Advanced Application Security and Audit Bootcamp - MIS Training
Advanced Application Security and Audit Bootcamp - MIS Training
Advanced Application Security and Audit Bootcamp - MIS Training
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
The International<br />
Information <strong>Security</strong> <strong>Training</strong><br />
EARN<br />
37 CPE CREDITS<br />
10th - 14th November 2008, London<br />
Course Director Ken Cutler, CISSP, CISM, CISA<br />
Over 25 years of experience in IS, IT auditing, quality assurance, BCP <strong>and</strong> information services<br />
<strong>Advanced</strong> <strong>Application</strong><br />
<strong>Security</strong> <strong>and</strong> <strong>Audit</strong><br />
<strong>Bootcamp</strong><br />
Designing <strong>and</strong> Ensuring End-to-End <strong>Security</strong> <strong>and</strong> Compliance in Today's E-Business <strong>Application</strong>s<br />
Review<br />
the major application security risks<br />
Learn<br />
tools, techniques, <strong>and</strong> checklists for ensuring reliable<br />
enterprise security services<br />
Gain<br />
insight into common security vulnerabilities <strong>and</strong><br />
outlooks on application software<br />
Identity<br />
<strong>and</strong> Access Control Management (I&ACM)<br />
Architecture<br />
And much more...<br />
SAVE UP TO 50%<br />
WITH IN HOUSE<br />
TRAINING<br />
Details inside<br />
LONDON<br />
Web mistieurope.com Email mis@mistieurope.com
<strong>Advanced</strong> <strong>Application</strong> <strong>Security</strong> <strong>and</strong> <strong>Audit</strong> <strong>Bootcamp</strong><br />
Designing <strong>and</strong> Ensuring End-to-End <strong>Security</strong> <strong>and</strong> Compliance in Today's<br />
E-Business <strong>Application</strong>s<br />
10th - 14th<br />
November 2008,<br />
London<br />
Seminar Focus & Features<br />
The recent avalanche of government regulatory initiatives, litigations, <strong>and</strong> intensified attacks on Web-based applications, along with<br />
traditional information asset protection, have significantly raised the stakes on the importance of secure application design, testing,<br />
certification/accreditation, <strong>and</strong> audit. In addition, IT applications have become more complex <strong>and</strong> frequently rushed to market by<br />
commercial IT product <strong>and</strong> internal developers, increasing the business risks <strong>and</strong> the challenges to applying <strong>and</strong> verifying reliable security<br />
safeguards. In this information-packed five-day seminar you will cover key building blocks <strong>and</strong> significant risks, <strong>and</strong> systematically sort<br />
through the available safeguards in today's complex Web-enabled, multi-tiered applications, including elusive Web services <strong>and</strong><br />
service-oriented architecture (SOA) applications. You will place special emphasis on a control point definition <strong>and</strong> transactional analysis<br />
approach to application design. You will also cover security service providers <strong>and</strong> auditing within the context of robust but practical<br />
enterprise architecture <strong>and</strong> governance models. Case studies, demonstrations, <strong>and</strong> checklists will provide reinforcement <strong>and</strong> enhanced<br />
comprehension of complex design, safeguard concepts, <strong>and</strong> best practices.<br />
Course Director Ken Cutler<br />
Ken Cutler is Vice President - Information <strong>Security</strong> (IS) for <strong>MIS</strong> <strong>Training</strong> Institute (<strong>MIS</strong>TI) where his current responsibilities include: IT audit <strong>and</strong> IS<br />
curriculum development, <strong>and</strong> chairing major IS <strong>and</strong> Business Continuity Planning (BCP) conferences <strong>and</strong> symposia. Ken is a frequent <strong>and</strong> much-indem<strong>and</strong><br />
speaker on a wide array of IS <strong>and</strong> audit topics. He is also the President <strong>and</strong> Founder of Ken Cutler & Associates (KCA), an independent<br />
information security consulting firm. Through KCA, Mr. Cutler has personally delivered consulting services in both management <strong>and</strong> h<strong>and</strong>s-on<br />
technical areas. He has also managed <strong>and</strong> directly participated in numerous information security consulting projects under various former <strong>MIS</strong>TI<br />
affiliated professional services divisions, including the Information <strong>Security</strong> Institute (ISI) <strong>and</strong> <strong>Advanced</strong> Information Management (AIM). He<br />
directed the development <strong>and</strong> growth of <strong>MIS</strong>TI’s IS curriculum <strong>and</strong> has frequently demonstrated his diverse expertise by personally developing <strong>and</strong><br />
delivering numerous seminars <strong>and</strong> h<strong>and</strong>s-on workshops in IS management <strong>and</strong> concepts, IT auditing, network infrastructure security <strong>and</strong> audit,<br />
wireless security, <strong>and</strong> vulnerability testing. Since 1996, Mr. Cutler has frequently delivered h<strong>and</strong>s-on network auditing <strong>and</strong> vulnerability testing<br />
courses in the United States, Russia, United Kingdom, Middle East, <strong>and</strong> Greece. Audiences for his <strong>MIS</strong>TI h<strong>and</strong>s-on government technical auditing<br />
programs include: NASA, NIST, NSA, <strong>and</strong> FDIC. His input on vulnerability testing tools is frequently sought out by major software vendors, such as<br />
Internet <strong>Security</strong> Systems, Symantec (Axent), SPI Dynamics, <strong>and</strong> The Saint Corporation.<br />
Mr. Cutler has over 25 years of experience in IS, IT auditing, quality assurance, BCP, <strong>and</strong> information services. His industry experience includes<br />
insurance, banking, financial services, natural resources, manufacturing, government contracting, consulting <strong>and</strong> training. Ken has held numerous<br />
positions in IT management, including IT audit fields. He has lectured at many major industry <strong>and</strong> regional professional association events, including<br />
frequent appearances at numerous COMDEX shows in the United Sates, Canada, <strong>and</strong> The Middle East. Mr. Cutler has chaired the popular InfoSec<br />
Mexico program. Ken has been a featured speaker at the Middle East IT <strong>Security</strong> Conference (MEITSEC) in Dubai, UAE.<br />
Ken’s current consulting <strong>and</strong> training experience was preceded by his heading company-wide IS programs for American Express Travel Related<br />
Services, Martin Marietta Data Systems, <strong>and</strong> Midlantic Banks, Inc. The scope of his management responsibilities at each of those major<br />
corporations included: security policies <strong>and</strong> st<strong>and</strong>ards, awareness programs, security risk assessments, overseeing security administration,<br />
consulting services, <strong>and</strong> security technology selection. He was appointed to form the Information <strong>Security</strong> program, including Disaster Recovery<br />
Planning, at Midlantic Banks, Inc. in response to the results of a series of his in-depth technical internal audits identifying major exposures in major<br />
application recoverability <strong>and</strong> data protection controls.<br />
While at Midlantic Banks, he also served as the first President of the COMDISCO International Disaster Recovery Users Group. He represented<br />
American Express at the International Information Integrity Institute (I-4) <strong>and</strong> was unanimously elected by its members to serve on the I-4 Member<br />
Advisory Committee (MAC) during his first year of participation.<br />
Ken has been a long-time active participant in international government <strong>and</strong> industry security st<strong>and</strong>ards initiatives including the President’s<br />
Commission on Critical Infrastructure Protection, Generally Accepted System <strong>Security</strong> Principles (GSSP), Information Technology <strong>Security</strong> Evaluation<br />
Criteria (ITSEC), US Federal Criteria, <strong>and</strong> Department of Defense Information Assurance Certification Initiative.<br />
Mr. Cutler is the primary author of the widely acclaimed Commercial International <strong>Security</strong> Requirements (CISR), which offers a commercial<br />
alternative to military security st<strong>and</strong>ards for system security design criteria. He is the co-author of NIST SP 800-10, “Guidelines on Firewalls <strong>and</strong><br />
Firewall Policy”. Ken has also published works on the intricacies of information security, security architecture, disaster recovery planning, wireless<br />
security, vulnerability testing, firewalls, <strong>and</strong> single sign-on. In addition, he has been frequently quoted in popular trade publications such as<br />
Computerworld, Information <strong>Security</strong> Magazine, Infoworld, Information Week, CIO Bulletin, Healthcare Information <strong>Security</strong> Newsletter, <strong>and</strong> <strong>MIS</strong><br />
Trans<strong>MIS</strong>sion. Mr. Cutler was featured in a special TV program entitled, “The Electronic Battlefield”, on Abu Dhabi, UAE Public TV <strong>and</strong> has also been<br />
interviewed on several US radio talk programs, including My Technology Lawyer <strong>and</strong> Talk America.<br />
In-House <strong>Training</strong><br />
Save Up To 50% When You Run<br />
This course In-house<br />
In-house tailored training will enable<br />
you & your colleagues to make<br />
significant savings as we charge per<br />
day & not per participant so the cost<br />
remains the same regardless of how<br />
many people attend. We can offer any<br />
of our public courses or tailor them to<br />
your requirements. <strong>Training</strong> is<br />
available in all areas of Internal <strong>Audit</strong>,<br />
IT <strong>Audit</strong>, <strong>and</strong> IT <strong>Security</strong><br />
If you have 6 or more colleagues who<br />
would be interested in one of our<br />
courses <strong>and</strong> you would like to make<br />
significant savings, contact us now;<br />
• What are your training objectives?<br />
• How many people require the<br />
training?<br />
• When would you like to run the<br />
training?<br />
• What level of experience do you<br />
<strong>and</strong> your colleagues have?<br />
• We will then email you a detailed<br />
proposal which addresses your<br />
unique needs.<br />
You will have complete control of the<br />
training content <strong>and</strong> decide when it is<br />
run. We guarantee that we will be able<br />
to cater for all your business needs.<br />
More Great Reasons to Choose<br />
our In-house <strong>Training</strong>:<br />
• Save money over public seminar<br />
fees<br />
• Save money on travel &<br />
accommodation<br />
• Save time on travel as the instructor<br />
will travel to you. Furthermore, the<br />
training can be held at the most<br />
convenient time for you.<br />
• Tailor the course content; ensure<br />
the relevance of the seminar for<br />
your colleagues. You can tailor the<br />
structure & methodology of your<br />
seminar or customise the seminar<br />
to meet the expertise levels of the<br />
participants.<br />
• Bring the best in the business;<br />
Instructors are h<strong>and</strong>s-on, expert<br />
practitioners who are your subject<br />
matter consultants when they are<br />
not training.<br />
• Gain CPE points & certificates for<br />
the number of training hours.<br />
Email Guy Cooper at<br />
gcooper@mistieurope.com<br />
or call<br />
+44 (0) 20 7779 8975
Day One<br />
Business Drivers for<br />
Secure <strong>Application</strong>s<br />
• Goals for information security safe<br />
guards in applications<br />
• Legislation <strong>and</strong> st<strong>and</strong>ards affecting<br />
application security<br />
• Review of major application<br />
security risks<br />
• Classification/impact analysis to<br />
define security controls<br />
• <strong>Security</strong> assurance in the system<br />
development life cycle<br />
Identity <strong>and</strong> Access<br />
Control Management<br />
(I&ACM) Architecture<br />
• Defining an enterprise information<br />
security architecture<br />
• Using the Information <strong>Security</strong><br />
Management Cycle to define an<br />
I&ACM security <strong>and</strong> audit<br />
deployment game plan<br />
• Essential I&ACM policy, st<strong>and</strong>ards,<br />
<strong>and</strong> procedures<br />
• Ownership, provisioning, <strong>and</strong><br />
security administration<br />
• Translating security policies into<br />
application safeguards<br />
• Computing models, roles,<br />
components, <strong>and</strong> associated<br />
control points<br />
• Access control models <strong>and</strong><br />
architecture<br />
• <strong>Security</strong> mechanisms <strong>and</strong><br />
systems<br />
• Client/server <strong>and</strong> middleware<br />
security for multi-tiered<br />
applications<br />
• Using access path <strong>and</strong><br />
transactional analysis to pinpoint<br />
control points <strong>and</strong> safeguards<br />
• Locating control points in<br />
complex, multi-tiered applications<br />
<strong>Application</strong> Infrastructure<br />
<strong>Security</strong> <strong>and</strong> <strong>Audit</strong><br />
• Key application building blocks<br />
• Baselines for secure operating<br />
system security<br />
• Physical files, network shares,<br />
databases, <strong>and</strong> other file sharing<br />
technologies<br />
• Controls over privileged programs<br />
<strong>and</strong> users<br />
• Network application services<br />
security risk analysis<br />
• Practical approaches to audit logs<br />
<strong>and</strong> monitoring<br />
• Printer <strong>and</strong> “high-end” office<br />
equipment security<br />
• <strong>Application</strong> vulnerability tracking<br />
resources <strong>and</strong> testing tools<br />
• Change controls <strong>and</strong> configuration<br />
management<br />
• Tools, techniques, <strong>and</strong> checklists<br />
for securing <strong>and</strong> auditing<br />
application infra structure security<br />
Day Two<br />
Relational Database<br />
Management System<br />
<strong>Security</strong> <strong>and</strong> <strong>Audit</strong><br />
• Relational database management<br />
systems (RDBMS)<br />
• Structured Query Language (SQL)<br />
• <strong>Security</strong> risks associated RDBMS<br />
systems<br />
• Connection <strong>and</strong> authentication for<br />
RDBMS systems<br />
• Comparing security <strong>and</strong> audit<br />
features for major RDBMS<br />
products: IBM DB2,<br />
Oracle, Microsoft SQL Server<br />
• Connection <strong>and</strong><br />
authentication for RDBMS<br />
systems<br />
• User accounts, roles, <strong>and</strong><br />
privileges<br />
• Database object<br />
protection methods:<br />
access control,<br />
encryption<br />
• Database audit logging<br />
options<br />
• Database integrity <strong>and</strong><br />
availability controls<br />
• Built-in audit tools: tables,<br />
stored procedures<br />
• Tools, techniques, <strong>and</strong> checklists<br />
for securing <strong>and</strong> auditing RDBMS<br />
components<br />
Day Three<br />
Encryption, Directories,<br />
<strong>and</strong> Other Enterprise<br />
<strong>Security</strong> Services<br />
• Encryption fundamentals<br />
• Key management: symmetrical,<br />
asymmetrical<br />
• Making sense of all the encryption<br />
algorithms<br />
• Public key infrastructure (PKI) <strong>and</strong><br />
certificate authorities (CAs)<br />
• Mapping encryption requirements<br />
to the OSI <strong>and</strong> TCP/IP models<br />
• Session <strong>and</strong> network encryption:<br />
SSL/TLS, SSH, VPNs<br />
• Critical enterprise directory<br />
services: LDAP<br />
• Single/reduced sign-on (SSO)<br />
pros <strong>and</strong> cons: scripting, trusted<br />
domains, Kerberos, digital<br />
certificates, Web-based SSO<br />
• Federated authentication services<br />
<strong>and</strong> protocols: Windows Live ID,<br />
Liberty Alliance, <strong>Security</strong><br />
Assertion Markup Language<br />
(SAML)<br />
• Tools, techniques, <strong>and</strong> checklists<br />
for ensuring reliable enterprise<br />
security services<br />
<strong>Security</strong> <strong>and</strong> <strong>Audit</strong> of<br />
Web-Enabled<br />
<strong>Application</strong>s<br />
• Web application control points:<br />
HTTP protocol exposed<br />
• Web application security<br />
vulnerabilities<br />
• Attacks on Web servers: crosssite<br />
scripting, SQL injection, buffer<br />
over flow<br />
• Best practices for Web server<br />
security<br />
• Perils <strong>and</strong> protections for remote<br />
Web application development:<br />
Frontpage, WebDAV<br />
• <strong>Application</strong> firewalls <strong>and</strong> intrusion<br />
prevention systems<br />
• Web browser security<br />
considerations<br />
• Tools, techniques, <strong>and</strong> checklists<br />
for testing Web application<br />
security<br />
Day Four<br />
<strong>Security</strong> in <strong>Application</strong><br />
Software Design<br />
• Major Web application<br />
environments <strong>and</strong> tools<br />
• Common security vulnerabilities<br />
<strong>and</strong> attacks on application<br />
software<br />
• Coding snafus <strong>and</strong> how to avoid<br />
them<br />
• Server-side web page scripting<br />
security: SSI, CGI, ASP, PHP, JSP,<br />
ASP.NET<br />
• Mobile code security: Java,<br />
ActiveX, VBScript, JavaScript,<br />
AJAX<br />
• HTTP state management: cookies,<br />
hidden fields, view state, query<br />
strings<br />
• Input validation <strong>and</strong> editing<br />
• Software testing tools<br />
• Tools, techniques, <strong>and</strong> checklists<br />
for auditing application design<br />
security<br />
Day Five<br />
Web <strong>Application</strong> Servers<br />
• Roles, architecture, <strong>and</strong> security<br />
control points for XML-oriented<br />
development environments <strong>and</strong><br />
associated Web application<br />
servers<br />
• Defining key sources of Web<br />
application server security:<br />
declarative vs. programmatic<br />
controls, database <strong>and</strong> Enterprise<br />
Information System (EIS)<br />
connectors<br />
• Locating security <strong>and</strong> audit<br />
features in different versions of<br />
Microsoft .NET Framework <strong>and</strong><br />
associated ASP.NET <strong>and</strong> ADO.NET<br />
components<br />
• Demystifying the architecture,<br />
vendor variations, <strong>and</strong> security<br />
features of Java 2 Enterprise<br />
Edition (J2EE) <strong>and</strong> the underlying<br />
Java security services<br />
• Tools <strong>and</strong> techniques for securing<br />
<strong>and</strong> auditing Web application<br />
servers<br />
Web Services <strong>and</strong><br />
Service-Oriented<br />
architecture<br />
• Web services definition <strong>and</strong><br />
architecture<br />
• Web services st<strong>and</strong>ards<br />
• Web services security <strong>and</strong> audit<br />
• Service Oriented architecture<br />
(SOA): Pie in the Sky?<br />
• SOA Enterprise Service Bus (ESB)<br />
• Web services security <strong>and</strong> audit<br />
tools, <strong>and</strong> techniques<br />
Remote Access <strong>and</strong><br />
Mobile <strong>Application</strong><br />
<strong>Security</strong> <strong>and</strong> <strong>Audit</strong><br />
• Key control points in remote<br />
access <strong>and</strong> mobile applications:<br />
Blackberry, Wireless <strong>Application</strong><br />
Protocol (WAP)<br />
• Gateways for mobile applications:<br />
vulnerabilities <strong>and</strong> safeguards<br />
• Checklist for secure mobile <strong>and</strong><br />
wireless application best practices<br />
© <strong>MIS</strong> <strong>Training</strong> 2008<br />
Who Should Attend<br />
Information <strong>Security</strong> Managers<br />
<strong>and</strong> Analysts; IT Managers,<br />
<strong>Audit</strong>ors, <strong>and</strong> Architects; <strong>Security</strong><br />
Architects; <strong>Application</strong><br />
Certification Specialists,<br />
Consultants, Architects <strong>and</strong><br />
Developers<br />
Prerequisite<br />
None<br />
Learning level<br />
<strong>Advanced</strong><br />
Bonus<br />
You will receive the St<strong>and</strong>ard<br />
Edition of the <strong>MIS</strong> Swiss Army<br />
Knife Reference listing<br />
hundreds of valuable resources for<br />
you <strong>and</strong> your organisation<br />
Fee<br />
GBP £2,545<br />
Earn 37<br />
CPE Credits<br />
Previous attendees<br />
Met my<br />
expectations<br />
<strong>Audit</strong> Advisor, Statoil<br />
Good<br />
explanation<br />
<strong>and</strong> clears up<br />
the difference<br />
between<br />
monitoring &<br />
auditing<br />
IT <strong>Audit</strong> Manager, HBOS<br />
Plc
<strong>Advanced</strong> <strong>Application</strong> <strong>Security</strong> <strong>and</strong> <strong>Audit</strong> <strong>Bootcamp</strong><br />
Designing <strong>and</strong> Ensuring End-to-End <strong>Security</strong> <strong>and</strong> Compliance in Today's E-Business <strong>Application</strong>s<br />
When registering for this event please quote reference WEB<br />
Key topic areas<br />
• Review the major application security risks<br />
• Learn tools, techniques, <strong>and</strong> checklists for ensuring reliable enterprise<br />
security services<br />
• Gain insight into common security vulnerabilities <strong>and</strong> outlooks on<br />
application software<br />
• Identity <strong>and</strong> Access Control Management (I&ACM) Architecture<br />
• And much more...<br />
Why should you attend?<br />
• <strong>MIS</strong> <strong>Training</strong> is the global leader in IT audit <strong>and</strong> info security training,<br />
having trained over 200,000 delegates<br />
• Course Instructors are the most reputable in the industry<br />
• We have an impressive client list including ABN AMRO, Alliance &<br />
Leicester, Barclays, BT, Deutsche Bank, Goldman Sachs, HM Revenue<br />
<strong>and</strong> Customs, to name a few<br />
• Earn CPE points - which can be used to qualify/maintain a CISSP, CISA<br />
or CISM<br />
10th - 14th November 2008, London<br />
PLEASE SEND ME INFORMATION ABOUT RUNNING THIS COURSE IN-HOUSE <br />
<strong>Advanced</strong> <strong>Application</strong> <strong>Security</strong> <strong>and</strong> <strong>Audit</strong> <strong>Bootcamp</strong><br />
(please photocopy form for additional delegates)<br />
10th - 14th November 2008, London (MT2509)<br />
GBP £2,545 £<br />
+ VAT @ 17.5% £<br />
Gr<strong>and</strong> Total £<br />
Payment Information<br />
You can now pay online at www.mistieurope.com<br />
Cheque enclosed (payable to <strong>MIS</strong> <strong>Training</strong>)<br />
Please invoice my company PO#<br />
Please debit my credit card AMEX VISA MasterCard<br />
Card Number<br />
Cardholders name<br />
Please include billing address if different from address given<br />
Expiry<br />
Verification Code<br />
Please note that in completing this booking you undertake to adhere to the<br />
cancellation <strong>and</strong> payment terms listed below<br />
Signature<br />
Date<br />
Approving Manager<br />
*Discounts: Please call to enquire<br />
about corporate discounts.<br />
Discounts can not be used in<br />
conjunction with each other.<br />
Position<br />
5 easy ways to register<br />
Tel: +44 (0)20 7779 8944<br />
Fax completed form to: +44 (0)20 7779 8293<br />
Email: mis@mistieurope.com Web: www.mistieurope.com<br />
Post completed form to: Carlos Doughty, <strong>MIS</strong> <strong>Training</strong>, Nestor House,<br />
Playhouse Yard, London EC4V 5EX UK<br />
Customer Information<br />
Title First name Surname<br />
Title/Position<br />
Organisation<br />
E-Mail Address (Required)<br />
Address<br />
Country<br />
Postcode<br />
Telephone<br />
Fax<br />
VAT Number (If you have one)<br />
The information you provide will be safeguarded by the Euromoney Institutional Investor PLC<br />
group whose subsidiaries may use it to keep you informed of relevant products <strong>and</strong> services.<br />
We occasionally allow reputable companies outside the Euromoney Institutional Investor PLC<br />
group to contact you with details of products that may be of interest to you. As an international<br />
group we may transfer your data on a global basis for the purposes indicated above. If you<br />
object to contact by telephone fax or email please tick the relevant box. If you do not<br />
want us to share your information with other reputable companies please tick this box <br />
Please send me information on<br />
In House <strong>Training</strong><br />
Preparing for the CISA Exam, 3rd - 7th November 2008, London<br />
<strong>Security</strong> & <strong>Audit</strong> of Unix/Linux, 18th - 20th November 2008, London<br />
Registration Information<br />
(fees must be paid in advance of the event)<br />
Accommodation: The course will be held in a Radisson Edwardian hotel in Central London (zone 1). To get the best available rate at Radisson Edwardian hotels in London<br />
please visit www.radissonedwardian.com/mis or, alternatively contact the hotel direct <strong>and</strong> quote the <strong>MIS</strong> event title <strong>and</strong> dates when making your booking.<br />
Cancellation Policy: Should a delegate be unable to attend, a substitute may attend in his or her place. Cancellations received within 21 working days of the event are liable<br />
for the full seminar fee. If full payment has been received you are eligible for a 75% reduction on the next run of the seminar. This discount will be valid for one year only. <strong>MIS</strong><br />
reserves the right to change or cancel programmes due to unforeseen circumstances.<br />
VAT: All delegates attending are liable to pay VAT. After the event organisations registered for VAT in the UK may reclaim the tax.<br />
Delegates from outside the UK but within the European Community may also be able to reclaim the VAT. Organisations outside<br />
the UK should check with their excise authority as to which domestic fiscal regulations apply. High Yield/No-Risk<br />
EARN<br />
37 CPE CREDITS<br />
Web mistieurope.com<br />
Email mis@mistieurope.com