Cybersecurity and trust in the digital realm are currently two of the most important challenges facing governments, businesses and citizens. These aspects are extremely important in a global, interconnected and technology-dependent context such as the present one, and are essential to achieving the necessary trust in daily technology use.
In this context, INCIBE-CERT is working on different actions for the specialized dissemination of technical cybersecurity aspects in order to improve the preparation and knowledge levels of specialized professionals in this field. To this end, a series of specific technical contents have been developed, in brief format, allowing specific information to be assimilated quickly, under the format of webinars.
The contents of these webinars cover some introductory technical aspects for different topics within the field of cybersecurity, and in particular may be of interest mainly to system administrators, network administrators, support or helpdesk technicians, developers, and other IT profiles with basic cybersecurity knowledge and/or who wish to expand their knowledge and specialize in adequately protecting their systems.
They are available with audio in Spanish and with subtitles in both Spanish and English. Each one lasts approximately 40 minutes and some of them have examples and practical exercises.
The 10 specific topics covered in the webinars are the following::
- Wireshark use: this webinar is an introduction to the basic operation and protocol analysis that can be performed with the Wireshark tool, focused on providing basic guidelines to those users who are interested in the tool.
- Strengthening Wi-Fi security: in this webinar we review the various security configurations that can be used in the configuration of an 802.11 wireless network, along with the cybersecurity benefits of each one.
- Secure development: this webinar presents an introduction to secure development, the challenges a developer must take into account in order to make his projects secure throughout the development cycle, as well as the best tools to rely on.
- Phishing introduction and identification: in this webinar we will analyze the different types of phishing used, showing the techniques that make it possible to distinguish between a legitimate website and a phishing attack.
- OWASP-ZAP use: this seminar consists of an introduction to HTTP/HTTPS traffic analysis using the OWASP ZAP tool, with the aim of giving basic guidelines to those users interested in using this tool.
- Apache basic hardening: this webinar seeks to raise awareness about the importance of reviewing default configurations and establishing a minimum exposure and privileges policy in Apache 2, to help administrators and support teams understand the benefits of a minimum basic hardening.
- Public Wi-Fi security: the aim of this course is to describe the concepts related to Wi-Fi security and explain the potential risks a user is exposed to when connecting to public Wi-Fi networks that do not have the required level of protection.
- Linux basic hardening: this webinar is aimed at providing some basic notions of how to securely configure a Linux system, as well as the possible risks that can be generated with certain configurations, taking a specific and widely used version of Ubuntu Server as a reference.
- Snort rules: the aim of this course is to approach Snort IDS and to show how it works based on rules, which can be adapted to our needs in order to detect potentially dangerous behaviors in our network that may affect our company.
- Password management: this webinar reviews the use and general characteristics of different free digital password managers, which are very necessary nowadays due to the increase in the number of accesses we have to manage (work, shops, banks...).