User Session Recording Technology for Security and Compliance Training Course
User session recording technology is used to capture, monitor, and audit user activity across IT systems, delivering valuable insights for security, compliance, and forensic investigations.
This instructor-led, live training (available online or on-site) is designed for beginner to intermediate-level IT and security professionals who wish to implement user session recording solutions to strengthen monitoring, ensure compliance, and enhance accountability.
By the end of this training, participants will be able to:
- Understand the core principles of user session recording.
- Deploy and configure session recording solutions effectively.
- Analyse and audit recorded sessions to ensure compliance.
- Integrate session recording with security monitoring systems.
Course Format
- Interactive lectures and group discussions.
- Abundant hands-on exercises and practical practice.
- Real-world implementation in a live lab environment.
Course Customisation Options
- To request a customised version of this training, please contact us to make arrangements.
Course Outline
Introduction to User Session Recording
- What is session recording?
- Use cases in security and compliance
- Legal and ethical considerations
Deploying Session Recording
- Architecture and deployment options
- Configuration and storage considerations
- Agent-based versus agentless approaches
Monitoring and Analysis
- Viewing and auditing recorded sessions
- Integration with SIEM and monitoring tools
- Detecting insider threats and anomalies
Best Practices and Maintenance
- Data protection and privacy
- Storage and retention policies
- Ongoing monitoring and performance tuning
Summary and Next Steps
Requirements
- A solid understanding of IT security fundamentals
- Practical experience with Windows or Linux environments
- Familiarity with compliance and audit processes
Target Audience
- Security administrators
- Compliance officers
- IT operations teams
Open Training Courses require 5+ participants.
User Session Recording Technology for Security and Compliance Training Course - Booking
User Session Recording Technology for Security and Compliance Training Course - Enquiry
User Session Recording Technology for Security and Compliance - Consultancy Enquiry
Testimonials (3)
Experience sharing, it's teacher's know-how and valuable.
Carey Fan - Logitech
Course - C/C++ Secure Coding
get to understand more about the product and some key differences between RHDS and open source OpenLDAP.
Jackie Xie - Westpac Banking Corporation
Course - 389 Directory Server for Administrators
the knowledge of the trainer was very high - he knew what he was talking about, and knew the answers to our questions
Adam - Fireup.PRO
Course - Advanced Java Security
Provisional Upcoming Courses (Require 5+ participants)
Related Courses
389 Directory Server for Administrators
14 HoursThis instructor-led, live training in New Zealand (online or on-site) is intended for system administrators who wish to use 389 Directory Server to configure and manage LDAP-based authentication and authorisation.
By the end of this training, participants will be able to:
- Install and configure 389 Directory Server.
- Understand the features and architecture of 389 Directory Server.
- Learn how to configure the directory server using the web console and CLI.
- Set up and monitor replication for high availability and load balancing.
- Manage LDAP authentication using SSSD for improved performance.
- Integrate 389 Directory Server with Microsoft Active Directory.
Active Directory for Admins
21 HoursThis instructor-led, live training in New Zealand (available online or on-site) is aimed at system administrators who wish to use Microsoft Active Directory to manage and secure data access.
By the end of this training, participants will be able to:
- Set up and configure Active Directory.
- Establish a domain and define user and device access rights.
- Manage users and machines through Group Policies.
- Control access to file servers.
- Set up a Certificate Service and manage certificates.
- Implement and manage services such as encryption, certificates, and authentication.
Network Security and Secure Communication
21 HoursBuilding a secure networked application can be challenging, even for developers who have previously worked with various cryptographic components such as encryption and digital signatures. To help participants grasp the role and application of these cryptographic primitives, the course first establishes a solid foundation covering the core requirements of secure communication—secure acknowledgment, integrity, confidentiality, remote identification, and anonymity. It also explores typical issues that can compromise these requirements, along with real-world solutions.
As cryptography is a critical pillar of network security, the course examines key algorithms in symmetric cryptography, hashing, asymmetric cryptography, and key agreement. Rather than delving into complex mathematical theory, these topics are presented from a developer's perspective, featuring practical use cases and considerations such as the implementation of public key infrastructures. The course introduces security protocols across various domains of secure communication, with in-depth coverage of widely used protocol families like IPSEC and SSL/TLS.
Common cryptographic vulnerabilities are examined, including those affecting specific algorithms and protocols such as BEAST, CRIME, TIME, BREACH, FREAK, Logjam, Padding Oracle, Lucky Thirteen, POODLE, and the RSA timing attack. For each vulnerability, practical implications and potential consequences are outlined, again avoiding deep mathematical detail.
Finally, as XML plays a central role in data exchange for networked applications, the course addresses XML security. This includes the use of XML in web services and SOAP messages, along with protective measures such as XML signature and XML encryption. It also highlights weaknesses in these protections and XML-specific security threats, including XML injection, XML External Entity (XXE) attacks, XML bombs, and XPath injection.
Participants attending this course will
- Understand basic concepts of security, IT security and secure coding
- Understand the requirements of secure communication
- Learn about network attacks and defenses at different OSI layers
- Have a practical understanding of cryptography
- Understand essential security protocols
- Understand some recent attacks against cryptosystems
- Get information about some recent related vulnerabilities
- Understand security concepts of Web services
- Get sources and further readings on secure coding practices
Audience
Developers, Professionals
C/C++ Secure Coding
21 HoursDeveloping secure C and C++ applications demands stringent defences against malicious exploitation, memory corruption, and the bypass of input validation. This course explores common vulnerability patterns, such as buffer overflows, use-after-free errors, integer overflows, and type confusion. Participants will implement secure coding guidelines, utilise static analysis tools, and apply defensive programming techniques to mitigate weaknesses, enforce rigorous input sanitization, and produce robust software that withstands cyberattacks.
Advanced Java Security
21 HoursEven seasoned Java programmers often don't fully grasp the full range of security services provided by Java, nor are they always aware of the various vulnerabilities that affect web applications written in Java.
Alongside introducing the security components of Standard Java Edition, this course addresses security issues within Java Enterprise Edition (JEE) and web services. The discussion of specific services is grounded in the fundamentals of cryptography and secure communication. Through a variety of exercises, participants explore declarative and programmatic security techniques in JEE, while also covering both transport-layer and end-to-end security for web services. The practical application of all these components is demonstrated through several hands-on exercises, allowing participants to test the discussed APIs and tools themselves.
The course also examines and explains the most common and severe programming flaws in the Java language and platform, as well as web-related vulnerabilities. Beyond typical bugs made by Java programmers, the security vulnerabilities covered include both language-specific issues and problems arising from the runtime environment. All vulnerabilities and their corresponding attacks are demonstrated through easy-to-understand exercises, followed by recommended coding guidelines and possible mitigation techniques.
Participants attending this course will
- Understand the basic concepts of security, IT security, and secure coding
- Learn about web vulnerabilities beyond the OWASP Top Ten and know how to avoid them
- Understand the security concepts of web services
- Learn to utilise various security features of the Java development environment
- Develop a practical understanding of cryptography
- Understand the security solutions offered by Java EE
- Learn about typical coding mistakes and how to avoid them
- Gain information about some recent vulnerabilities in the Java framework
- Acquire practical knowledge in using security testing tools
- Receive sources and further reading recommendations on secure coding practices
Audience
Developers
.NET, C# and ASP.NET Security Development
14 HoursToday, a variety of programming languages can compile code to the .NET and ASP.NET frameworks. This environment offers robust tools for security development, yet developers must understand how to apply architecture- and coding-level programming techniques to implement desired security functions, avoid vulnerabilities, and limit their exploitation.
The aim of this course is to equip developers with the ability to prevent untrusted code from performing privileged actions, protect resources via strong authentication and authorization, provide remote procedure calls, handle sessions, introduce different implementations for certain functionality, and more, through numerous hands-on exercises.
The introduction to various vulnerabilities begins by presenting typical programming problems encountered when using .NET, while the discussion on ASP.NET vulnerabilities covers various environment settings and their impacts. Finally, the topic of ASP.NET-specific vulnerabilities addresses not only general web application security challenges but also special issues and attack methods, such as ViewState attacks and string termination attacks.
Participants attending this course will
- Understand fundamental concepts of security, IT security, and secure coding
- Learn about web vulnerabilities beyond the OWASP Top Ten and how to avoid them
- Learn to utilise various security features within the .NET development environment
- Gain practical knowledge in using security testing tools
- Learn about typical coding mistakes and how to avoid them
- Receive information regarding recent vulnerabilities in .NET and ASP.NET
- Access sources and further reading materials on secure coding practices
Audience
Developers
Secure coding in PHP
21 HoursThis course equips PHP developers with essential skills to build applications resilient against modern internet-based attacks. Web vulnerabilities are explored through PHP-focused examples that extend beyond the OWASP Top Ten, covering a range of injection attacks, script injections, session handling exploits in PHP, insecure direct object references, file upload issues, and more. PHP-specific vulnerabilities are introduced and categorised under standard vulnerability types such as missing or improper input validation, incorrect error and exception handling, misuse of security features, and time- and state-related issues. For the latter, we examine attacks like open_basedir circumvention, denial-of-service via magic floats, and hash table collision attacks. In each scenario, participants will become familiar with the most critical techniques and functions needed to mitigate these risks.
Special attention is given to client-side security, addressing security concerns related to JavaScript, Ajax, and HTML5. A variety of PHP security-related extensions are introduced, including hash, mcrypt, and OpenSSL for cryptography, as well as Ctype, ext/filter, and HTML Purifier for input validation. Best practices for hardening are presented in the context of PHP configuration (setting php.ini), Apache, and server-level settings. Finally, an overview is provided of various security testing tools and techniques available to developers and testers, including security scanners, penetration testing frameworks, exploit packs, sniffers, proxy servers, fuzzing tools, and static source code analyzers.
Both the introduction of vulnerabilities and the configuration practices are reinforced through numerous hands-on exercises. These demonstrate the real-world impact of successful attacks, illustrate how to apply mitigation techniques, and introduce the use of various extensions and tools.
Participants attending this course will
- Understand fundamental concepts of security, IT security, and secure coding
- Learn about web vulnerabilities beyond the OWASP Top Ten and how to prevent them
- Gain knowledge of client-side vulnerabilities and secure coding practices
- Develop a practical understanding of cryptography
- Learn how to utilise various PHP security features
- Identify typical coding mistakes and learn how to avoid them
- Stay informed about recent vulnerabilities in the PHP framework
- Gain hands-on experience with security testing tools
- Access resources and further reading materials on secure coding practices
Audience
Developers
Microsoft SDL Core
14 HoursThe Combined SDL core training offers insight into secure software design, development and testing through the Microsoft Secure Development Lifecycle (SDL). It provides a Level 100 overview of the fundamental building blocks of SDL, followed by design techniques to detect and rectify flaws in the early stages of the development process.
Focusing on the development phase, the course gives an overview of typical security-relevant programming bugs in both managed and native code. Attack methods are presented for the discussed vulnerabilities, along with associated mitigation techniques, all explained through a series of hands-on exercises that provide live hacking experiences for participants. An introduction to different security testing methods is followed by demonstrations of the effectiveness of various testing tools. Participants can understand how these tools operate through practical exercises, applying them to the vulnerable code previously discussed.
Participants attending this course will
Understand basic concepts of security, IT security and secure coding
Become familiar with the essential steps of the Microsoft Secure Development Lifecycle
Learn secure design and development practices
Learn about secure implementation principles
Understand security testing methodology
- Gain access to sources and further reading on secure coding practices
Audience
Developers, Managers
DevOps Security: Creating a DevOps Security Strategy
7 HoursIn this instructor-led, live course in New Zealand, participants will learn how to formulate the appropriate security strategy to address the DevOps security challenge.
EC-Council Certified DevSecOps Engineer (ECDE)
28 HoursThe EC-Council Certified DevSecOps Engineer (ECDE) is a practical course designed to equip professionals with the skills needed to embed security throughout the DevOps lifecycle, enabling secure software development from initial planning through to deployment.
This instructor-led, live training (available online or on-site) is tailored for intermediate-level software and DevOps professionals who aim to integrate security practices into CI/CD pipelines, ensuring secure and compliant code delivery.
By the conclusion of this training, participants will be able to:
- Grasp the core principles and practices of DevSecOps.
- Secure each stage of the CI/CD pipeline using automated tools.
- Implement secure coding standards and conduct vulnerability scanning.
- Prepare for the ECDE certification through hands-on labs and review sessions.
Course Format
- Interactive lectures and group discussions.
- Practical application of DevSecOps tools within simulated pipelines.
- Guided exercises focused on secure development and deployment.
Course Customisation Options
- To request a customised training session for this course based on your team's workflows or toolchain, please contact us to make arrangements.
FreeIPA for Administrators
14 HoursThis instructor-led, live training in New Zealand (delivered online or on-site) is designed for system administrators who wish to use FreeIPA to centralise authentication, authorisation and account information for their organisation's users, groups and machines.
By the end of this training, participants will be able to:
- Install and configure FreeIPA.
- Manage Linux users and clients from a single central location.
- Use FreeIPA's CLI, Web UI and RPC interface to set up and manage permissions.
- Enable Single Sign-On authentication across all systems, services and applications.
- Integrate FreeIPA with Windows Active Directory.
- Backup, replicate and migrate a FreeIPA server.
Identity and Access Management with Okta
14 HoursThis instructor-led, live training in New Zealand (online or on-site) is designed for system administrators who wish to use Okta for identity and access management.
By the end of this training, participants will be able to:
- Configure, integrate, and manage Okta effectively.
- Integrate Okta into existing applications.
- Implement robust security measures using multi-factor authentication.
OpenLDAP for Linux Systems
7 HoursOpenLDAP is an open-source software used to implement the Lightweight Directory Access Protocol (LDAP), which enables the management and access to directory information. It is a popular directory server that can be used to store and share data about users, groups, network resources, and other objects in a network.