Training is not a commodity – all training centres are not the same. Iverson Associates Sdn Bhd is the most established, the most reputable, and the top professional IT training provider in Malaysia. With a large pool of experienced and certified trainers, state-of-the-art facilities, and well-designed courseware, Iverson offers superior training, a more impactful learning experience and highly effective results.
At Iverson, our focus is on providing high-quality IT training to corporate customers, meeting their learning needs and helping them to achieve their training objectives. Iverson has the flexibility to provide training solutions whether for a single individual or the largest corporation in a well-paced or accelerated training programme.
Our courses continue to evolve along with the fast-changing technological advances. Our instructor-led training services are available on a public and a private (in-company) basis. Some of our courses are also available as online, on demand, and hybrid training.
EC-Council Certified DevSecOps Engineer (E|CDE) is a hands-on, instructor-led comprehensive DevSecOps certification program that helps professionals build the essential skills to design, develop, and maintain secure applications and infrastructure.
• The E|CDE covers both on-premises and cloud-native environments (including AWS Cloud and Microsoft Azure) with 80+ labs from the creators of the world’s number one ethical hacking program, the Certified Ethical Hacker (C|EH).
• Designed and developed by SMEs with contributions by experienced DevSecOps professionals from around the world.
Why E|CDE?
• Adding security to a DevOps skill set enhances career prospects.
• The information provided in the E|CDE course is complemented with labs to help learners hone their practical skills and become industry ready.
• This course teaches students how to use various DevSecOps tools and create secure code throughout the software development life cycle.
• Participants gain familiarity with DevSecOps tools that enable the secure development of software and web applications, both on premises and in the cloud.
• The E|CDE course focuses on application DevSecOps and also provides insights into infrastructure DevSecOps.
• The integration of today’s most popular and important tools is illustrated at each stage of the DevOps life cycle.
• The E|CDE program helps DevSecOps engineers develop and enhance their knowledge and skills in securing applications at all stages of the DevOps pipeline.
1 - 3 Mar 2023
7 - 9 Jun 2023
20 - 22 Sep 2023
6 - 8 Dec 2023
Students should have an understanding of application security concepts.
• Understand DevOps security bottlenecks and discover how the culture, philosophy, practices, and tools of DevSecOps can enhance collaboration and communication across development and operations teams.
• Understand the DevSecOps toolchain and how to include security controls in automated DevOps pipelines.
• Integrate Eclipse and GitHub with Jenkins to build applications.
• Align security practices like security requirement gathering, threat modeling, and secure code reviews with development workflows.
• Integrate threat modeling tools like Threat Dragon, ThreatModeler, and Threatspec; manage security requirements with Jira and Confluence; and use Jenkins to create a secure CI/CD pipeline.
• Understand and implement continuous security testing with static, dynamic, and interactive application security testing and SCA tools (e.g., Snyk, SonarQube, StackHawk, Checkmarx SAST, Debricked, WhiteSource Bolt).
• Integrate runtime application selfprotection tools like Hdiv, Sqreen, and Dynatrace that protect applications during runtime with fewer false positives and remediate known vulnerabilities.
• Integrate SonarLint with the Eclipse and Visual Studio Code IDEs.
• Implement tools like the JFrog IDE plugin and the Codacy platform.
• Integrate automated security testing into a CI/CD pipeline using Amazon CloudWatch; Amazon Elastic Container Registry; and AWS CodeCommit, CodeBuild, CodePipeline, Lambda, and Security Hub.
• Implement various automation tools and practices, including Jenkins, Bamboo, TeamCity, and Gradle.
• Perform continuous vulnerability scans on data and product builds using automated tools like Nessus, SonarCloud, Amazon Macie, and Probely.
• Implement penetration testing tools like gitGraber and GitMiner to secure CI/CD pipelines.
• Use AWS and Azure tools to secure applications.
• Integrate automated tools to identify security misconfigurations that could expose sensitive information and result in attacks.
• Understand the concept of infrastructure as code and provision and configure infrastructure using tools like Ansible, Puppet, and Chef.
• Audit code pushes, pipelines, and compliance using logging and monitoring tools like Sumo Logic, Datadog, Splunk, the ELK stack, and Nagios.
• Use automated monitoring and alerting tools (e.g., Splunk, Azure Monitor, Nagios) and create a real-time alert and control system.
• Integrate compliance-as-code tools like Cloud Custodian and the DevSec framework to ensure that organizational regulatory or compliance requirements are met without hindering production.
• Scan and secure infrastructure using container and image scanners (Trivy and Qualys) and infrastructure security scanners (Bridgecrew and Checkov).
• Integrate tools and practices to build continuous feedback into the DevSecOps pipeline using Jenkins and Microsoft Teams email notifications.
• Integrate alerting tools like Opsgenie with log management and monitoring tools to enhance operations performance and security
A Certified Ethical Hacker is a specialist typically working in a red team environment, focused on attacking computer systems and gaining access to networks, applications, databases, and other critical data on secured systems. A C|EH® understands attack strategies, the use of creative attack vectors, and mimics the skills and creativity of malicious hackers. Unlike malicious hackers and actors, Certified Ethical Hackers operate with permission from the system owners and take all precautions to ensure the outcomes remain confidential. Bug bounty researchers are expert ethical hackers who use their attack skills to uncover vulnerabilities in the systems.
The Certified Ethical Hacker has been battle-hardened over the last 20 years, creating hundreds of thousands of Certified Ethical Hackers employed by top companies, militaries, and governments worldwide.
In its 12th version, the Certified Ethical Hacker provides comprehensive training, hands on learning labs, practice cyber ranges for engagement, certification assessments, cyber competitions, and opportunities for continuous learning into one comprehensive program curated through our new learning framework: 1. Learn 2. Certify 3. Engage 4. Compete.
The C|EH v12 also equips aspiring cybersecurity professionals with the tactics, techniques, and procedures (TTPs) to build ethical hackers who can uncover weaknesses in nearly any type of target system before cybercriminals do.
The C|EH® v12 is a specialized and one-of-a-kind training program to teach you everything you need to know about ethical hacking with hands-on training, labs, assessment, a mock engagement (practice), and global hacking competition. Stay on top of the game with the most in-demand skills required to succeed in the field of cybersecurity.
C|EH® ANSI
C|EH® Practical
Content Included
*Exam retakes are included with every courseware package. Candidates may activate this benefit through the EC-Council student portal (ASPEN)
** Proctor administration fees will be applicable for each attempt of the retake examination
Available upon request
There are no specific prerequisites for the C|EH program, however we strongly recommend candidates possess a minimum of 2 years’ experience in IT security before joining a C|EH training program. C|EH training is about testing systems and using them for purposes not originally intended, candidates should understand the basic functions of those IT systems before attempting to hack them. (Example: C|EH will teach the process of host evaluation leading to enumeration, in this process trainees will scan downrange targets using common scanning techniques such as Nmap which will respond with a list of ports, enumerating those ports and the services running on them can be used to expose common vulnerabilities and weaknesses in systems. The C|EH program will not teach you what a port is, that is essential knowledge you must have to be successful in the class.) If you do not possess the foundational skills in IT and Networking, we recommend starting with our free cybersecurity Essentials Series found here: https://www.eccouncil.org/academia/essentials
C|EH is divided into 20 modules and delivered through a carefully curated training plan that typically spans across 5 days. As you progress through your training, each module offers extensive hands-on lab components that allow you to practice the techniques and procedures taught in the program in real-time on live machines.
Ethical Hacking Labs
With over 220 hands-on labs, conducted in our cyber range environment, you will have the opportunity to practice every learning objective in the course on live machines and vulnerable targets. Pre-loaded with over 3,500 hacking tools and a variety of operating systems, you will gain unprecedented exposure to and hands-on experience with the most common security tools, latest vulnerabilities, and widely used operating systems on the market. Our range is web accessible, allowing you to study and practice from anywhere with a connection.
Certified Ethical Hacker is a specialist typically working in a red team environment, focused on attacking computer systems and gaining access to networks, applications, databases, and other critical data on secured systems. A C|EH® understands attack strategies, the use of creative attack vectors, and mimics the skills and creativity of malicious hackers. Unlike malicious hackers and actors, Certified Ethical Hackers operate with permission from the system owners and take all precautions to ensure the outcomes remain confidential. Bug bounty researchers are expert ethical hackers who use their attack skills to uncover vulnerabilities in the systems.
The Certified Ethical Hacker has been battle-hardened over the last 20 years, creating hundreds of thousands of Certified Ethical Hackers employed by top companies, militaries, and governments worldwide. It is the most trusted ethical hacking certification that employers worldwide value, and for good reasons. The comprehensive curriculum covers the fundamentals of ethical hacking, foot printing and reconnaissance, scanning, enumeration, vulnerability threats, social engineering, SQL injection, and much more.
When you successfully achieve the C|EH certification, you will be equipped with every skill you need to uncover vulnerabilities and secure the systems, networks, applications, databases, and critical data from malicious hackers.
LEARN
There are no specific prerequisites for the C|EH program, however we strongly recommend candidates possess a minimum of 2 years’ experience in IT security before joining a C|EH training program. C|EH training is about testing systems and using them for purposes not originally intended, candidates should understand the basic functions of those IT systems before attempting to hack them. (Example: C|EH will teach the process of host evaluation leading to enumeration, in this process trainees will scan downrange targets using common scanning techniques such as Nmap which will respond with a list of ports, enumerating those ports and the services running on them can be used to expose common vulnerabilities and weaknesses in systems. The C|EH program will not teach you what a port is, that is essential knowledge you must have to be successful in the class.) If you do not possess the foundational skills in IT and Networking, we recommend starting with our free cybersecurity Essentials Series found here: https://www.eccouncil.org/academia/essentials
C|EH is divided into 20 modules and delivered through a carefully curated training plan that typically spans across 5 days. As you progress through your training, each module offers extensive hands-on lab components that allow you to practice the techniques and procedures taught in the program in real-time on live machines.
Ethical Hacking Labs
With over 220 hands-on labs, conducted in our cyber range environment, you will have the opportunity to practice every learning objective in the course on live machines and vulnerable targets. Pre-loaded with over 3,500 hacking tools and a variety of operating systems, you will gain unprecedented exposure to and hands-on experience with the most common security tools, latest vulnerabilities, and widely used operating systems on the market. Our range is web accessible, allowing you to study and practice from anywhere with a connection.
The CND certification aims to equip you with hands-on training to function in real-life situations involving network defense. You will gain the technical skills required to proactively design a secure network with future threats in mind. This program will be akin to learning math instead of just using a calculator.
This program will be akin to learning math instead of just using a calculator. This program teaches a fundamental understanding of the true construct of data transfer, network technologies, and software technologies so that you understand how networks operate, the processes software is automating, and how to analyze the subject material.
You will learn how to mitigate, harden, and defend from the attacks. You will learn network defense fundamentals, the application of network security controls, protocols, perimeter appliances, secure IDS, VPN, and firewall configuration. You will then learn the intricacies of network traffic signature, analysis and vulnerability scanning which will help you when you design greater network security policies and successful incident response plans. These skills will help you foster resiliency and continuity of operations during attacks.
What typical students would benefit most from this class?
4-8 Mar 2024
15-19 April 2024 (Penang Date)
13-17 May 2024
15-19 Jul 2024
7-11 Oct 2024 (Penang Date)
11-15 Nov 2024
This program will take a typical Network/SysAdmin and immerse them in the world of Hackers and Cyber Defense.
EC-Council’s Certified Penetration Tester (CPENT) program teaches you how to perform an effective penetration test in an enterprise network environment that must be attacked, exploited, evaded, and defended. If you have only been working in flat networks, CPENT’s live practice range will teach you to take your skills to the next level by teaching you how to pen test IoT systems, OT systems, how to write your own exploits, build your own tools, conduct advanced binaries exploitation, double pivot to access hidden networks, and also customize scripts/exploits to get into the innermost segments of the network.
26 Feb - 1 Mar 2024 (Penang)
27-31 May 2024
22-26 Jul 2024 (Penang)
29 Jul - 2 Aug 2024
7-11 Oct 2024
2-6 Dec 2024 (Penang)
There are no defined pre-requisite for the exam, but it is strongly recommend that candidates to attempt the CEH (Practical) and/ or ECSA (Practical) prior to attempting CPENT
Extensive knowledge of penetration testing across multiple disciplines extending from windows, IoTs, inline defenses to automation, operational technology, and advanced skills in binary exploitation. The certification tests the knowledge of tester not only on automated tools but manual testing skills as well.
Module 01: Introduction to Penetration Testing
Module 02: Penetration Testing Scoping and Engagement
Module 03: Open Source Intelligence (OSINT)
Module 04: Social Engineering Penetration Testing
Module 05: Network Penetration Testing – External
Module 06: Network Penetration Testing– Internal
Module 07: Network Penetration Testing – Perimeter Devices
Module 08: Web Application Penetration Testing
Module 09: Wireless Penetration Testing
Module 10: IoT Penetration Testing
Module 11: OT/SCADA Penetration Testing
Module 12: Cloud Penetration Testing
Module 13: Binary Analysis and Exploitation
Module 14: Report Writing and Post Testing Actions
CPENT is a fully online, remotely proctored practical exam that challenges candidates through a grueling 24-hour performance-based, hands-on exam. The exam is broken into 2 practical exams of 12-hours each that will test your perseverance and focus by forcing you to outdo yourself with each new challenge. Candidates have the option to choose either 2 12-hour exams or one 24-hour exam.
Candidates who score more than 70% will earn the CPENT certification. Candidates who score more than 90% attain the prestigious LPT (Master) credential!
Exam features:
Choose your challenge! Either two 12-Hour sessions or a single 24-Hour exam!
EC-Council specialists proctor the entire exam – Validity is not in question.
Score at least 70% and become a CPENT
Score at least 90% and earn the highly regarded LPT (Master) designation!
To be a LPT (Master) means that you can find chinks in the armor of defense-in-depth network security models with the help of network pivoting, making exploit codes work in your favor, or by writing Bash, Python, Perl, and Ruby scripts. The live range CPENT exam demands that you think on your feet, be creative in your approach, and not rely on the conventional techniques.
Outsmarting and out maneuvering the adversary is what sets you apart from the crowd. The CPENT’s hands-on exam offers a challenge like no other by simulating a complex network in real time. This experience will test your perseverance and focus by forcing you to outdo yourself with each new challenge.
PMP, Project Management Professional (PMP), CAPM, Certified Associate in Project Management (CAPM) are registered marks of the Project Management Institute, Inc.