ＨｉｄｅＺｅｒｏＯｎｅ

Web Applications are increasingly distributed. What used to be a complex monolithic application hosted on premise has become a distributed set of services incorporating on-premise legacy applications along with interfaces to cloud-hosted and cloud-native components. Because of this coupled with a lack of security knowledge, web applications are exposing sensitive corporate data. Security professionals are asked to provide validated and scalable solutions to secure this content in line with best industry practices using modern web application frameworks. Attending this class will not only raise awareness about common security flaws in modern web applications, but it will also teach students how to recognize and mitigate these flaws early and efficiently. This course offers 20 Hands-On Labs + Defend the Flag Game in Section 6.

SEC522.1: Web Fundamentals and Secure Configurations
SEC522.2: Input-Related Defenses
SEC522.3: Authentication and Authorization
SEC522.4: Web Services and Front-End Security
SEC522.5: APIs and Microservices Security
SEC522.6: DevSecOps and Defending the Flag

SEC522: Application Security: Securing Web Apps, APIs, and Microservices

This course assesses the current state of security architecture and continuous monitoring, and provides a new approach to security architecture that can be easily understood and defended. When students finish, they have a list of action items in hand for making their organization one of the most effective vehicles for frustrating adversaries. Students are able to assess deficiencies in their own organization’s security architectures and affect meaningful changes that are continuously monitored for deviations from their expected security posture. 21 Hands-On Labs + Capstone

If you are a SOC manager or leader looking to unlock the power of proactive, intelligence-informed cyber defense, then LDR551 is the perfect course for you! In a world where IT environments and threat actors evolve faster than many teams can track, position your SOC to defend against highly motivated threat actors. Highly dynamic modern environments require a cyber defense capability that is forward-looking, fast-paced, and intelligence-driven. This SOC manager training course will guide you through these critical activities from start to finish and teach you how to design defenses with your organization’s unique risk profile in mind. Walk away with the ability to align your SOC activities with organizational goals. 17 hands-on exercises + Cyber42 interactive leadership simulations.

MGT551.1: SOC Design and Operational Planning
MGT551.2: SOC Telemetry and Analysis
MGT551.3: Attack Detection, Hunting, and Triage
MGT551.4: Incident Response
MGT551.5: Metrics, Automation, and Continuous Improvement

MGT551: Building and Leading Security Operations Centers

This cloud security strategy for leaders training course focuses on what managers, directors, and security leaders need to know about developing their plan/roadmap while managing cloud security implementation capabilities. To safeguard the organization’s cloud environment and investments, a knowledgeable management team must engage in thorough planning and governance. We emphasize the essential knowledge needed to develop a cloud security roadmap and effectively implement cloud security capabilities. Making informed security decisions when adopting the cloud necessitates understanding the technology, processes, and people associated with the cloud environment. 12 Hands-on Cyber42 Exercises + Capstone.

LDR520.1: Cloud Security Fundamentals and Identity Management
LDR520.2: Cloud Security Environment Protection and Architecture
LDR520.3: Data Protection, Security Detection and Response
LDR520.4: Securing Workload and Security Assurance
LDR520.5: Roadmap planning and capstone exercise

LDR520: Cloud Security for Leaders

ICS515: ICS Visibility, Detection, and Response will help you gain visibility and asset identification in your Industrial Control System (ICS)/Operational Technology (OT) networks, monitor for and detect cyber threats, deconstruct ICS cyber attacks to extract lessons learned, perform incident response, and take an intelligence-driven approach to executing a world-leading ICS cybersecurity program to ensure safe and reliable operations. Note: This class was previously named ICS515: ICS Active Defense and Incident Response. The course has gone through a significant update changing much of the content, most of the labs, and adding a day in course length.

ICS515.1: ICS Cyber Threat Intelligence
ICS515.2: Visibility and Asset Identification
ICS515.3: ICS Threat Detection
ICS515.4: Incident Response
ICS515.5: Threat and Environment Manipulation
ICS515.6: Capstone Day, Under Attack!

ICS515: ICS Visibility, Detection, and Response

ICS410: ICS/SCADA Security Essentials provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.