Siber Güvenlik Setleri
Son Güncelleme: 05.02.2019
Toplam 64 Eğitim Seti içerisinde 193 doküman ve 28 sanal makina görüntüsü ile 47 Video Eğitim yer almaktadır.
Avrupa Birliği
ENISA
Avrupa Birliği Ağ ve Bilgi Güvenliği Ajansı
Siber Güvenlik Eğitim Setleri
OpenCourseware
MIT
Massachusetts Institute of Technology
Siber Güvenlik Eğitim Setleri
SGEP
TÜBİTAK BİLGEM
Siber Güvenlik Eğitim Portali
Siber Güvenlik Eğitim Setleri
Diğer
Eğitim Kaynakları
Siber Güvenlik Eğitim Setleri
- Introduction, Threat Models
- Control Hijacking Attacks
- Buffer Overflow Exploits and Defenses
- Privilege Separation
- 6.858 Fall 2014 Lecture 5: Guest lecture by Paul Youn from iSEC Partners
- Capabilities
- Sandboxing Native Code
- Web Security Model
- Securing Web Applications
- Symbolic Execution
- Ur/Web
- Network Security
- Network Protocols
- SSL and HTTPS
- Medical Software
- Side-Channel Attacks
- User Authentication
- Private Browsing
- Anonymous Communication
- Mobile Phone Security
- Data Tracking
- Guest Lecture by MIT IS&T
- Security Economics
- Overview, Interval Scheduling
- Divide & Conquer: Convex Hull, Median Finding
- Divide & Conquer: FFT
- Divide & Conquer: van Emde Boas Trees
- Amortization: Amortized Analysis
- Randomization: Matrix Multiply, Quicksort
- Randomization: Skip Lists
- Randomization: Universal & Perfect Hashing
- Augmentation: Range Trees
- Dynamic Programming: Advanced DP
- Dynamic Programming: All-Pairs Shortest Paths
- Greedy Algorithms: Minimum Spanning Tree
- Incremental Improvement: Max Flow, Min Cut
- Incremental Improvement: Matching
- Linear Programming: LP, reductions, Simplex
- Complexity: P, NP, NP-completeness, Reductions
- Complexity: Approximation Algorithms
- Complexity: Fixed-Parameter Algorithms
- Synchronous Distributed Algorithms: Symmetry-Breaking. Shortest-Paths Spanning Trees
- Asynchronous Distributed Algorithms: Shortest-Paths Spanning Trees
- Cryptography: Hash Functions
- Cryptography: Encryption
- Cache-Oblivious Algorithms: Medians & Matrices
- Cache-Oblivious Algorithms: Searching & Sorting
Building Artefact Handling and Analysis Environment
Purpose:
The main objective is to create safe and useful artifact analysis environment, based on current best practices.
Duration:
- 7 Hours
Downloads:
Processing and Storing Artefacts
Purpose:
Present the trainees various methods of malicious artifacts acquisition with emphasis on artifacts collected through spam e-mails monitoring. Teach how to correctly set up spam collecting environment and simple artifacts repository. Exercise also provides knowledge how to modify and patch created system to better suit lab environment needs.
Duration:
- 5 Hours
Downloads:
Artefact Analysis Fundamentals
Purpose:
Present the trainees malicious artifact analysis fundamentals and various types of analyses. Present how to safely execute suspicious code in the controlled environment along with most important security precautions.
Duration:
- 8 Hours
Downloads:
Advanced Artefact Handling
Purpose:
Teach students how to obtain memory images from different sources and to analyse them. Both Windows and Linux systems will be covered.
Duration:
- 8 Hours
Downloads:
Forensic Analysis: Local Incident Response
Purpose:
This three-day training module will follow the tracks of an incident handler and investigator, teaching best practices and covering both sides of the breach. It is technical in nature and has the aim to provide a guided training for both incident handlers and investigators while providing lifelike conditions. Training material mainly uses open source and free tools.
Duration:
- 3 Days
Downloads:
Forensic Analysis: Network Incident Response
Purpose:
The main goal of this training is to teach trainees network forensic techniques and extend trainees operating system forensic capabilities beyond Microsoft Windows systems to include Linux. Trainees will follow traces in the workstation and discover that analysed network captures together with logs, lead to another machine on the network.
Duration:
- Not Defined
Downloads:
Forensic Analysis: Web Server Analysis
Purpose:
This training requires the students to perform a forensic analysis of three (web) servers, identified during the first two exercises as taking part in a malicious campaign.
Duration:
- Not Defined
Developing Countermeasures
Purpose:
Learn how to leverage information gathered during analysis into actionable signatures. Both network and system oriented signatures will be discussed.
Duration:
- 8 Hours
Downloads:
Common Framework for Artefact Analysis Activities
Purpose:
Learn how to collect, store and correlate different types of information about samples and how to make use of this information with the assumption that having a structured and organised database is a good way to reaching synergy in the area of artifact analysis and incident investigation.
Duration:
- 8 Hours
Downloads:
Introduction to Advanced Artefact Analysis
Processing and Storing Artefacts
Purpose:
Present the trainees various methods of malicious artifacts acquisition with emphasis on artifacts collected through spam e-mails monitoring. Teach how to correctly set up spam collecting environment and simple artifacts repository. Exercise also provides knowledge how to modify and patch created system to better suit lab environment needs.
Duration:
- 5 Hours
Downloads:
Using Indicators to Enhance Defence Capabilities
Purpose:
Learn how to create and deploy indicators of compromise using Collaborative Research into Threats (CRITs) platform. Additionally, demonstrate how to leverage CRITs to visualize relationships among different elements of a campaign, how to extract indicators from incident data, develop mitigation actions, and track those actions.
Duration:
- 7 Hours
Downloads:
Identification and Handling of Electronic Evidence
Purpose:
Present the trainees with the principles of evidence gathering. Establish a common knowledge of the requirements regarding evidence admissibility in a court of law. This task also gives an overview of popular malware characteristics, methods of identification and tools that may be used at the scene.
Duration:
- 4 Hours
Downloads:
Digital Forensics
Purpose:
Present the trainees with the principles of digital forensics and evidence gathering.
Duration:
- 6 Hours
Downloads:
Proactive Incident Detection
Purpose:
Setting up and working with AbuseHelper.
Duration:
- 4 Hours
Downloads:
Mobile Threats Incident Handling
Purpose:
Make the students familiar with special requirements and tools to do incident handling and forensics with mobile/smartphone computing platforms.
Duration:
- 4 Hours
Downloads:
Automation in Incident Handling
Purpose:
The purpose of this task is to develop students’ abilities to create custom scripts and filters dealing with large amounts of data such as IP addresses. After completing the exercise students should be able to extract useful information from bulk data, even in non-standard formats.
Duration:
- 2 Hours
Introduction to Network Forensics
Purpose:
The training materials are based on good practices, and include all needed methodologies, tools and procedures. The training includes the performance indicators and means, supporting those who use it to increase their operational competence. It is made available in a ready-to use version. The training consists of an extensive introduction (sections 1–4) and three exercises (section 5). The updated scenarios also include content that is in line with the current technologies and methodologies.
Duration:
- 24 Hours
Honeypots
Purpose:
Familiarise students with two kinds of honeypots: server-side honeypots and client-side honeypots.
Duration:
- 3 Hours
Downloads:
Vulnerability Handling
Purpose:
To provide a practical overview of the vulnerability handling process and how vulnerabilities reported to a CERT team should be handled. Also, to provide some hands-on experience with difficult situations that may arise through the role of coordinator.
Duration:
- 3 Hours
Presenting, Correlating and Filtering Various Feeds
Purpose:
Technical aspects of using visualisation to present, correlate and filter various feeds. The scenario will also cover the organisational aspects. In this scenario the students will be part of the CERT for a fictitious organisation which is analysing cybercrime activities.
Duration:
- 6 Hours
Downloads:
Incident Handling during an Attack on Critical Information Infrastructure
Purpose:
Make CERT members aware of requirements during incident handling in CII/SCADA environments.
Duration:
- 5 Hours
Downloads:
Advanced Persistent Threat Incident Handling
Purpose:
This task provides students with information about methods commonly used by attackers during the Advanced Persistent Threat (APT) attacks as well as methods of discovering and protecting internal resources against these attacks. Examples used in the exercise are based on real incidents and observations. The objective is also to involve participants in creative approaches to building CERT capability to deal effectively with and resolve the problem of APT attacks within an organisation.
Duration:
- 3 Hours
Social Networks used as an Attack Vector for Targeted Attacks
Purpose:
In this task, participants will investigate the vulnerabilities of social networks, using an Advanced Persistent Threat scenario as a test case to illustrate some examples of social network compromises. They will also examine the capabilities of social networks to respond to these kinds of threats.
Duration:
- 3 Hours
Cost of ICT Incident
Purpose:
Make the CERT team familiar with one solution for estimating the costs of different information security incidents.
Duration:
- 2 Hours
Downloads:
Incident Handling in Live Role Playing
Purpose:
Simulate a real-life incident, involving many parties with conflicts of interests, different mindsets and legal frameworks, etc. With the introduction of such aspects as vulnerability handling, responsible disclosure and company security management, it helps the students to understand why incident handling is, in many cases, a complex task and what kinds of technical and social skills are required for this job.
Duration:
- 3 Hours
Assessing and Testing Communication Channels with CERTs and all their Stakeholders
Purpose:
In this exercise, participants will discuss all fundamental concepts of the communication channels between CERTs and their constituents, other CERTs, law enforcement, management, public relations (PR), legal counsel, and all other stakeholders. Special attention is given to communications while under attack, and to the testing of communication channels as a means of safeguarding and improving them.
Duration:
- 4 Hours
Identifying and Handling Cyber-Crime Traces
Purpose:
This task consists of 3 components: finding relevant information related to cybercrime in social media channels (based on Twitter examples), finding relevant information on IRC channels and analysing legal aspects of Internet monitoring activities related to cybercrime identification. The main objective is to teach trainees how to set up the basic system for continuous monitoring and alerting of various sources of information in terms of effective detection and warning for their constituencies based on the content.
Duration:
- 7 Hours
Downloads:
Incident Handling and Cooperation during Phishing Campaign
Cooperation in the Area of Cybercrime
Purpose:
This task covers three different cybercrime related cases. All of them involve investigatory and legal aspects, but each of them requires participants to analyse them from different perspectives. All cases involve very common incidents for CERTs and organisations that could lead to law enforcement actions and court cases. Cooperation among the various parties involved is therefore essential and is the goal of this exercise – rather than exploring the techniques involved.
Duration:
- 6 Hours
CERT Participation in Incident Handling related to the Article 13a Obligations
Purpose:
Information about rules, procedures and best practice in handling incident related to obligation for internet service providers described in the Article 13a of the European Telecom Package.
Duration:
- 3 Hours
Downloads:
CERT Participation in Incident Handling related to the Article 4 Obligations
Purpose:
Information about rules, procedures and best practices in incident handling related to personal data breaches. It is based on data breach notification requirements for the electronic communication sector introduced by the review of the ePrivacy Directive. The process of notification is parallel to normal incident handling process and it is part of it.
Duration:
- 4 Hours
Incident Handling Management
Purpose:
This exercise provides students with experience of real-life incident reports, their ambiguity and complexity. After completing the exercise, they should understand:
- What to focus on during initial analysis
- How different factors may affect priorities
- How to communicate with media reporters as well as third parties
- What kind of technical tools to use to resolve an incident
Duration:
- 2 Hours
Downloads:
Recruitment of CSIRT Staff
Purpose:
This training sets out to provide an indication of what an organisation might consider during the recruitment of staff for CSIRT teams.
Duration:
- 1 Day
Downloads:
Developing CSIRT Infrastructure
Purpose:
To learn what kind of software and hardware solutions could be used to provide a particular CSIRT service for a constituency.
Duration:
- 3-4 Hours
Downloads:
Çevrimiçi Dersler
Siber Güvenlik Eğitim Portali, Kalkınma Bakanlığı işbirliği ile TÜBİTAK-BİLGEM Siber Güvenlik Enstitüsü tarafından yürütülen Siber Güvenlik Eğitim ve Araştırma Merkezi Projesi - Siber Güvenlik Eğitim Altyapısı iş paketi kapsamında hayata geçirilmiştir.
ÖNEMLİ NOT: Bu içerikten faydalanmak için öncelikle hesap oluşturmak gerekir. Hesap oluşturma işlemi ücretsizdir ancak sadece ".gov.tr tsk.tr .edu.tr .k12.tr .bel.tr kizilay.org.tr vakifbank.com.tr ziraatbank.com.tr halkbank.com.tr" e-posta adreslerinden gelen talepler kabul edilmektedir. Kayıt ekranına erişmek için buraya tıklayınız.
BGY 100 | Bilgi Güvenliği Bilinçlendirme Eğitimi | Giriş Seviyesi | - | Derse git |
BGY 101 | Kullanıcı Güvenliği | Giriş Seviyesi | Sunum (125 sayfa) ve Paketler | Derse git |
BGY 102 | Yöneticilere Odaklı Genel Güvenlik | Giriş Seviyesi | - | Derse git |
BGY 202 | ISO 27001 Bilgi Güvenliği Yönetim Sistemi Uygulama | Standart seviye | Sunum (208 sayfa) | Derse git |
BGY 203 | Yöneticilere Odaklı ISO 27001 Bilgilendirme | Standart seviye | Sunum (54 sayfa) | Derse git |
BGY 204 | Siber Olaylara Müdahale Ekibi | Standart seviye | Sunum (212 sayfa) | Derse git |
BGY 205 | Kritik Altyapıların Korunması | Standart seviye | Video | Derse git |
UYG 302 | MS SQL Server Veritabanı Güvenliği | Gelişmiş seviye | Eğitim Materyalleri (19 Dosya) | Derse git |
UYG 303 | Web Uygulama Güvenliği | Gelişmiş seviye | Sunum (96 Sayfa) | Derse git |
UYG 303 | Uygulamalı Siber Güvenlik Eğitimi | Gelişmiş seviye | - | Derse git |
Diğer Çevrimiçi Kaynaklar
- U.S. Department of Homeland Security: ICS-CERT VLP (Industrial Control Systems Cyber Emergency Response Team Virtual Learning Portal)
- CYBRARY: Open Source LEarning for Cyber Security
- HEIMDAL: Cyber Security for Beginners
- HEIMDAL: Cyber Security for Small Business Owners
- MIT-OpenCourseWare: Network & Computer Security
- Open Security Training
- Khan Academy: Introduction to Cryptography
- Open Learn: Introduction to cyber security: stay safe online
- HEIMDAL: Cyber Security Glossary