Overview
The Information Assurance (STIG) Overview is a comprehensive two-day course that delves into the realm of Information Assurance, empowering you to enhance your cybersecurity skills, understand the essentials of STIGs, and discover cutting-edge web application security practices. This immersive experience is tailored for IT professionals, developers, project teams, technical leads, project managers, testing/QA personnel, and other key stakeholders who seek to expand their knowledge and expertise in the evolving cybersecurity landscape. The course focuses on the intricacies of best practices for design, implementation, and deployment, inspired by the diverse and powerful STIGs, ultimately helping participants become more proficient in application security.
The first half of the course covers the foundations of DISA's Security Technical Implementation Guides (STIGs) and learn the ethical approach to bug hunting, while exploring the language of cybersecurity and dissecting real-life case studies. Our expert instructors will guide you through the importance of respecting privacy, working with bug bounty programs, and avoiding common mistakes in the field.
The next half delves into the core principles of information security and application protection, as you learn how to identify and mitigate authentication failures, SQL injections, and cryptographic vulnerabilities. You’ll gain experience with STIG walkthroughs and discover the crucial steps for securing web applications.
Throughout the course, you'll also explore the fundamentals of application security and development, including checklists, common practices, and secure development lifecycle (SDL) processes. You’ll learn from recent incidents and acquire actionable strategies to strengthen your project teams and IT organizations. You'll also have the opportunity to explore asset analysis and design review methodologies to ensure your organization is prepared to face future cybersecurity challenges.
Note: For a deeper (or next-step) exploration of STIGs and Application Security attendees might consider the five-day course TT8815: Understanding and Verifying ASD STIGs
Learning Objectives
Working in an interactive learning environment, guided by our application security expert, you’ll explore:
Information Assurance Overview (STIG) is an essential course for technical leads, project managers, testing/QA personnel and other stakeholders who need to understand the issues and concepts associated with secure applications. During this one-day dynamic seminar, students learn the best practices for designing , implementing, and deploying secure applications as prescribed in the various STIGS.
Students who attend Information Assurance Overview will leave the course armed with the required skills to understand software vulnerabilities (actual and potential) and defenses for those vulnerabilities. This course quickly introduces students to the various types of threats against their software and provides coverage of many core security-related technologies. The concept and process of Threat Modeling is introduced as a key enabler for implementing effective and appropriate security for software and information assets.
Security experts agree that the least effective approach to security is "penetrate and patch". It is far more effective to "bake" security into an application throughout its lifecycle. After spending significant time trying to defend a poorly designed (from a security perspective) web application, developers are ready to learn how to build secure web applications starting at project inception. The final portion of this course builds on the previously learned mechanics for building defenses by exploring how design and analysis can be used to build stronger applications from the beginning of the software lifecycle.
A key component to our coverage of DISA’s Security Technical Implementation Guides (STIGS), this course is a companion course with several developer-oriented courses and seminars.
Learning Objectives
Working in an interactive learning environment, guided by our application security expert, you’ll explore:
Need different skills or topics? If your team requires different topics or tools, additional skills or custom approach, this course may be further adjusted to accommodate. We offer additional STIG, application security, secure coding, secure software development, hacking, database security, bug hunting and other related topics that may be blended with this course for a track that best suits your needs. Our team will collaborate with you to understand your needs and will target the course to focus on your specific learning objectives and goals.
Audience
The intended audience for this comprehensive course on Information Assurance and STIGs includes professionals with roles such as:
Pre-Requisites
While specific prerequisites may vary depending on the course provider and the targeted audience, a general set of prerequisites for attending a course on Information Assurance and STIGs could include:
Session: STIG Foundation
Lesson: DISA's Security Technical Implementation Guides (STIGs)
Lesson: Why Hunt Bugs?
Lesson: Safe and Appropriate Bug Hunting/Hacking
Session: Foundation for Securing Web Applications
Lesson: Principles of Information Security
Lesson: Identification and Authentication Failures
Lesson: Injection
Session: Moving Forward
Lesson: Applications: What Next?
Lesson: Cryptographic Failures
Session: Moving Forward with Application Security
Lesson: Application Security and Development Checklists
Time Permitting
Session: Secure Development Lifecycle (SDL)
Lesson: SDL Overview
Session: Taking Action Now
Lesson: Asset Analysis
Lesson: Design Review
Setup Made Simple with our robust Learning Experience Platform (LXP)
All course software (limited versions, for course use only), knowledge checks, digital courseware files or course notes, labs / data sets and solutions, live coaching support channels (as applicable) and rich extended learning / post training resources are provided for you in our “easy access / no install required” high-speed Learning Experience Platform (LXP) remote lab and content environment. Our tech team works with every student to ensure everyone is set up with working access and ready to go prior to every course start date, ensuring a smooth delivery and great hands-on experience.
Every-Course Extras = High-Value & Long-Term Learning Support!
All Public Schedule courses include our unique EveryCourse Extras package (Course Recordings, Live Instructor Follow-on Support, Free *Live* Course Refresh Re-Takes, early access to Special Offers, Free Courses & more). Please inquire for details.
Classroom Setup Made Simple: Our dedicated tech team will work with you to ensure your classroom and lab environment is setup, tested and ready to go well in advance of the course delivery date, ensuring a smooth start to class and seamless hands-on experience for your students. We offer several flexible student machine setup options including guided manual set up for simple installation directly on student machines, or cloud based / remote hosted lab solutions where students can log in to a complete separate lab environment minus any installations, or we can supply complete turn-key, pre-loaded equipment to bring ready-to-go student machines to your facility. Please inquire for details, options and pricing.
Live scheduled classes are listed below or browse our full course catalog anytime
Check out custom training solutions planned around your unique needs and skills.
Exclusive materials, ongoing support and a free live course refresh with every class.
Please see the current upcoming available open enrollment course dates posted below. Please feel free to Register Online below, or call 844-475-4559 toll free to connect with our Registrar for assistance. If you need additional date options, please contact us for scheduling.
Course Title | Days | Date | Time | Price | |
---|---|---|---|---|---|
Information Assurance (STIG) Overview (TT8800) | 2 Days | Aug 21 to Aug 22 | 10:00 AM to 06:00 PM EST | $1,995.00 | Enroll |
Learning is Twice as Nice!
Buy One Get One Free!
Enroll by May 31 in any TWO public classes in 2023 for the price of ONE!
Special Offers
Limited Offer for most courses.
SAVE 50%