By partnering with leading platforms like Hack The Box, or collaborating with world-class instructors we have created cutting-edge, instructor-led cybersecurity courses based on industry-ready standards that are highly interactive, hands-on, and offer actionable knowledge to your team.
Purple teaming brings together the strengths of both red and blue teams to ensure your defense is as robust as it can be. Secure your infrastructure and outsmart cyber threats with a tailored strategy.
Boost your organization’s defenses with custom-designed cybersecurity training tailored to your industry standards. From beginner-level awareness to advanced threat detection and response, we develop training that meets your unique compliance requirements and security challenges.
This Cookie Policy was last updated on March 28, 2024 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
1. Introduction
Our website, https://cyberhelmets.com (hereinafter: “the website”) uses cookies and other related technologies (for convenience all technologies are referred to as “cookies”). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Statistics cookies
We use statistics cookies to optimize the website experience for our users. With these statistics cookies we get insights in the usage of our website. We ask your permission to place statistics cookies.
5.3 Advertising cookies
On this website we use advertising cookies, enabling us to personalize the advertisements for you, and we (and third parties) gain insights into the campaign results. This happens based on a profile we create based on your click and surfing on and outside https://cyberhelmets.com. With these cookies you, as website visitor are linked to a unique ID, so you do not see the same ad more than once for example.
5.4 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
Because these cookies are marked as tracking cookies, we ask your permission to place these.
6. Placed cookies
WooCommerce
Functional
Usage
We use WooCommerce for webshop management. Read more
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on “Save preferences”, you consent to us using the categories of cookies and plug-ins you selected in the pop-up, as described in this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
You have loaded the Cookie Policy without javascript support. On AMP, you can use the manage consent button on the bottom of the page.
7.2 Vendors
The TCF vendorlist is not available when JavaScript is disabled, like on AMP.
These are the partners we share data with. By clicking into each partner, you can see which purposes they are requesting consent and/or which purposes they are claiming legitimate interest for.
You can provide or withdraw consent, and object to legitimate interest purposes for processing your personal data. However, please note that by disabling all data processing, some site functionality may be affected.
7.2.1 Consent
Below you can give and withdraw your consent on a per purpose basis.
StatisticsMarketing
7.2.2 Legitimate Interest
Some Vendors set purposes with legitimate interest, a legal basis under the GDPR for data processing. You have the "Right to Object" to this data processing and can do so below per purpose.
StatisticsMarketing
7.2.2 Special features and purposes
Special features
For some of the purposes we and/or our partners use below features.
Special purposes
We and/or our partners have a legitimate interest for the following two purposes:
Features
For some of the purposes above we and our partners
7.2.3 Vendors
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
Right of access: You have the right to access your personal data that is known to us.
Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Data Protection Authority).
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
This Cookie Policy was synchronized with cookiedatabase.org on April 17, 2025.
Manage your privacy
To provide the best experiences, we and our partners use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us and our partners to process personal data such as browsing behavior or unique IDs on this site and show (non-) personalized ads. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Click below to consent to the above or make granular choices. Your choices will be applied to this site only. You can change your settings at any time, including withdrawing your consent, by using the toggles on the Cookie Policy, or by clicking on the manage consent button at the bottom of the screen.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Microsoft Defender for Cloud & Microsoft Defender EASM
Fundamentals and Setup
Overview of Android’s architecture and ecosystem dynamics.
Exploration of security features native to Android using Java, Kotlin, C++, and Rust.
Mobile Application Threat Model a) Differences between mobile and web application threat models. b) Applying threat modeling techniques specifically to mobile applications. c) Case studies highlighting potential threats and vulnerabilities. d) How do we secure and test cross platform apps (e.g. ReactNative, Xamarin, etc).
Introduction to industry mobile security standards a) OWASP Mobile Application Security (MAS) project b) Effective usage of the Mobile Application Security Verification Standard (MASVS). c) Effective usage of the Mobile Security Testing Guide (MSTG). d) Overview of the OWASP top 10 for mobile.
Setting up and preparing a mobile security testing lab a) Configuration of industry-standard tools and guidance on their appropriate use. b) Setup of virtual mobile devices using Corellium, including its advantages. c) Introductory exercises to familiarize with the tools.
Secure Coding Overview a) Exercises to identify vulnerabilities in code examples b) Discussion of the appropriate mechanisms for remediation c) Practical session on remediation and re-testing the app
Secure storage a) Overview of application storage mechanisms. b) Introduction to cryptographic storage solutions on Android.
Advanced Techniques and Practical Application
Mobile penetration testing methodology a) Methodologies used in real-world scenarios with practical tips and tricks.
Identifying issues with backend APIs a) Examination of client-side trust issues. b) Analysis of insecure communications including certificate validation and pinning.
Cryptography in Android apps a) Utilization of Android’s Crypto APIs. b) Implementation of native cryptography using libraries like libnacl and OpenSSL. c) Management of cryptographic keys.
Authentication and Authorization a) Testing client-side authentication mechanisms, including secure usage of biometrics. b) Strategies to detect and bypass authentication flaws. c) Security measures for API authentication.
Android IPC a) Detailed exploration of Intents, deep links, Binders/services, and broadcast receivers.
Webviews a) Identifying and resolving common security issues in Android Webview configurations.
Software Composition Analysis (SBOM) a) Techniques to determine the components of an Android app. b) Identifying known vulnerabilities within these components.
Mobile Device Management (MDM) a) Introduction to Mobile Device Management: definition, core features, and its role in enhancing organizational security. b) Discussion on the benefits and practical applications of MDM in controlling and securing mobile devices across an enterprise.
Mobile Application Management (MAM) a) Overview of Mobile Application Management: what it entails and its significance in enterprise environments. b) Exploration of how MAM contributes to managing and securing applications specifically, detailing its utility for enterprise security strategies.
Advanced Techniques and Practical Application
Mobile penetration testing methodology a) Methodologies used in real-world scenarios with practical tips and tricks.
Identifying issues with backend APIs a) Examination of client-side trust issues. b) Analysis of insecure communications including App Transport Security issues & certificate pinning.
Cryptography in IOS apps a) Utilization of iOS’s CryptoKit & CommonCrypto APIs. b) Implementation of native cryptography using libraries like libnacl and OpenSSL. c) Management of cryptographic keys and leveraging the secure enclave.
Authentication and Authorization a) Testing client-side authentication mechanisms, including secure usage of Local Authentication (biometrics). b) Strategies to detect and bypass authentication flaws. c) Security measures for API authentication. d) Using Device Check and App Attest
iOS IPC a) Detailed exploration of URL schemes, deep (universal) links, and extensions.
Webviews a) Identifying and resolving common security issues in iOS Webview configurations.
Software Composition Analysis (SBOM) a) Techniques to determine the components of an iOS app. b) Identifying known vulnerabilities within these components.
Implementing App Integrity a) What to look for b) How to implement
Mobile Device Management (MDM) a) Introduction to Mobile Device Management: definition, core features, and its role in enhancing organizational security. b) Discussion on the benefits and practical applications of MDM in controlling and securing mobile devices across an enterprise.
Mobile Application Management (MAM) a) Overview of Mobile Application Management: what it entails and its significance in enterprise environments. b) Exploration of how MAM contributes to managing and securing applications specifically, detailing its utility for enterprise security strategies.
Fundamentals & Setup
Overview of iOS’s architecture and ecosystem dynamics.
Exploration of security features native to to iOS using Objective-C, Swift, and C(++).
Mobile Application Threat Model a) Differences between mobile and web application threat models. b) Applying threat modeling techniques specifically to mobile applications. c) Case studies highlighting potential threats and vulnerabilities. d) How do we secure and test cross platform apps (e.g. ReactNative, Xamarin, etc).
Introduction to industry mobile security standards a) OWASP Mobile Application Security (MAS) project b) Effective usage of the Mobile Application Security Verification Standard (MASVS). c) Effective usage of the Mobile Security Testing Guide (MSTG). d) Overview of the OWASP top 10 for mobile.
Setting up and preparing a mobile security testing lab a) Configuration of industry-standard tools and guidance on their appropriate use. b) Setup of virtual mobile devices using Corellium, including its advantages. c) Introductory exercises to familiarize with the tools.
Secure Coding Overview a) Exercises to identify vulnerabilities in iOS code examples b) Discussion of the appropriate mechanisms for remediation c) Practical session on remediation and re-testing the app
Secure storage a) Overview of application storage mechanisms. b) Introduction to cryptographic storage solutions on iOS.
