الأمن السيبراني هو أحد أهم ركائز رؤية المملكة 2030. يهدف هذا البرنامج إلى خلق بيئة مناسبة للتدرب على الأمن السيبراني والقرصنة الأخلاقية، مع تقديم معلومات شاملة لمجموعة واسعة من الموضوعات المتعلقة بالأمن.
This comprehensive and practical 3-week bootcamp introduces its participants to the notions of common and important problems of today’s digital and computing world in terms of security. The bootcamp is of two parts:
Part I of the bootcamp explores the fundamentals of cybersecurity such as the concepts of threats, vulnerabilities, cyber wars, cyberterrorism, security ethics, governance, law, and discusses in detail the basics of risk assessment which represents the heart of professional information security. Fundamentals are essential to develop a security mindset, in which students learn to think like an attacker for ways to exploit a system. Using the newly developed mindset, students will be able to explore and analyze incidents through the security lenses of professionals.
Part II of the bootcamp will go deep into penetration testing. Penetration testing is the process of evaluating software for security problems by qualified security experts (also known as penetration testers or ethical hackers). The purpose of such a test is to identify any security flaws in the software so that they aren't easily exploited (or misused) by the hacker community.
During web application penetration testing, the software being evaluated is a web application kept on a remote server that users may access via the internet. Because web applications are obvious targets for hackers, web application developers must conduct regular penetration testing to ensure that their web applications are free of security flaws and malware threats.
At the end of the bootcamp, participants will have a better understanding of the modern cybersecurity threats, the measures of avoiding several “dangerous” habits and uses of today’s business IT infrastructure and avoid being victims of fraud(s) or attacks on the internet. Finally, the participants will get some real hands-on experience through real examples on how to evaluate the security of web applications on the Internet and perform penetration testing.
The workshop is delivered through lectures, class discussions, individual and group case studies, practical usage of software and network tools, and assessment. The topics to be covered include the following:
Security professionalism and ethics
Security awareness and training
Accumulating information about a website
Identifying relations using social networking
Cracking the login credentials using SQL injection
Overview of deep web and dark web
Cross-site scripting (XSS) attack
Practical sessions and exercises will use virtualized environments that will not endanger individual property and will not cause any harm.
This program is an excellent opportunity for everyday IT users to get a detailed and concrete knowledge of good practices regarding cybersecurity and understand basic notions about various attacks like viruses and worms and basic countermeasures, network attacks, penetration testing, and risk assessment.