Secure data is loading...
Master disponible también en Español.
Most of the critical mission businesses based on Mainframe infrastructures are convinced that in this environment there are no terms like:
- Denial of Services (DOS/DOD)
- Logic Bombs
- Trojan Programs
This Master is to show how these topics are applicable to the mainframe environment and how to avoid it.
70% of the critical information in the world is supported by mainframes.
It does not matter how much money is spent on the rest of the infrastructures that surround it and connect with it if the heart of the data is put at risk.
Life of millions of people would be affected. Especially that of paid professionals to avoid it.
Become a security expert. Remember, this is a Risk Free chance!
Master disponible también en Español.
During our time together in the this Master, I’ll walk you through eight content-rich sessions designed to help you become a security expert.
We have been training professionals for the past ten years. In the beginning, we designed a course with the objective of evangelizing those responsible for the security of the mainframe (system programmers, auditors, CSOs, CIOs ...) and show them that the security that everyone had about the inviolability of the mainframe was totally false. The master was theoretical and clearly showed that it was not enough to achieve our goal.
Five years ago we developed a practical part with which to demonstrate online what we said theoretically. With the application of techniques found on the Internet and having
minimal training in the architecture of the system, we could achieve an escalation of privileges with basic users. This allowed us to make whatever attacks we wanted on an objective mainframe and its connected environments.
From there we decided to develop this Master with which to reach as many professionals as possible in the shortest time.
The content of the Master has been tested by dozens of professionals dedicated to security within the Mainframe environment with an excellent score. As a sample, we show the comments of our students who attended the Master ONLINE at the end of 2017.
After training dozens of professionals, we are sure that the Master meets the expectations of all the professional profiles that acquired it, as employees of large corporations, or in a particular way.
Today, the Internet has ended with the dark age of technologies that did not have a wide dissemination of knowledge as was the case with technologies around the mainframe. Absolutely everything that is needed to make an atomic bomb is found on the internet and everything that is needed to steal information, deny service, etc. is found on the Internet. You just have to focus on the searches and read a few specific manuals.
Two decades ago, the possibility of entering without permission the systems of a nuclear power plant, a power plant, a water control center of the largest cities on the planet was incredible, but it has happened.
The thought that a plane would become a deadly weapon or just a van could kill dozens of people was incredible.
But ... Today is credible.
Why do you still think that your mainframe environment is not attackable, or ... that will never happen to you?
The most economical way in times and money to acquire the basic knowledge by Managers, Auditors, Security Technicians, System Programmers ...
It is the only course in the world dedicated to teaching security, hacking and auditing z / OS systems in Spanish and English.
This master comprises 8 ONLINE training sections with a huge ammount of content
Acquiring the Master will additionally get these impressive materials:
Establishment of the course objectives and general vision of the z / OS environment. What makes this system so different in many ways: Solid, fast, supposedly safe and expensive.
In order to adequately follow the lessons that are aimed at hacking, denial of service and Trojans, you must have a basic training on the architecture of the z / OS system and how to manage it. They are reviewed and taught:
The z / OS system and its subsystems are oriented so that all its security is controlled by a Security Manager software. In this case we will study the concepts and basic and the way of acting that provides the manufacturer called RACF. What we do with it in the face of hacking techniques perfectly suits the others that exist in the mainframe environment: TOP Secret and ACF2.
For the only thing that interests us the security manager really is to see how we can crake the user's password. The techniques that we use are oriented to pass by his side and not through him.
The objective of this section is to understand how to create a test laboratory with zero cost, from where you can try the techniques that will be found below.
In this section you will acquire the necessary knowledge to manage and adapt the laboratory to the environments in which we are interested in doing the practices. We will also perform the first footprinting techniques in order to study the environment and evaluate what would be the most appropriate techniques to achieve our goals.
The time has come to put ourselves in the shoes of a hacker, and with the information acquired in the previous section we will take control of the system, infect all its libraries, introduce Trojans and teach a denial of service level.
This is a section oriented to the Auditors. With the knowledge acquired during the Master, one of the best audit checklists in the mainframe world should be handled. It is interesting both for those who will ask the questions and for those who should give the answers. The different procedures and normative regulations affecting the mainframe environment are also discussed.
It is time to summarize what has been learned in the Master and to propose solutions to try to prevent these techniques from being successful in our environments.
Master disponible también en Español.
AGR is currently the CTO of Bsecure - The Mainframe & Security Company and leader of the security, hacking and auditing group in z / OS environments. Professional of recognized prestige. In his more than 30 years of experience he has carried out multiple works related to the audit and security management strategy in the mainframe environment (currently z/OS). In his beginnings he worked as Technical Director of Spain, Iberia and EMEA (South of Europe) in companies such as Software AG, Goal Systems, Legent. In 2002 he founded Bsecure to respond to the lack of sensitivity on the need to impose security methodologies, which could stop the progress of the hacking world towards these environments based on the mainframe infrastructure.
In 2018 he created the first audit and hacking course in z/OS systems in the Spanish language, with which he has trained dozens of security professionals from the largest companies in the Spanish and Latin world. At this moment, he directs a group of specialized hackers in the mainframe with which audit services are provided, strategies for the implementation of security systems and intrusion tests in mainframe infrastructures. In 2016, he transformed the face-to-face course of auditing and hacking into an online course in Spanish language being the main professor and the version of the course in English is currently being launched.
If this MASTER is new, How do I know if it worth it?
THE MASTER is based on a previous course in Spanish that was entirely face-to-face and was given once a year to more than 40 large clients and service companies, which added more than 280 professionals for 8 years. It was taught in Spain and several countries in Latin America.
The qualifications of our students, with all types of profiles was between very good and excellent. Even so, we start from the comments made in the evaluations to add many modifications to this ONLINE MASTER.
The ONLINE MASTER was tested during the past year 2017 and the grades were tremendously positive as can be seen in the comments of students.
Are there more Masters like this?
No, as far as we know, there are some courses that teach the management of z / OS systems, some other that focuses on how to work with the user environment (ISPF), but none as ambitious as this one is oriented to knowledge basic environment, security, hacking and systems audit.
There are five companies in the world with total dedication to security in the mainframe environment. Bsecure is one of them, and is the only one that decided to evangelize CIOs and other levels of managers in charge of data security and business continuity of the large companies that use these environments.
This Master is unique in both Spanish and English.
Could I acquire the knowledge of this Master without taking it?
Obviously, everything can be learned. But the big difference is that the knowledge integrated in this Master is equivalent to dozens of years of experience.
Why, if the MASTER has all these features and is so positive, is the cost so low?
In Bsecure we decided to evangelize about the need to eliminate the idea that mainframes are totally safe for more than 10 years. Unfortunately we continue to see that while in other environments all kinds of actions are taken to avoid intrusions and DOS attacks, so it is still necessary to acquire the basic knowledge by managers, auditors, security technicians, system programmers ...
The best way to realize this evangelization is precisely that knowledge is very very affordable. This Master should have a cost of more than 100,000 dollars depending on the exceptionality and breadth of knowledge it deals with.
We have done a Master that should be mandatory for any professional that has a relationship with the security and maintenance of mainframe environments. And for this, the cost must be even affordable to any professional in a particular way.
Is it ethical to explain techniques as dangerous as those that appear in the MASTER?
This topic has been debated for a long time in networks. First for the ethical part and secondly because teaching these techniques means that other service companies with minimal knowledge of environmental security are against our Master because their services will lose value when training their clients and other companies. The limit that we set ourselves in his day was to show only those knowledge that can be found on the Internet, and we have been very careful not to teach beyond that limit.
Unfortunately, this limit is absolutely sufficient to perform the actions described in the MASTER. From the theft of information to the denial of service for several days through the infection of LPAR's (logical partitions of physical machines).
Is it a theoretical or practical Master?
This is a difference with other Masters. We have tried to teach enough theory to understand the why and the how of the techniques that are taught. And no more!
It provides references and sufficient material to enter the depth that the student wants, but we only teach what is absolutely necessary to carry out many of the incidents that we are encountering.
What are the differences between the course that was taught in person and this Master ONLINE?
The face-to-face course was done during some mornings and the accumulation of knowledge was very broad in a very short time. It was very difficult to retain all the teacher's explanations at that time.
The ONLINE course has two main positive differences:
You will always have the option of raising doubts and questions to Bsecure technicians related to company training.
How is the Master structured?
It is divided into Courses or sections, so that there is a section common to all the possible profiles that take the course:
I am a professional with knowledge of LINUX and Windows, could I take the Master's degree and take advantage of it?
Indeed, any professional with experience in other operating systems can with our Master make analogies that help him to understand the operation of the z / OS system and the security around it. It is impossible to acquire all the necessary knowledge in less time and money than in the offer of our Master.
I am an auditor without deep knowledge in operating systems, could I do the MASTER and take advantage of it?
One of the main rules of the audit of IT environments is the need to understand the environment. You can not do technology auditing without understanding the technology. The problem with z / OS systems is that each aspect of the system and its subsystems is associated with dozens of manuals. Therefore, the question arises: What is the minimum that I have to know to get to properly audit such a complex system? The answer is in this Master. It is designed so that professionals with experience in other environments can understand the environment z / OS sufficiently to perform audits, knowing what they request and evaluating what they give them.
I am a CIO of a large company in which the Mainframe is key in our IT Infrastructure. Why should I take the MASTER?
In the case of Managers who have mainframe infrastructures among their levels of responsibility, they should understand at least the strengths and weaknesses of the systems. We find ourselves too often with Managers who are convinced that, from a security point of view, a mainframe is impregnable and simply carrying out a good security administration is sufficient.
This Master is designed so that they can understand reality in the security of mainframe environments. They are environments with strengths and weaknesses like any other, and you need to know especially the weaknesses to understand how to force no one to trespass, in case you let them know what they did and when they did it, and be clear that they do not You can go back to do the same.
This Master could be taken by him, it is not the first time that a CIO whose experience has been exclusively in open environments takes the Master. But above all it should serve to convince you that this Master should be mandatory for all professionals who have some kind of relationship with security in the environment of the mainframe infrastructure.
I am an expert in security, specialized in penetration techniques in Open Systems (pentester). Why should I take the MASTER?
Pentesters are more appreciated and valued the more environments they are able to manage. Nowadays mainframes are connected to the internal networks of companies, and sometimes they are even exposed to external networks. It is not the first time that we have requested a dump about a problem with one of our software products and we see that we have been sent by FTP directly from the mainframe.
The completion of this Master and having the certificate of use of it clearly increases the value of any professional in the market of security professionals.
I am a Systems Programmer responsible for Mainframe infrastructures in a large company. Would it really help me to take the MASTER for something?
Absolutely yes. When we created the face-to-face course a few years ago, we were curious about the usefulness it could have for this type of profile.
We found a comment that was repeated in the different courses in this type of profile: "There is never time to put in the place of bad guys and focus on these issues that prove to be critical, this course has allowed me to think about focusing in this type of problems and think about how to develop different actions to avoid this type of attacks".
Master disponible también en Español.
Penetration Toolkit Library
Key Discovering Toolkit
Regular Price $2,447$597
Master disponible también en Español.
If you are a university student and you have some official certification from the professional world or you are going to examine (CISSP, CISA ...), and you want to acquire the course with an additional 50% discount, contact us at firstname.lastname@example.org
Your credit card or PayPal payment is SECURE! We use the secure shopping cart services of Paypal. You will notice in your browser the little padlock symbol and the https:// (“s” stands for “secure!”)
All major credit cards accepted.