Training on computer security keeps cyber attackers at bay

Cyber attackers are not slowing down in their efforts to attack so we must redouble our efforts to keep them at bay. To help in this never-ending struggle, the Computer Security Team organizes the following two technical training courses.

Secure e-mail and web browsing

The aim of this entry-level course is to show how to detect and avoid the typical security pitfalls encountered when e-mailing and browsing the web. The focus is on Outlook and Internet Explorer. If you wish to learn which e-mail attachments are OK to open, and to understand how worrying an "expired certificate" warning really is, then this course is for you.

Developing secure software

This half-day course is aimed at software developers, both for web applications and regular software. It introduces the main security principles and discusses security in different phases of the software development cycle. Topics include:
• threat modelling and risk assessment;
• protection, detection, response;
• security through obscurity;
• main security principles (defence-in- depth, least privilege principle etc);
• security in different phases of the software development lifecycle – architecture, design, implementation, testing, deployment, maintenance;
• implementation (coding) – common pitfalls and security bugs, advice on best practice for security development.

There is also a forthcoming course dedicated to Java programming.

These courses, although not hands-on, are interactive and full of real examples. They are available from the CERN Training Catalogue, but you can contact the Computer Security Team ( Computer.Security@cern.ch) for more information.

Let's work together to make the CERN computing environment more secure.

Useful link

CERN Training Catalogue: http://cta.cern.ch/cta2/f?p=110:9