Training

Overview

Security is a team sport. Opcode delivers training programs that give your people the knowledge and skills they need — whether that’s security awareness for the whole organisation or deep technical training for your engineering team.

All training is tailored to your context. Opcode uses examples from your industry, your technology stack, and (where appropriate) your own systems to make the training immediately relevant and actionable.

What’s included

• Security awareness training — For all staff. Covers phishing, social engineering, password hygiene, data handling, and incident reporting. Practical and engaging — not a compliance checkbox exercise.
• Secure coding workshops — For developers. Hands-on training covering common vulnerability patterns (injection, XSS, broken authentication, insecure deserialization) with exercises in your team’s primary language and framework.
• Cloud security fundamentals — For engineers and architects. AWS, Azure, or GCP security concepts: IAM, network security, encryption, logging, and common misconfigurations.
• Incident response exercises — Tabletop exercises that walk your team through realistic incident scenarios. Tests your response plans, communication processes, and decision-making under pressure.
• Framework deep-dives — Focused sessions on specific frameworks (Essential Eight, NIST CSF, ISO 27001) for teams responsible for implementation or compliance.

How it works

1. Scoping — Understanding your team, their current knowledge level, and what outcomes you need from the training.
2. Customisation — Tailoring content, examples, and exercises to your organisation’s context.
3. Delivery — Half-day or full-day sessions, delivered in person or remotely.
4. Follow-up — Post-training resources and optional follow-up sessions to reinforce key concepts.