電子金融基盤施設及び主要情報通信基盤施設2025バージョン及び最新パブリッククラウド、ハイパーバイザー、コンテナ(AWS、ESXi、K8s等)リスク評価

Training for obtaining ISMS-P and ISO27001/ISO27701 certifications.

Develop a system to submit annual activity performance including establishment of information security regulations and preparation of various activity evidence by applying domestic and international certification standards related to information protection management systems and internal/external audit criteria for Risk assessment standards for management and physical sectors of major information and communication infrastructure facilities revised in the second half of 2025. Establish activity plans for enhancing information security levels compared to last year in response to external environmental changes (AI, etc.), internal environmental changes (new systems and employee changes including external staff), and prepare for legal amendments and new evaluation indicators. In particular, objectively and thoroughly inspect various activities to strengthen accident prevention systems such as personal information leakage due to hacking, establish plans for central (headquarters) management and supervision of all departments and safe management and supervision of service companies, operate DevSecOps systems following the establishment of AI systems, operate PbD adequacy review systems, etc. Based on performing expanded monitoring areas, regular inspection report areas, external disclosure areas, data integration system inspections (API, MyData, etc.), establishment of network separation improvement plans according to N2SF, advancement of Zero Trust application, etc. *Possessing over 150 references for establishing and applying world's first highest-level information security and personal information protection activity and system enhancement plans

Risk assessment plans for network equipment, security equipment, and control systems based on the revised major information and communication infrastructure standards for the second half of 2025, and education for vulnerability elimination through the application of years of know-how and fast and accurate inspection and improvement measures In particular, expectations for efforts to secure inspection speed and improvement plans according to the designation of ISMS-P certification and ISO27001 certification scope Experience with network equipment, security equipment, and control systems that have relatively lower accessibility compared to servers, DB, WEB, WAS, PC, and Cloud (Public, Private), making environment setup difficult

Electronic Financial Infrastructure Vulnerability Analysis and Assessment based on 2025 standards, DBMS, WAS(PaaS), PC explained based on the Major Information and Communication Infrastructure standards revised in the second half of 2025 And penetration testing explained based on the standards revised in the second half of 2025 Additionally, mobile penetration testing as well Expected skill improvement through know-how transfer and fast and accurate inspection methods and remediation measures

This is the standard for vulnerability analysis and risk assessment according to the revision of major information and communication infrastructure standards in the second half of 2025. Additionally, this is analyzed information about kernel and various changes according to the latest versions of Unix OS and Windows OS. By applying default values for rapid risk assessment and reflecting various failure risks, you can use this for study purposes or as follow-up data acquisition to reach the highest domestic level through prompt measures.

Work training to check compliance with personal information-related laws and proactively prevent personal information leaks by analyzing personal information flow, including ISMS-P, ISO27701, and Privacy Impact Assessment. Work education for establishing a personal information management system.

Training on assessing the current status and inspecting personal (credit) information processing systems, pursuant to the Notification on Personal Information Security Measures and Appendix 3 of the Supervisory Regulations on Credit Information Act.

Training on Inspection Know-how for Data Privacy Officers, Operational Staff, and Entrusted Parties Subject to Consulting Providing Improvement Measures for Insufficient Oversight of Entrusted Parties and Detailed Explanations of Inspection Methods

This is the standard for vulnerability analysis and risk assessment according to the revision of major information and communication infrastructure standards in the second half of 2025. Additionally, this is analyzed information about kernel and various changes according to the latest versions of Unix OS and Windows OS. By applying default values for rapid risk assessment and reflecting various failure risks, you can use this for study purposes or as follow-up data acquisition to reach the highest domestic level through prompt measures.

Electronic Financial Infrastructure Vulnerability Analysis and Assessment based on 2025 standards, DBMS, WAS(PaaS), PC explained based on the Major Information and Communication Infrastructure standards revised in the second half of 2025 And penetration testing explained based on the standards revised in the second half of 2025 Additionally, mobile penetration testing as well Expected skill improvement through know-how transfer and fast and accurate inspection methods and remediation measures

This is the CPPG WIN course, a shortcut to obtaining the CPPG certification. This is a theoretical course for passing the 2025 CPPG certification, reflecting the recent 6 exam trends.

This is a theoretical/practical training course to prepare for the certification exam for those who dream of becoming an ISMS-P certification auditor in 2025. It is an extended version that includes general ISMS-P and financial ISMS-P.

You can effectively study the contents of the Information Security Engineer practical exam questions and obtain the Information Security Engineer practical qualification.

You can understand the concept and technology of blockchain and conduct ISMS-P certification audits specialized for virtual asset exchanges.

This course systematically teaches practical Docker skills (installation→operation→automation→security) and comprehensively covers the latest security threats and countermeasures in each section. It features a hands-on approach where you learn by following along with practical exercises. This curriculum is highly recommended for DevOps engineers, infrastructure engineers, and security practitioners who want to experience the latest container/cloud environments in real-world scenarios.

This lecture provides a general guide on how to prepare while studying when you want to choose a career in IT security penetration testing, and what questions and answers to prepare for the interview. I will share my experience working as a penetration testing consultant, at large companies, and in the financial sector, and currently running a penetration testing consulting business.

This is a course where you can learn the basics of web technology. You can learn the basics of web technology in a short period of time. If you are interested in studying or getting a job related to the web, you must take this course!

IT services are rapidly transitioning to cloud environments. You will learn security practices from basic virtual infrastructure construction to security threat monitoring and vulnerability diagnosis for each area to secure the Amazon AWS cloud environment.