Back to Top

Managing Security Tests

Managing Security Tests is designed to equip staff who have a responsibility for buying, planning or supporting security tests with the knowledge and understanding necessary to gain the most effective use of security testing. The one day course explains the rationale for security testing, how to identify applicable services and providers from the market place, how to leverage maximum benefit from your investment whilst minimising risks and dealing effectively with the output of security assessments and tests.

Training is delivered by experienced security testing professionals with experience of working in a wide range of commercial and public sector environments. The training is delivered on a scheduled basis in our central London offices and where requested may be delivered on your premises

Audience

Anyone with involvement in the security testing process including:

  • Security Managers
  • Security & Risk Analysts
  • PCI QSA and CESG CLAS consultants
  • Project Managers

Learning Objectives

Following the course attendees will:

  • Understand what penetration and security testing is and the differences between the various flavours of testing including infrastructure testing, application testing, black/white box testing, code reviews etc;
  • Understand the security testing market place including the providers of services and products that can be used to fulfil security tests;
  • Have the knowledge and tools to select vendors and products that best fulfil the organisations security testing requirements;
  • Be able to effectively engage stake-holders in the scoping and pre-planning stages to ensure that all security requirements are appropriately incorporated into the security testing plan;
  • Understand and be able to incorporate specific security testing requirements to the HM Government CESG CHECK scheme, GCSX code of connection and Payment Card Industry (PCI) security testing amongst others;
  • Be able to plan and execute security testing projects effectively and safely; and
  • Have the knowledge and tools to effectively interpret and manage the findings that may arise from security testing and to develop remediation plans that address identified risks in an effective way.

Attendees will take away a number of tools designed to assist in the security testing process including:

  • A guide summarising security testing approaches and methodologies
  • Sample statement of requirements documents
  • Security testing scoping checklists
  • Sample security test plan/terms of reference documents for vendors to complete
  • Sample remediation plans and tracking spread-sheets

For more information on course scheduling and availability please get in contact.