Security Awareness

Hackers prey on particular psychological traits in human nature, targeting them as the “weakest link” or entry point in the attack chain. Attackers are devising increasingly sophisticated ways of abusing trusted employees and, in today's turbo-charged world, the quest for connected business efficiency makes end users particularly vulnerable.

Our Security Awareness Training gives organisations the support and additional understanding needed to move beyond compliance and build a truly mature awareness program. Attendees of our security awareness training will be armed with the tools and practical knowledge to understand and identify common security threats. We ensure that employees are empowered to make the right decision when it comes to protecting organisational information and assets.

Topics that may be covered in the training include:

• Phishing email identification and response
• Other common social engineering techniques
• Organisational security policy and procedure
• Malware awareness
• Password security
• Remote access to corporate resources
• Travel security

We also offer the ability to follow up the training session with a social engineering campaign designed to test the effectiveness of the training on your employees. In the case where we have previously conducted a social engineering campaign, your organisation will receive an improvement score and breakdown detailing areas where employees have better responded to threats and other areas where improvement is still required.

Secure Application Development

Web applications are abundant and play a fundamental in today’s business culture, so it’s important that they are built securely from the ground up to protect vital sensitive information.

To help ensure that applications are developed securely, we offer dedicated training sessions with your organisation’s in-house application developers to explain the fundamentals of web and application security. These training sessions are presented in an easy to digest way that demonstrates the seriousness of application security vulnerabilities and the implication of successful exploitation.

For organisations that have a strong grasp of fundamental security concepts, we also offer an advanced training course that will take developers through more specialised security principles.

Throughout the training, attendees will be taught the ‘hacker’ mindset and the BlackBug methodology for identifying application weak points and how to leverage them into a method of unauthorised access. We at BlackBug believe that doing is the best way of learning, so our training is hands-on and all attendees will have the opportunity to perform real attacks live with the instructor, making the training not only effective but also fun and engaging for participants.

Following the live session, all attendees will receive a copy of training reference material to ensure that the skills and techniques taught are retained and developers can keep their security knowledge at the forefront of their mind throughout the software development lifecycle.