NB! The last registration day is 19.10.2026

This training provides an opportunity to gain basic knowledge in the field of software testing – process management, planning and test reporting. At the end of the training, after successfully passing the final examination, the international ISTQB® certificate – ISTQB Foundation Level Exam for ISTQB CTFL Certification – ISTQB Official Registration (astqb.org) is obtained.

At the end of this course, participants will achieve the following skills:

• use a common language for effective communication with other testers and project partners;
• understand main testing concepts, the essence of the testing process, testing approaches and principles to achieve testing goals;
• plan and prioritize testing tasks using selected testing techniques;
• analyze both functional and non-functional specifications;
• perform tests according to agreed testing plans, as well as analyze and report test results;
• write a clear overview of incidents;
• participate in test reports.

Target audience and prior prerequisites: Everyone who is going to participate in software testing process.

Prerequisites: Basic knowledge of system testing and experience in the IT industry.

Technology needed for the course: A Windows operating system computer with permissions to install and configure applications.

Those who do not have the necessary computer can rent it by agreement with BCS Training. Please inform the training company in advance.

Course outline 

• Introduction to software testing:
  • Basic elements of testing;
  • Definitions of testing;
  • Test objectives;
  • General principles of testing;
  • Testing processes;
  • Psychology of testing.
• Testing through the full software development lifecycle:
  • Software development models;
  • Verification and validation;
  • Testing levels – unit testing, integration testing, system testing, and acceptance testing;
  • Regression testing;
  • Testing and development.
• Static testing techniques:
  • Types of inspection;
  • Inspection process (overview);
  • Roles and responsibilities in reporting;
  • Reporting success factors;
  • Static analysis tools.
• Test design techniques:
  • Test development process;
  • Documentation;
  • Types of test design techniques;
  • Specification-based techniques (black box);
  • Structure-based techniques (white box);
  • Experience-based techniques;
  • Criteria for the selection of testing techniques.
• Test management:
  • Organization of testing;
  • Organization of the team: roles and responsibilities;
  • Planning and evaluation of testing;
  • Monitoring and control of testing progress;
  • Configuration management;
  • Risk management;
  • Classification and management of defects.
• Test support tools:
  • Selection considerations;
  • Types of testing tools;
  • Effective use of tools: potential benefits and risks;
  • Classification of tools.

Study methods: You can participate in the study by joining the training through the online environment Teams. The volume of training is 24 hours incl. 12 hours of practical exercises or group work in the training environment.

Assessment method: The achievement of learning outcomes is assessed on the basis of feedback-based practical exercises or group works carried out during the training.

Completion of training: Each participant receives a certificate of attendance after the course, the official certificate is awarded only when the exam is taken and passed within one year after the course (exam registration must be done within 6 months after completing the course).

The price includes: Study materials and examination cost (must be registered 6 months after the course and passed 12 months after the course.

Assessment method: The achievement of learning outcomes is assessed on the basis of feedback-based practical exercises or group works carried out during the training.

Curriculum group: 0612 Database and network design and management.

NB! The last registration day is 21.09.2026

The CISM (Certified Information Security Manager) course is designed for professionals who manage, design, and oversee an enterprise’s information security program. This course covers essential topics like information risk management, governance, incident management, and program development and management. Upon completion, participants will be well-equipped to handle the challenges of securing and protecting valuable information assets within their organizations.

The Course helps to prepare for the CISM Certification | Certified Information Security Manager | ISACA

Upon successful completion of this course, students will be able to:

• Establish and maintain a framework to provide assurance that information security strategies are aligned with business objectives and consistent with applicable laws and regulations;
• Identify and manage information security risks to achieve business objectives;
• Create a program to implement the information security strategy;
• Implement an information security program;
• Oversee and direct information security activities to execute the information security program;
• Plan, develop, and manage capabilities to detect, respond to, and recover from information security incidents.

Target audience:

The intended audience for this course is information security and IT professionals, such as network administrators and engineers, IT managers, and IT auditors, and other individuals who want to learn more about information security. Also those, who are interested in learning in-depth information about information security management, who are looking for career advancement in IT security, or who are interested in earning the CISM certification.

Prerequisites:

To ensure your success, the students taking this course should have professional experience in information security in at least one of the following areas:

• Information security governance
• Information risk management
• Information security program development
• Information security program management
• Incident management and response

Technology needed for the course: A Windows operating system computer with permissions to install and configure applications.

Those who do not have the necessary computer can rent it by agreement with BCS Training. Please inform the training company in advance.

Course outline:

• Information security governance
• Information risk management
• Information security program
• Incident management

Study methods: You can participate in the study by joining the training through the online environment Teams. The volume of training is 40 hours incl. 20 hours of practical exercises or group work in the training environment.

Assessment method: The achievement of learning outcomes is assessed on the basis of feedback-based practical exercises or group works carried out during the training.

Completion of training: Each participant receives a certificate of attendance after the course, the official certificate is awarded only when the exam is taken and passed within one year after the course (exam registration must be done within 6 months after completing the course).

The price includes: Study materials and examination cost (must be registered 6 months after the course and passed 12 months after the course.

Õppekavarühm: 0612 Andmebaaside ja võrgu disain ning haldus.

NB! The last registration day is 14.10.2026

In this 3-day course, you will get a comprehensive overview of the TOGAF® 10 standard, which is one of the most widely used and recognized enterprise architectural solutions in the world. You will learn how TOGAF® 10 helps build and manage effective and sustainable business architectures that support business goals and strategies. (veel …)

NB! The last registration day is 21.09.2026

The course introduces tools and tactics to manage cybersecurity risks, identify various types of common threats, evaluate the organization’s security, collect and analyze cybersecurity intelligence, and handle incidents as they occur. (veel …)

NB! The last registration day is 14.09.2026

Within the course, we offer the opportunity to master the latest version of PRINCE2® – the 7th edition, enhanced with more contemporary tools, technologies, and processes for all types of projects. PRINCE2® 7th edition Foundation-level training lasts for 3 days and is suitable for anyone looking to start or further their career in project management using a modern and internationally recognized method.

During the training, participants will gain an understanding of the method’s key processes, principles, and themes to ensure that project management aligns with all 21st-century standards and requirements.

Course target

Audience

NB! The last registration day is 31.08.2026

This 3-day SQL Basics course is suitable for those with little prior knowledge. It teaches about the structure and operating principles of SQL databases, Familiarizes participants with the main SQL commands and functions and practically teaches them how to create simple SQL requests.  (veel …)

This five-day course provides you with the knowledge, skills, and abilities to achieve competence in deploying, managing, operating and securing private cloud using VMware Cloud Foundation® (VCF). You will learn about the architecture of VCF, storage and network management, licensing, and certificates. In addition to workload domains, availability, and life cycle management, the course also covers upgrade scenarios.

(veel …)

This five-day course provides you with the knowledge, skills, and abilities to achieve competence in deploying, managing, operating and securing private cloud using VMware Cloud Foundation® (VCF). You will learn about the architecture of VCF, storage and network management, licensing, and certificates. In addition to workload domains, availability, and life cycle management, the course also covers upgrade scenarios.

(veel …)

Koolituse eesmärk: Kolmepäevase praktilise koolituse tulemusel, saavad osalejad teadmised SQL päringukeele olemusest, dialektitest. Samuti praktilised oskused kasutada SQL funktsioone andmete puhastamiseks ja analüüsiks. Lisaks teadmised tehisaru (AI) olemusest ning kasutamisest SQL päringute kirjutamiseks.

Koolituse eduka läbimise korral on osalejal ettevalmistus  Hackerrank SQL Basic sertifikaat eksami sooritamiseks.

Sihtrühm ja eelteadmised: Koolitusele on oodatud kõik, kes soovivad arendada oma teadmisi ja oskusi andmebaasidest päringute tegemiseks. Osalejal peavad olema eelnevalt keskmised oskused arvuti käsitlemisel ning varasem kogemus andmete töötlemisega (nt Excel, Power BI, Tableau vms).

Õppevahendid: Arvuti, millel on õigused rakenduste installeerimiseks ja seadistamiseks. Kursuse käigus kasutatakse vabalt kättesaadavaid tarkvarasid: XAMPP ja Visual Studio Code.

Osalejal, kellel puudub vajalik õppevahend, on võimalus see BCS Koolituselt rentida. Palume sellest koolitusettevõtet eelnevalt teavitada.

Programm:
I koolituspäev 22.10.2026
Moodul 1 – Andmebaasid ja SQL päringukeel (2 ak h)

• Seminar, mis annab ülevaate andmebaaside ning SQL päringukeele olemusest, põhitõdedest ning kasutamise parimatest tavadest.

Moodul 2 – Kohaliku andmebaasi üles seadmine, sellega ühendumine ning andmete üles laadimine (2 ak h)

• Praktikum, mille käigus seatakse üles kohalik andmebaas ning laetakse üles andmed.

Moodul 3 – Andmete kvaliteedi kontroll ja puhastamine (5 ak h)

• Praktikum, mille käigus tehakse läbi terviklik andmete kvaliteedi kontrolli ja puhastamise protsess näidisandmestiku põhjal. Kasutatavad käsud: SELECT, DISTINCT, COUNT, MIN, MAX, AVG, LENGTH, CASE WHEN, CAST, ORDER BY, WHERE, CREATE TABLE.

II koolituspäev 23.10.2026
Moodul 4 – Andmeanalüüs (5 ak h)

• Seminar, mille käigus vaadatakse üle tabelite ühendamise loogika.
• Praktikum, mille käigus vastatakse küsimustele näidisandmestiku põhjal. Kasutatavad käsud: AVG, SUM, ROUND, GROUP BY, WITH (CTE), alampäringud.

Moodul 5 – Tehisaru (AI) tugi SQL päringute loomisel (4 ak h)

• Seminar, mille käigus tutvustatakse generatiivse tehisaru (AI) olemust, eri töövahendeid ning mudeleid.
• Praktikum, mille käigus kasutatakse tehisaru (AI) SQL päringute loomiseks ning tulemuste tõlgendamiseks.

III koolituspäev 29.10.2026
Moodul 6 – SQL – Case Study (9 ak h)

• Seminar, mille käigus osalejad saavad vastused vahepeal tekkinud küsimustele.
• Praktikum, mille käigus tehakse läbi terviklik andmete puhastamise ja andmeanalüüsi projekt.

Õppemeetodid: Õppetöös saab osaleda klassiruumi tulles või liitudes koolitusega läbi veebikeskkonna Zoom.

Koolituse maht on 27 akadeemilist tundi sh 7 akadeemilist seminari ning 20 akadeemilist tundi praktikumi.

Hindamismeetod: Praktiliste harjutuste sooritamine koolituse käigus.

Hindamiskriteerium: Õpiväljundite saavutamist hinnatakse koolituse ajal läbi viidud tagasisidestatud praktiliste harjutuste põhjal.

Koolituse lõpetamine: Koolituse lõpetaja saab tunnistuse, kui sooritab kõik koolituse jooksul antud praktilised harjutused.  Osalejatele, kes õpiväljundeid saavutanud ei ole, väljastatakse soovi korral tõend koolitusel osalemise kohta.

Hind sisaldab: Kohvipause koolituskeskuses ja ühiseid lõunasööke.

Õppekavarühm: 0613 Tarkvara ja rakenduste arendus ning analüüs

Hands-on Hacking Advanced (HOHA) is a follow-up course to our Hands-on Hacking Essentials (HOHE)training.

Target audience: System administrators, information security specialists and -managers and any other IT personnel that is not afraid of the shell or command prompt.

Pre-requisites : Prior HOHE participation is required to take this course to ensure minimum same level of participants.

Training methods: Trainers will engage participants with lectures, live attack demonstrations and practical examples followed by individual hands-on exercise scenarios. Training is interactive,
practical, and besides active participation also full of attack stories that help to change the perspective and understanding of real life security threats.

Ideology of this training: The main differences between hacking and penetration testing are the intent and (imposed) limitations. Therefore, the idea behind this training is to see practical
information security from the attacker’s or “opposing team’s” point of view and to deliver first-hand experience or running attacks. Everyone will walk through the phases of an attack until successfully owning various systems and services. There are plenty of attack scenarios to play through and to complete scored objectives. Since the expected participants’ skill and experience level is varying to a large degree, we cover a mix of *nix and Windows world and focus on explaining key concepts and on showing real attacks even to those who have never compiled or launched any exploits before.

Training objectives: During the 3 days hands-on training experience the participants should build upon HOHE training in understanding of current attacker tool-sets, attack types and methods. By experiencing the attacker mindset and point of view via hands-on exercises the participants will use Tuoni C2 and other tools from a Red Teaming perspective in order to understand what it takes in terms of individual skills to be a red team member.

Intended outcome: During the 3 day hands-on training experience the participants should form a good understanding of current attacker tool-set, attack types and methods. By experiencing the
attacker mindset and point of view via hands-on exercises the participants not only will gain much higher appreciation for attack threats, but will be much more alert and better prepared for their own IT systems defense.

Day 1

Warm-up scenario – Introduction to C2 frameworks using Tuoni. Learn to create and deliver client-side attacks that are not recognized as malicious neither by the user nor various security
products. Examples of common initial access vectors. Since all participants are expected to have completed our HOHE (Hands-on Hacking Essentials) course, we pick up speed fast and there is no time for much “spoon feeding”.

Mission: Your mission, should you choose to accept it, is to help a victim of ransomware attack. From the darknet ransomware site you discover that there is an actual company offering ransomware as SaaS and you dig deeper…

Iron Argon Development – a company “Network Takeover ” scenario of fully patched and properly configured networks. After initial reconnaissance of the target domain and public facing services we gain an initial foothold by sending phishing e-mail. Using in memory execution of different tools we gather information from infected workstation and set up persistence.

Day 2

Iron Argon Development – a company “Network Takeover ” scenario (continues)
Explanation of common .NET offensive tools for enumeration. Using Python and Tuoni API we enhance our C2 user experience. Explanation of kerberoasting. Side mission to recover domain accounts passwords from kerberoasted hashes with Hashcat. Enumeration of AD using Bloodhound. Discovering next targets and potential attack paths from Bloodhound. Lateral movement using different tunneling and C2 features inside the organization network. Bypassing applocker restrictions to execute our malware.

Day 3

Iron Argon Development – a company “Network Takeover ” scenario (continues)
We continue moving around inside the network, elevating our privileges using common misconfiguration. We steal kerberos ticket from the owned system and implant it into memory to
gain more access inside the domain. ADCS misconfigurations are common and Iron Argon Development network is not an exception here. We abuse ADCS misconfiguration to gain even more
access inside the domain and then laterally move with new permissions inside the isolated development network segment relaying our C2 traffic via SMB beacon. Side mission to take over other
servers including source code repository and backdoor the ransomware.

Mission ending
Having obtained the ransomware binary, we reverse engineer it and discover a decryption key for the victims. We finish the course with the final feedback round, re-iterate what we learned in the process and ask your opinion of the course to continuously improve the content and learning experience.

Delivery: We can deliver on-site at group pricing anywhere in the world where good broadband connection is available. Ask us for the group pricing or for times and locations of our public courses.

More information: read from here.