Date:
The strategic initiative of KSA’s Vision 2030 has Cybersecurity as one of its leading topics. This will require a workforce to support the information technology infrastructure in the Kingdom. Currently, there is a lack of local professionals in this field. Furthermore, there is a great interest among citizens to learn about it and get involved in Cybersecurity at all levels.
Program Overview This comprehensive and practical 3-week bootcamp introduces its participants to the notions of common and important problems of today’s digital and computing world in terms of security. The bootcamp is of two parts:
During web application penetration testing, the software being evaluated is a web application kept on a remote server that users may access via the internet. Because web applications are obvious targets for hackers, web application developers must conduct regular penetration testing to ensure that their web applications are free of security flaws and malware threats.
Program Objectives At the end of the workshop, participants will have a better understanding of the modern cybersecurity threats, the measures of avoiding several “dangerous” habits and uses of today’s business IT infrastructure and avoid being victims of fraud(s) or attacks on the internet. Finally, the participants will get some real hands-on experience through real examples on how to evaluate the security of web application on the Internet and perform penetration testing.
Target Audience This workshop is an excellent opportunity for high-school students who want to have some basic knowledge on cybersecurity. They will learn how to effectively maintain their own security online and at work. They will learn the good practices, and what to avoid and/or be careful using today’s computers. The target group are young people interested in learning information security, with some theoretical background or basic IT knowledge and/or experience, without necessarily a strong IT background. Also, advanced users will find some solid techniques and practices very useful.
Program Outline The workshop is delivered though lectures, class discussions, individual and group case studies, practical usage of software and network tools, and assessment. The topics to be covered include the following:
Note: Examples and Exercises will use virtualized environments that will not endanger individual property and will not cause any harm.
Prerequisites
Learning objectives:
Tools and Technical requirements
Instructors
1. Daniyal Alghazzawi is a Professor of Cybersecurity at the Computing Information Systems Department and the head of the Information Security Research Group at King Abdulaziz University. He graduated with a Ph.D. in computer science from the University of Kansas in 2007. He served in a variety of administrative and leadership roles and was awarded the Leadership Management International Certificate (LMI). In 2010, he was appointed Honorary Lecturer at the University of Essex. Daniyal has organized both domestic and international seminars and conferences. In the disciplines of smart e¬ learning, cybersecurity, and artificial intelligence, he is the author of multiple scholarly papers and patents. He has also served as a reviewer and editor for a number of local and international conferences, journals, workshops, and contests. Daniyal has worked as a consultant for a number of companies, assisting them in developing information security policies and obtaining certifications such as ABET, ISO27001, ISO22301, and others.
Department of Information Systems, Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah (dghazzawi@kau.edu.sa), https://dghazzawi.kau.edu.sa
2. Suaad Alarifi is an Assistant Professor of Cybersecurity at the Computing Information Systems Department, King Abdulaziz University. She graduated with a Ph.D. in information security from the University of London, Royal Holloway college in 2015. She holds Bachelor's Degree in Computer Science from King Abdulaziz University and Master's Degree in Information Security from University of London. Suaad has provided consulting and training services in the field for different government and private organizations. She is also an external member in Institutional Biosafety and Bioethics Committee (IBEC) at KAUST. Department of Information Systems, Faculty of Computing and Information Technology, King Abdulaziz University, Jeddah (salarifi@kau.edu.sa), https://salarifi.kau.edu.sa/
Security Aid Toolbox Participants will take home a Security Aid Box. The Aid box is a collection of several check lists, forms, graphs, printed material, etc., along with several software tools. This Aid box will be used extensively during the bootcamp to give participants enough practice during the practical sessions.
Summary This workshop is an excellent opportunity for everyday IT users to get a detailed and concrete knowledge of good practices regarding cybersecurity and understand basic notions about various attacks like viruses and worms and basic countermeasures, network attacks, penetration testing, and risk assessment.