participants will discuss all fundamental concepts of the communication channels between CERTs and their constituents, other CERTs, law enforcement, management, public relations (PR), legal counsel, and all other stakeholders. Special attention is given to communications while under attack, and to the testing of communication channels as a means of safeguarding and improving them.

Duration:

  • 4 Hours

Downloads:

Identifying and Handling Cyber-Crime Traces

enisa29

Purpose:

This task consists of 3 components: finding relevant information related to cybercrime in social media channels (based on Twitter examples), finding relevant information on IRC channels and analysing legal aspects of Internet monitoring activities related to cybercrime identification. The main objective is to teach trainees how to set up the basic system for continuous monitoring and alerting of various sources of information in terms of effective detection and warning for their constituencies based on the content.

Duration:

  • 7 Hours

Incident Handling and Cooperation during Phishing Campaign

enisa30

Purpose:

This task treats phishing on three levels: technical, organisational and legal. The purpose is to understand phishing campaigns better and understand how to resolve them in complex international contexts.

Duration:

  • 4 Hours

Downloads:

Cooperation in the Area of Cybercrime

enisa31

Purpose:

This task covers three different cybercrime related cases. All of them involve investigatory and legal aspects, but each of them requires participants to analyse them from different perspectives. All cases involve very common incidents for CERTs and organisations that could lead to law enforcement actions and court cases. Cooperation among the various parties involved is therefore essential and is the goal of this exercise – rather than exploring the techniques involved.

Duration:

  • 6 Hours

Downloads:

CERT Participation in Incident Handling related to the Article 13a Obligations

enisa32

Purpose:

Information about rules, procedures and best practice in handling incident related to obligation for internet service providers described in the Article 13a of the European Telecom Package.

Duration:

  • 3 Hours

CERT Participation in Incident Handling related to the Article 4 Obligations

enisa33

Purpose:

Information about rules, procedures and best practices in incident handling related to personal data breaches. It is based on data breach notification requirements for the electronic communication sector introduced by the review of the ePrivacy Directive. The process of notification is parallel to normal incident handling process and it is part of it.

Duration:

  • 4 Hours

Downloads:

egitim-SOME

Incident Handling Management

enisa18

Purpose:

This exercise provides students with experience of real-life incident reports, their ambiguity and complexity. After completing the exercise, they should understand:

  • What to focus on during initial analysis
  • How different factors may affect priorities
  • How to communicate with media reporters as well as third parties
  • What kind of technical tools to use to resolve an incident

Duration:

  • 2 Hours

Recruitment of CSIRT Staff

enisa34

Purpose:

This training sets out to provide an indication of what an organisation might consider during the recruitment of staff for CSIRT teams.

Duration:

  • 1 Day

Developing CSIRT Infrastructure

enisa35

Purpose:

To learn what kind of software and hardware solutions could be used to provide a particular CSIRT service for a constituency.

Duration:

  • 3-4 Hours

TÜBİTAK SİBER GÜVENLİK EĞİTİM PORTALİ (SGEP)

Çevrimiçi Dersler

TUBITAK-SGEP

Siber Güvenlik Eğitim Portali, Kalkınma Bakanlığı işbirliği ile TÜBİTAK-BİLGEM Siber Güvenlik Enstitüsü tarafından yürütülen Siber Güvenlik Eğitim ve Araştırma Merkezi Projesi - Siber Güvenlik Eğitim Altyapısı iş paketi kapsamında hayata geçirilmiştir.

ÖNEMLİ NOT: Bu içerikten faydalanmak için öncelikle hesap oluşturmak gerekir. Hesap oluşturma işlemi ücretsizdir ancak sadece ".gov.tr tsk.tr .edu.tr .k12.tr .bel.tr kizilay.org.tr vakifbank.com.tr ziraatbank.com.tr halkbank.com.tr" e-posta adreslerinden gelen talepler kabul edilmektedir. Kayıt ekranına erişmek için buraya tıklayınız.

Bilgi Güvenliği Yönetimi Eğitimleri
BGY 100 Bilgi Güvenliği Bilinçlendirme Eğitimi Giriş Seviyesi - Derse git
BGY 101 Kullanıcı Güvenliği Giriş Seviyesi Sunum (125 sayfa) ve Paketler Derse git
BGY 102 Yöneticilere Odaklı Genel Güvenlik Giriş Seviyesi - Derse git
BGY 202 ISO 27001 Bilgi Güvenliği Yönetim Sistemi Uygulama Standart seviye Sunum (208 sayfa) Derse git
BGY 203 Yöneticilere Odaklı ISO 27001 Bilgilendirme Standart seviye Sunum (54 sayfa) Derse git
BGY 204 Siber Olaylara Müdahale Ekibi Standart seviye Sunum (212 sayfa) Derse git
BGY 205 Kritik Altyapıların Korunması Standart seviye Video Derse git
Güvenlik Testleri ve Denetimi Eğitimleri
GTD 201 Bilgi Güvenliğine Giriş Standart Seviye

Eğitim Materyalleri (23 Dosya)

Derse git
GTD 305 Sızma Testi Uzmanlığı Gelişmiş seviye

Eğitim Materyalleri (6 Dosya)

Derse git
Güvenlik Analizi Eğitimleri
GAN 214 Kayıt Yönetimi Standart seviye  Derse git
GAN 402 Ağ Trafik Analizi İleri seviye  Derse git
Sistem ve Ağ Güvenliği Eğitimleri
SAG 206 Windows Güvenliği Standart seviye

Eğitim Materyallier (6 Dosya)

 Derse git
SAG 208 Linux Güvenliği Standart seviye

Sunum (194 sayfa)

 Derse git
SAG 209 TCP/IP Ağ Güvenliği Standart seviye

-

 Derse git
Uygulama Güvenliği Eğitimleri
UYG 302 MS SQL Server Veritabanı Güvenliği Gelişmiş seviye Eğitim Materyalleri (19 Dosya)  Derse git
UYG 303 Web Uygulama Güvenliği Gelişmiş seviye Sunum (96 Sayfa)  Derse git
UYG 303 Uygulamalı Siber Güvenlik Eğitimi Gelişmiş seviye -  Derse git

DİĞER ÜCRETSİZ SİBER GÜVENLİK EĞİTİMLERİ

Diğer Çevrimiçi Kaynaklar

lock-key