Resolution of the Prime Minister of RK No. 7 · Mandatory in 2026

Training cybersecurity specialists for the state and CIIC.

Authorized programs of the Center for Practical Knowledge and Competencies JSC "State Technical Service", deployed on the simulation platform Interactive Range — a unified training framework for ISOC staff, government agencies, and CIIC owners.

Course Catalog →Why it's mandatory

Training operator

JSC "State Technical Service"

75.3%

of organizations worldwide suffered from ransomware attacks in 2023 (Statista).

31%

of Kazakhstani organizations fell victim to cyberattacks, of which 34% — malware infections (Kaspersky Lab).

41%

of successful attacks led to confidential data leaks, 37% — to disruption of core operations.

Tailored Workflows

Four requirements of Resolution No. 7 — four training tracks.

Each program addresses a specific obligation of government agencies and CIIC owners to information security operations centers.

Cybersecurity audit and resilience assessment

Penetration testing, information system security assessment, OWASP Top 10 vulnerability detection.

→ → CSCP · Pentester

Monitoring, analysis and threat forecasting

Working with SIEM (Splunk), MISP, IS event correlation, RK legislation — everything an ISOC analyst needs.

→ → CSSA · SOC Analyst

Investigation and technical incident examination

Digital forensics, evidence collection and preservation, Volatility memory analysis, NTFS and registry artifacts.

→ → DFIR · Windows

Response, containment and neutralization

Static and dynamic malware analysis, reverse engineering, unpacking, anti-debugging countermeasures.

→ → CSCMA · Malware Analyst

Advanced Controls

CyberShield certification tracks from JSC GTS.

All programs are approved by the First Deputy Chairman of the Board — Head of the Center for Practical Knowledge and Competencies of JSC GTS. Deployment — on the Interactive Range platform.

CSSA · SOC ANALYSTOnline · 30 days

CyberShield Certified SOC Analyst

Certified cybersecurity operations center analyst

Foundation for SOC shift teams and ISOC staff: RK legislation, incident response with MISP, forensics, pentesting, Splunk and malware analysis — everything Resolution No. 7 requires for connecting IS to security operations centers.

30 d

Online

36 h

Theory

Modules

Key topics:

RK information security legislation
Incident response and working with MISP
Digital forensics — fundamentals
Splunk for SOC: search, correlation, dashboards
Malware analysis and security tools administration

Price

On requestcorporate group pricing

CSCP · PENTESTEROnline · 30 days

CyberShield Certified Pentester

Certified penetration testing specialist

Ethical hacking and security audit — for those responsible for assessing cyber resilience of digital assets. From Windows and Linux architecture to OWASP Top 10 exploitation in Interactive Range combat labs.

30 d

Online

40 h

Theory

Modules

Key topics:

Windows and Linux fundamentals: kernel, permissions, privilege escalation
Tools: Burp Suite, Nmap, Hydra, Metasploit
Information gathering and OSINT: Shodan, Censys, Dorking
Web application testing and OWASP Top 10
Labs on the Interactive Range platform

Price

On requestcorporate group pricing

CSCMA · MALWARE ANALYSTOnline · 30 days

CyberShield Certified Malware Analyst

Certified malware analyst

In-depth reverse engineering and malware analysis course for ISOC specialists. From setting up an isolated lab to UPX/AsPack unpacking and bypassing anti-debugging techniques in IDA Pro and x64dbg.

30 d

Online

36 h

Theory

Modules

Key topics:

Analysis environment setup · C++ and WinAPI for reversing
Basic and advanced static analysis (IDA Pro, Ghidra)
Dynamic analysis — OllyDbg, x64dbg
Evasion techniques: DLL injection, process hollowing
Working with packers · anti-debugging countermeasures

Price

On requestcorporate group pricing

DFIR · WINDOWSOnline · 30 days

Digital Forensics (DFIR) on Windows OS

Digital Forensics & Incident Response

Complete practical course on incident response and computer forensics. Covers the 'investigation and technical examination of incidents and threats' obligation from Resolution No. 7.

30 d

Online

Topics

Labs

Key topics:

Incident response: architecture, policy, plan
Evidence collection: KAPE, FTK Imager, Belkasoft RAM Capturer
Memory analysis: Volatility, MemProcFS
Windows logs: Sysmon, Hayabusa, Event Log Explorer
NTFS artifacts: $MFT, $LogFile, $UsnJrnl, INDXParse

Price

On requestcorporate group pricing

Track Comparison

Which course is right for your team?

A guide for HR, IS managers and security teams — which track covers which Resolution No. 7 requirement.

Program	Duration	Format	Target audience	Resolution No. 7 obligation	Assessment
CSSA · SOC Analyst	30 days	Online	ISOC analysts, SOC shifts	Monitoring and forecasting	Exam
CSCP · Pentester	30 days	Online	Audit specialists, AppSec	Audit and resilience assessment	2 checkpoints + exam
CSCMA · Malware Analyst	30 days	Online	Reverse engineers, threat hunters	Containment and neutralization	2 checkpoints + exam
DFIR · Windows	30 days	Online	Response teams, forensics	Investigation and examination	Test + practice

How Training Works

Practical training on the cyber range platform.

01 — APPLICATION

Group formation

The client submits a request, an Interactive Range mentor forms a group based on schedule and skill level.

02 — ACCESS

Platform connection

Students gain access to Interactive Range with theory, video lectures and labs for their chosen JSC GTS track.

03 — PRACTICE

Labs and combat scenarios

Working with real SIEM, MISP, malware samples in isolated environments. Progress tracking via dashboard.

04 — EXAM

Certification

Final exam and practical exercise. JSC GTS standard certificate.

05 — REPORTING

Closing documents

The client receives closing documents and a training summary report — to confirm compliance with Resolution No. 7.

06 — SUPPORT

Post-course support

Access to scenario updates, mentor chat in Telegram/Discord and extended platform access on request.

The platform is already used for training at:

Training Request

Comply with Resolution No. 7 — train your team at JSC GTS.

We'll form a corporate group to fit your schedule, prepare closing documents and issue standard certificates. Deployment — on the Interactive Range platform.

To course catalog

Training operatorJSC GTS

PlatformInteractive Range

Phone8 7172 55 29 77

Emailacademy@sts.kz

CityAstana

LanguageRussian / Kazakh