ＨｉｄｅＺｅｒｏＯｎｅ

Web Applications are increasingly distributed. What used to be a complex monolithic application hosted on premise has become a distributed set of services incorporating on-premise legacy applications along with interfaces to cloud-hosted and cloud-native components. Because of this coupled with a lack of security knowledge, web applications are exposing sensitive corporate data. Security professionals are asked to provide validated and scalable solutions to secure this content in line with best industry practices using modern web application frameworks. Attending this class will not only raise awareness about common security flaws in modern web applications, but it will also teach students how to recognize and mitigate these flaws early and efficiently. This course offers 20 Hands-On Labs + Defend the Flag Game in Section 6.

SEC522.1: Web Fundamentals and Secure Configurations
SEC522.2: Input-Related Defenses
SEC522.3: Authentication and Authorization
SEC522.4: Web Services and Front-End Security
SEC522.5: APIs and Microservices Security
SEC522.6: DevSecOps and Defending the Flag

SEC522: Application Security: Securing Web Apps, APIs, and Microservices

This course assesses the current state of security architecture and continuous monitoring, and provides a new approach to security architecture that can be easily understood and defended. When students finish, they have a list of action items in hand for making their organization one of the most effective vehicles for frustrating adversaries. Students are able to assess deficiencies in their own organization’s security architectures and affect meaningful changes that are continuously monitored for deviations from their expected security posture. 21 Hands-On Labs + Capstone

If you are a SOC manager or leader looking to unlock the power of proactive, intelligence-informed cyber defense, then LDR551 is the perfect course for you! In a world where IT environments and threat actors evolve faster than many teams can track, position your SOC to defend against highly motivated threat actors. Highly dynamic modern environments require a cyber defense capability that is forward-looking, fast-paced, and intelligence-driven. This SOC manager training course will guide you through these critical activities from start to finish and teach you how to design defenses with your organization’s unique risk profile in mind. Walk away with the ability to align your SOC activities with organizational goals. 17 hands-on exercises + Cyber42 interactive leadership simulations.

MGT551.1: SOC Design and Operational Planning
MGT551.2: SOC Telemetry and Analysis
MGT551.3: Attack Detection, Hunting, and Triage
MGT551.4: Incident Response
MGT551.5: Metrics, Automation, and Continuous Improvement

MGT551: Building and Leading Security Operations Centers

Many cybersecurity professionals are highly technical but often unfamiliar with project management terminology, methodologies, resource management, and leading teams. Overseeing diverse groups of stakeholders and team members, estimating resources accurately, as well as analyzing risk as applied to different organizational structures and relationships is a struggle for many new technical project leaders. Today’s virtual work environment only increases these complexities. It is critically important to understand how to leverage a wide range of development approaches and project management framework components to maximize resources across various business units for project success. Confidently lead security initiatives that deliver on time, within budget, reduce organizational risk and complexity while driving bottom line value. 35 Exercises

MGT525.1: Driving Value, Development Approaches, Frameworks, Methodologies, and Tailoring
MGT525.2: Stakeholder and Team Performance Domains
MGT525.3: Development Approach, Life Cycle, and Planning Performance Domains
MGT525.4: Work and Delivery Performance Domains
MGT525.5: Measurement and Uncertainty Performance Domains

MGT525: Managing Cybersecurity Initiatives and Effective Communication

This cloud security strategy for leaders training course focuses on what managers, directors, and security leaders need to know about developing their plan/roadmap while managing cloud security implementation capabilities. To safeguard the organization’s cloud environment and investments, a knowledgeable management team must engage in thorough planning and governance. We emphasize the essential knowledge needed to develop a cloud security roadmap and effectively implement cloud security capabilities. Making informed security decisions when adopting the cloud necessitates understanding the technology, processes, and people associated with the cloud environment. 12 Hands-on Cyber42 Exercises + Capstone.

LDR520.1: Cloud Security Fundamentals and Identity Management
LDR520.2: Cloud Security Environment Protection and Architecture
LDR520.3: Data Protection, Security Detection and Response
LDR520.4: Securing Workload and Security Assurance
LDR520.5: Roadmap planning and capstone exercise

LDR520: Cloud Security for Leaders