ＨｉｄｅＺｅｒｏＯｎｅ

CISM is designed for information security managers, the certification emphasizes the relationship between information security and the business. It focused more on management and strategy, and only covers technical topics in a limited way.

CISSP certification, is suitable for a variety of positions, from security managers to consultants. The certification focuses on the operations side of information security and threat response, the tactical aspects of security operations and goes much deeper into those areas.

Web browsers are among the most utilized consumer facing software products on the planet. As the ubiquitous gateway to the internet, browsers introduce significant risk to the integrity of personal computing devices. In the race to protect users while advancing web technology, premiere browsers have become increasingly complex targets to compromise. Over the course of this training, students will receive a thorough introduction to vulnerability research as it pertains to modern web browsers. This includes identifying, evaluating, and weaponizing the latest vulnerability patterns via the exploitation of several recently patched vulnerabilities. Through this, students will experience the end to end process of developing memory corruption based exploits against these high value targets. This course will focus specifically on Google Chrome and Apple Safari.

Go beyond the course materials with bi-monthly livestreamed workshops taught by your favorite Academy instructors. These interactive sessions will be hosted on the Academy platform and will not be available on our public social media channels. Topics for the workshops will rotate, please check the curriculum below for the upcoming schedule.

Welcome to the Governance, Risk, and Compliance (GRC) Analyst Master Class. This class assumes no prior background knowledge and is setup to give you a full scope understanding and the practical skills needed to be an effective GRC Analyst.

Cybersecurity workforce development is focused on red team and blue team skills, but GRC is terribly underserved for training.

This course fills that gap by offering practical application of risk, audit, policy development, and security awareness skills needed for modern GRC analysts.

Detection Engineering for Beginners teaches core concepts and skills to start thinking and working as a Detection Engineer!

This course will first teach the theory behind security operations and detection engineering. We’ll then start building out our home lab using VirtualBox and Elastic’s security offering. Then we’ll run through three different attack scenarios, each more complex than the one prior. We’ll make detections off of our attacks, and learn how to document our detections. Next we’ll dive more into coding and Python by writing validation scripts and learning out to interact with Elastic through their API. Wrapping everything up, we’ll host all our detections on GitHub and sync with Elastic through our own GitHub Action automations. As a cherry on top, we’ll have a final section on how to write scripts to gather important metrics and visualizations.

The objective of this course is to show students how to perform a full digital forensic investigation of a Windows system in a complete DIY setup.

The course covers a full digital forensic investigation of a Windows system. It begins with the simple preparation of our lab, which consists of setting up a “victim” VM and a forensic workstation. We’ll then run an attack simulation script on the victim VM that simulates attack patterns as commonly observed by threat actors in the industry to create a realistic setting for our investigation. From there, we’ll kick off the forensic process, beginning with the data collection, examination and extraction before diving deeper into the analysis of the information at hand.