Loading...
Loading...
Security+, SOC analyst, incident response, forensics, and GCFA prep — delivered by practitioners who run real DFIR investigations and Malaysian BNM RMiT-aligned IR engagements.
NACSA's annual cybersecurity reports consistently highlight the same bottleneck: Malaysia has enough security awareness training in the market, but severely insufficient capacity at the analyst and responder tier — the people who actually triage alerts at 2am, contain a ransomware outbreak before it laterally moves to the domain controller, and reconstruct what happened during a forensic investigation.
Bank Negara's RMiT framework now mandates documented incident response capability, 24/7 monitoring, and incident notification to BNM within prescribed timelines. GLCs and NCII operators under the Cyber Security Act 2024 face parallel obligations. The consequence is structural demand for trained SOC analysts, IR practitioners, and forensics-capable security staff — not just certified managers.
nCrypt defensive training is built for that gap. Courses are lab-heavy, scenario-driven, and calibrated to the Malaysian threat landscape: ransomware groups targeting Malaysian SMEs, phishing campaigns mimicking LHDN and Maybank, and BEC (Business Email Compromise) fraud affecting Malaysian manufacturing exporters.
The industry-standard entry-level security certification validated by CompTIA. Covers threats, vulnerabilities, cryptography, network security, identity management, and incident response fundamentals. Globally recognised, RMiT-relevant for Malaysian bank IT staff, and widely required by GLCs and MNCs.
Purpose-built for Malaysian SOC analysts starting out or needing a structured upskill. Covers the full SOC analyst workflow: alert triage, SIEM correlation rules, threat detection, log analysis, IOC enrichment, and escalation procedure — anchored to a Splunk-based lab that mirrors common Malaysian bank and telco SOC tooling.
Practical incident response course aligned to NIST SP 800-61r3 and BNM RMiT incident notification timelines. Combines hands-on triage labs with a full live-fire tabletop exercise on Day 3. Participants leave with a personalised IR playbook template and hands-on memory forensics experience using Volatility.
Hands-on introduction to digital forensics methodology covering evidence acquisition, chain of custody, disk imaging, file system forensics, browser artefact analysis, and a PDPA-compliant data-handling framework for Malaysian investigations. Uses open-source tooling (Autopsy, FTK Imager, Volatility) suitable for internal investigation teams.
Advanced forensic analysis course covering the full GCFA exam syllabus: Windows intrusion forensics, memory analysis, timeline analysis, lateral movement artefacts, and advanced threat actor TTP mapping. Participants must purchase the GIAC GCFA exam voucher independently. Ideal for DFIR leads and SOC Tier 3 analysts.
| Course | Date | Mode | Fee |
|---|---|---|---|
| CompTIA Security+ | 14–18 Jul 2026 | Kuala Lumpur | RM 4,200 |
| SOC Analyst Fundamentals | 17–20 Aug 2026 | Virtual (VILT) | RM 4,800 |
| Incident Response Practitioner | 8–10 Sep 2026 | Kuala Lumpur | RM 4,500 |
| Digital Forensics Fundamentals | 6–8 Oct 2026 | Kuala Lumpur | RM 4,500 |
| GCFA Preparation | 16–19 Nov 2026 | Virtual (VILT) | RM 7,500 |
All fees are per participant and HRDC SBL-Khas claimable. Group discounts available for 5+ participants from the same organisation.
Security+ and CEH serve different purposes. Security+ is the foundational credential — broad, vendor-neutral, widely accepted by Malaysian employers including banks and GLCs as a hiring baseline or IT staff upskill marker. CEH is an offensive-leaning credential that validates ethical hacking technique knowledge. If you are in IT operations or compliance, start with Security+. If you are heading toward a security analyst or pentest role, CEH (or even CPTE) is more directly relevant.
The course is designed to align with BNM RMiT §10.63-10.65 (incident management, notification timelines) and NIST SP 800-61r3. Completing it demonstrates that your incident response team has received documented, structured training — which BNM examiners consider as part of their technology risk review. It does not replace a formal CSIRT policy or BNM notification programme, but it satisfies the training element.
The course covers Malaysian legal context (Evidence Act 1950, PDPA 2010 as amended, CMA 1998) and chain-of-custody procedures required for evidence admissibility. Whether evidence produced using these methods is admissible depends on how the collection was conducted and the court's evaluation. We teach the correct procedures; legal advice on a specific case should come from a qualified Malaysian lawyer.
SOC Analyst Fundamentals labs use Splunk (Community Edition) because it is the most common SIEM platform in Malaysian enterprise and the one BNM-regulated institutions most frequently deploy. We supplement with Microsoft Sentinel exposure where cohorts include Azure-focused organisations. In-house cohorts can request labs tailored to your live SIEM platform (IBM QRadar, LogRhythm, etc.).
Yes — and we recommend it for organisations building a DFIR (Digital Forensics and Incident Response) capability. We offer a combined 5-day DFIR track that blends both curricula with a single 4-hour live-fire exercise on the final afternoon. It is available as a public intake or an in-house cohort. Contact us for combined pricing.
Yes. All nCrypt defensive security courses are registered with HRD Corp under SBL-Khas. We provide the full documentation pack — course code, T3 trainer credentials, official outline, attendance sheets, and post-training claim documents — on enrolment.
Send us your team's current skill level and sector — we'll recommend a sequenced curriculum and prepare your HRDC SBL-Khas claim pack.