Training is not a commodity – all training centres are not the same. Iverson Associates Sdn Bhd is the most established, the most reputable, and the top professional IT training provider in Malaysia. With a large pool of experienced and certified trainers, state-of-the-art facilities, and well-designed courseware, Iverson offers superior training, a more impactful learning experience and highly effective results.
At Iverson, our focus is on providing high-quality IT training to corporate customers, meeting their learning needs and helping them to achieve their training objectives. Iverson has the flexibility to provide training solutions whether for a single individual or the largest corporation in a well-paced or accelerated training programme.
Our courses continue to evolve along with the fast-changing technological advances. Our instructor-led training services are available on a public and a private (in-company) basis. Some of our courses are also available as online, on demand, and hybrid training.
The Red Hat Certified Specialist in Identity Management exam (EX362) tests your knowledge, skills, and ability to create, configure, and manage Red Hat® Enterprise Linux authentication services and integrate those services with a variety of Red Hat and non-Red Hat products and technologies.
By passing this exam, you become a Red Hat Certified Specialist in Identity Management, which also counts toward becoming a Red Hat® Certified Architect (RHCA®).
This exam is based on Red Hat Enterprise Linux 7, Red Hat Satellite Server 6, Red Hat Ansible Tower 2, and Microsoft Windows 10 Active Directory.
These audiences may be interested in becoming a Red Hat Certified Specialist in Directory Services and Authentication:
The Red Hat Certified Specialist in Security: Linux exam validates your knowledge and abilities in securing Red Hat® Enterprise Linux®.
By passing this exam, you become a Red Hat Certified Specialist: Linux, which also counts toward becoming a Red Hat Certified Architect (RHCA®).
This exam is based on Red Hat Enterprise Linux version 7.5.
These audiences may be interested in becoming a Red Hat Certified Specialist in Security: Linux:
The Certified Ethical Hacker (CEH) credential is the most trusted ethical hacking certification and accomplishment recommended by employers globally. It is the most desired information security certification and represents one of the fastest-growing cyber credentials required by critical infrastructure and essential service providers. Since the introduction of CEH in 2003, it is recognized as a standard within the information security community. CEH v11 continues to introduce the latest hacking techniques and the most advanced hacking tools and exploits used by hackers and information security professionals today. The Five Phases of Ethical Hacking and the original core mission of CEH remain valid and relevant today: “To beat a hacker, you need to think like a hacker.”
CEH provides an in-depth understanding of ethical hacking phases, various attack vectors, and preventative countermeasures. It will teach you how hackers think and act maliciously so that you will be better positioned to set up your security infrastructure and defend future attacks. Understanding system weaknesses and vulnerabilities help organizations strengthen their system security controls to minimize the risk of an incident. CEH was built to incorporate a hands-on environment and systematic process across every ethical hacking domain and methodology, giving you the opportunity to work towards proving the required knowledge and skills needed to perform the job of an ethical hacker. You will be exposed to an entirely different posture towards the responsibilities and measures required to be secure. In its 11th version, CEH continues to evolve with the latest operating systems, tools, tactics, exploits, and technologies.
4-8 Jan 2021 (Penang)
22-26 Feb 2021
8-12 Mar 2021 (Penang)
19-23 Apr 2021
14-18 Jun 2021
21-25 Jun 2021 (Penang)
5-9 Jul 2021
23-27 Aug 2021
27 Sep - 1 Oct 2021 (Penang)
25-29 Oct 2021
29 Nov - 3 Dec 2021 (Penang)
13-17 Dec 2021
Are you getting ready to administer database security policies? Learn how to configure Guardium V10 to discover, classify, analyze, protect, and control access to sensitive data. You will learn to perform vulnerability assessment, and how to monitor data and file activity. This course also teaches you how to create reports, audits, alerts, metrics, and compliance oversight processes.
20-22 Apr 2020
5-7 Oct 2020
Database administrators, security administrators, security analysts, security technical architects, and professional services using IBM Guardium.
Before taking this course, make sure that you have the following skills:
Working knowledge of SQL queries for IBM DB2 and other databases
Working knowledge of UNIX commands
Familiarity with data protection standards such as HIPAA and CPI
Identify the primary functions of IBM Guardium
Apply key Guardium architecture components
Navigate the Guardium user interface and command line interface
Manage user access to Guardium
Use the administration console to manage Guardium components
Build and populate Guardium groups
Configure policy rules that process the information gathered from database and file servers
Use the configuration auditing system, Vulnerability Assessment application, and Database Discovery to perform data security tasks
Create queries and reports to examine trends and gather data
Automate compliance workflow processes
Use file acess monitoring to keep track of the files on your servers
Unit 1: IBM Guardium: Overview
Unit 2: IBM Guardium: Architecture
Unit 3: IBM Guardium: User interface
Unit 4: IBM Guardium: Access management
Unit 5: IBM Guardium: System view and data management
Unit 6: IBM Guardium: Groups
Unit 7: IBM Guardium: Policy management
Unit 8: IBM Guardium: Auditing, vulnerability assessment, and discovery
Unit 9: IBM Guardium: Custom queries and reports
Unit 10: IBM Guardium: Compliance workflow automation
Unit 11: IBM Guardium: File activity monitoring
The CISA Boot Camp is specifically designed to provide CISA candidates with the effective skills necessary to develop, manage, and supervise programs to defend against unauthorized admittance to information.
1-5 Feb 2021
5-9 Apr 2021
31 May - 4 Jun 2021
21-25 Jun 2021 (Penang)
16-20 Aug 2021
4-8 Oct 2021
13-17 Dec 2021
This training is only intended for individuals preparing for the CISA Certification exam. A minimum of five years of professional information systems auditing, control or security work experience is required for certification.
18-21 Jan 2021
15-18 Mar 2021
3-6 May 2021
12-15 Jul 2021
6-9 Sep 2021
8-11 Nov 2021
Gain core knowledge and experience to successfully implement and manage security programs in this official (ISC)2 CISSP course.
This course is the most comprehensive review of information security concepts and industry best practices, and covers the eight domains of the official CISSP CBK (Common Body of Knowledge). You will gain knowledge in information security that will increase your ability to successfully implement and manage security programs in any organization or government entity. You will learn how to determine who or what may have altered data or system information, potentially affecting the integrity of those asset and match an entity, such as a person or a computer system, with the actions that entity takes against valuable assets, allowing organizations to have a better understanding of the state of their security posture. Policies, concepts, principles, structures, and standards used to establish criteria for the protection of information assets are also covered in this course.
This five-day program is comprised of a total of eight domains and includes:
• Official (ISC)2 Guide to the CISSP Common Body of Knowledge® (CBK)
• Official (ISC)2 CISSP Training Handbook
• Official (ISC)2 CISSP Flash Cards
• CISSP Certification Exam Voucher
25-29 Jan 2021
1-5 Mar 2021
19-23 Apr 2021
3-7 May 2021
7-11 Jun 2021
Professionals with at least five years of experience and who demonstrate a globally recognized level of competence, as defined in the CISSP Common Body of Knowledge (CBK) in two or more of the eight security domains.
In-depth coverage of the eight domains required to pass the CISSP exam:
1. Security and Risk Management
2. Asset Security
3. Security Engineering
4. Communications and Network Security
5. Identity and Access Management
6. Security Assessment and Testing
7. Security Operations
8. Software Development Security
1.1 Understand and apply concepts of confidentiality, integrity, and availability
1.2 Evaluate and apply security governance principles
1.3 Determine compliance requirements
1.4 Understand legal and regulatory issues that pertain to information security in a global context
1.5 Understand, adhere to, and promote professional ethics
1.6 Develop, document, and implement security policy, standards, procedures, and guidelines
1.7 Identify, analyze, and prioritize Business Continuity (BC) requirements
1.8 Contribute to and enforce personnel security policies and procedures
1.9 Understand and apply risk management concepts
1.10 Understand and apply threat modeling concepts and methodologies
1.11 Apply risk-based management concepts to the supply chain
1.12 Establish and maintain a security awareness, education, and training program
2.1 Identify and classify information and assets
2.2 Determine and maintain information and asset ownership
2.3 Protect privacy
2.4 Ensure appropriate asset retention
2.5 Determine data security controls
2.6 Establish information and asset handling requirements
3.1 Implement and manage engineering processes using secure design principles
3.2 Understand the fundamental concepts of security models
3.3 Select controls based upon systems security requirements
3.4 Understand security capabilities of information systems (e.g., memory protection, Trusted Platform Module (TPM), encryption/decryption)
3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements
4.1 Implement secure design principles in network architectures
4.2 Secure network components
4.3 Implement secure communication channels according to design
5.1 Control physical and logical access to assets
5.2 Manage identification and authentication of people, devices, and services
5.3 Integrate identity as a third-party service
5.4 Implement and manage authorization mechanisms
5.5 Manage the identity and access provisioning lifecycle
6.1 Design and validate assessment, test, and audit strategies
6.2 Conduct security control testing
6.3 Collect security process data (e.g., technical and administrative)
6.4 Analyze test output and generate report
6.5 Conduct or facilitate security audits
7.1 Understand and support investigations
7.2 Understand requirements for investigation types
7.3 Conduct logging and monitoring activities
7.4 Securely provisioning resources
7.5 Understand and apply foundational security operations concepts
7.6 Apply resource protection techniques
7.7 Conduct incident management
7.8 Operate and maintain detective and preventative measures
7.9 Implement and support patch and vulnerability management
7.10 Understand and participate in change management processes
7.11 Implement recovery strategies
7.12 Implement Disaster Recovery (DR) processes
7.13 Test Disaster Recovery Plans (DRP)
7.14 Participate in Business Continuity (BC) planning and exercises
7.15 Implement and manage physical security
7.16 Address personnel safety and security concerns
8.1 Understand and integrate security in the Software Development Life Cycle (SDLC)
8.2 Identify and apply security controls in development environments
8.3 Assess the effectiveness of software security
8.4 Assess security impact of acquired software
8.5 Define and apply secure coding guidelines and standards
This course teaches you the methods in identifying vulnerabilities and takes appropriate countermeasures to prevent and mitigate failure risks for an organization. It also provides the networking professional with a foundation in disaster recovery principles, including preparation of a disaster recovery plan, assessment of risks in the enterprise, development of policies, and procedures, and understanding of the roles and relationships of various members of an organization, implementation of the plan, and recovering from a disaster. This course takes an enterprise-wide approach to developing a disaster recovery plan. Students will learn how to create a secure network by putting policies and procedures in place, and how to restore a network in the event of a disaster. EDRP course was certified for meeting the CNSS 4016 Advanced Level training standard for Risk Analyst by the United States Government National Security Agency (NSA).
8-12 Mar 2021
14-18 Jun 2021
20-24 Sep 2021
13-17 Dec 2021
Network server administrators, firewall administrators, systems administrators, application developers, and IT security officers.
The Certified Application Security Engineer (CASE) credential is developed in partnership with large application and software development experts globally.
The CASE credential tests the critical security skills and knowledge required throughout a typical software development life cycle (SDLC), focusing on the importance of the implementation of secure methodologies and practices in today’s insecure operating environment.
The CASE certified training program is developed concurrently to prepare software professionals with the necessary capabilities that are expected by employers and academia globally.It is designed to be a hands-on, comprehensive application security course that will help software professionals create secure applications.
The training program encompasses security activities involved in all phases of the Software Development Lifecycle (SDLC): planning, creating, testing, and deploying an application.
Unlike other application security trainings, CASE goes beyond just the guidelines on secure coding practices and includes secure requirement gathering, robust application design, and handling security issues in post development phases of application development.
This makes CASE one of the most comprehensive certifications on the market today. It is desired by software application engineers, analysts, testers globally, and respected by hiring authorities.
The Purpose of CASE Is
1-3 Feb 2021
4-6 Apr 2021
11-13 Aug 2021
13-15 Dec 2021
- Securing ASP.NET Application from Session Fixation Attack
Checklist for Secure Session Management
The Certified Application Security Engineer (CASE) credential is developed in partnership with large application and software development experts globally.
The CASE credential tests the critical security skills and knowledge required throughout a typical software development life cycle (SDLC), focusing on the importance of the implementation of secure methodologies and practices in today’s insecure operating environment.
The CASE certified training program is developed concurrently to prepare software professionals with the necessary capabilities that are expected by employers and academia globally.It is designed to be a hands-on, comprehensive application security course that will help software professionals create secure applications.
The training program encompasses security activities involved in all phases of the Software Development Lifecycle (SDLC): planning, creating, testing, and deploying an application.
Unlike other application security trainings, CASE goes beyond just the guidelines on secure coding practices and includes secure requirement gathering, robust application design, and handling security issues in post development phases of application development.
This makes CASE one of the most comprehensive certifications on the market today. It is desired by software application engineers, analysts, testers globally, and respected by hiring authorities.
The Purpose of CASE Is
11-13 Jan 2021
15-17 Mar 2021
14-16 Jun 2021
16-18 Aug 2021
15-17 Nov 2021
Immediate Credibility: The CASE program affirms that you are indeed an expert in application security. It also demonstrates the skills that you possess for employers globally.
Pertinent Knowledge: Through the CASE certification and training program, you will be able to expand your application security knowledge.
Multifaceted Skills: CASE can be applied to a wide variety of platforms, such as, mobile applications, web applications, IoT devices, and many more.
A Holistic Outlook: Ranging from pre-deployment to post-deployment security techniques, covering every aspect of secure – software development life cycle, CASE arms you with the necessary skills to build a secure application.
Better Protect and Defend: By making an application more secure you are also helping defend both organizations and individuals globally. As a CASE, it is in your hands to protect and defend and ultimately help build a safer world.
Best Practices for Input Validation
- Setting a Limited Time Period for Session Expiration
- Preventing Session Cookies from Client-Side Scripts Attacks
- Example Code for URL Rewriting
Guidelines for Secured Session Management
- Standard Auditing Enable Network Auditing
This latest iteration of EC-Council’s Certified Incident Handler (E|CIH) program has been designed and developed in collaboration with cybersecurity and incident handling and response practitioners across the globe.
It is a comprehensive specialist-level program that imparts knowledge and skills that organizations need to effectively handle post breach consequences by reducing the impact of the incident, from both a financial and a reputational perspective.
Following a rigorous development which included a careful Job Task Analysis (JTA) related to incident handling and incident first responder jobs, EC-Council developed a highly interactive, comprehensive, standards-based, intensive 3-day training program and certification that provides a structured approach to learning real-world incident handling and response requirements.
Professionals interested in pursuing incident handling and response as a career require comprehensive training that not only imparts concepts but also allows them to experience real-scenarios. The E|CIH program includes hands-on learning delivered through labs within the training program. True employability after earning a certification can only be achieved when the core of the curricula maps to and is compliant with government and industry-published incident and response frameworks.
E|CIH is a method-driven program that uses a holistic approach to cover vast concepts concerning organizational incident handling and response from preparing and planning the incident handling response process to recovering organizational assets after a security incident. These concepts are essential for handling and responding to security incidents to protect organizations from future threats or attacks.
26-28 Apr 2021 (Penang)
31 May - 2 Jun 2021
6-8 Sep 2021 (Penang)
4-6 Oct 2021
The incident handling skills taught in E|CIH are complementary to the job roles below as well as many other cybersecurity jobs:
Digital forensic practices stem from forensic science, the science of collecting and examining evidence or materials. Digital or computer forensics focuses on the digital domain including computer forensics, network forensics, and mobile forensics. As the cyber security profession evolves, organizations are learning the importance of employing digital forensic practices into their everyday activities. Computer forensic practices can help investigate attacks, system anomalies, or even help System administrators detect a problem by defining what is normal functional specifications and validating system information for irregular behaviors.
In the event of a cyber-attack or incident, it is critical investigations be carried out in a manner that is forensically sound to preserve evidence in the event of a breach of the law. Far too many cyber-attacks are occurring across the globe where laws are clearly broken and due to improper or non-existent forensic investigations, the cyber criminals go either unidentified, undetected, or are simply not prosecuted.
Cyber Security professionals who acquire a firm grasp on the principles of digital forensics can become invaluable members of Incident Handling and Incident response teams. The Computer Hacking Forensic Investigator course provides a strong baseline knowledge of key concepts and practices in the digital forensic domains relevant to today’s organizations. CHFI provides its attendees a firm grasp on the domains of digital forensics.
1-5 Mar 2021
22-26 Mar 2021 (Penang)
31 May - 4 Jun 2021
26-30 Jul 2021
2-6 Aug 2021 (Penang)
27 Sep - 1 Oct 2021
22-26 Nov 2021
The CHFI program is designed for all IT professionals involved with information system security, computer forensics, and incident response.
The purpose of the CSCU training program is to provide students with the necessary knowledge and skills to protect their information assets. This class will immerse students into an interactive environment where they will acquire fundamental understanding of various computer and network security threats such as identity theft, credit card fraud, online banking phishing scams, virus and backdoors, emails hoaxes, sex offenders lurking online, loss of confidential information, hacking attacks and social engineering. More importantly, the skills learnt from the class helps students take the necessary steps to mitigate their security exposure.
4-5 Jan 2021
18-19 Jan 2021 (Penang)
1-2 Mar 2021
12-13 Apr 2021
1-2 Apr 2021 (Penang)
21-22 Jun 2021
23-24 Aug 2021
16-17 Aug 2021 (Penang)
6-7 Sep 2021
22-23 Nov 2021
This course is specifically designed for todays' computer users who uses the internet and the www extensively to work, study and play.
EC-Council Certified Security Specialist (ECSS) is an entry level security program covering the fundamental concepts of information security, computer forensics, and network security. It enables students to identify information security threats which reflect on the security posture of the organization and implement general security controls. This program will give a holistic overview of the key components of information security, computer forensics, and network security. This program provides a solid fundamental knowledge required for a career in information security.
11-15 Jan 2021
12-16 Apr 2021
12-16 Jul 2021
25-29 Oct 2021
ECSS is designed for anyone who want to enhance their skills and make career in information security, network security, and computer forensics fields.
PMP, Project Management Professional (PMP), CAPM, Certified Associate in Project Management (CAPM) are registered marks of the Project Management Institute, Inc.