Security Awareness & Training
Providing education to staff is a preventative control to help reduce the likelihood of security issues surfacing within your environment. PrivSec provide general security training to staff, along with specific training to developers around secure coding.
|
Phishing Simulations
We break down the traditional phishing engagement into distinct stages looking at the efficacy of different protections instead of working out simply if a phishing email is clicked on by a user or not. This approach allows you to better understand which parts of the chain need some work rather than simply knowing how many emails were clicked on.
Secure Code Training
PrivSec will come on site with your development team, or host you for the day, and provide you with a day of secure development training. This will cover:
- How to identify security vulnerabilities in a sample web application
- How to use an intercepting proxy
- All of the bug classes highlighted within the OWASP Top 10
NZISM Basics
We have a wide range of experience in All of Government audit processes, and in particular have a deep knowledge of the New Zealand Information Security Manual (NZISM). Our NZISM training covers the following:
- What the NZISM is
- How to read the NZISM
- The C&A process
- Roles & Responsibilities
- The key controls within the NZISM