نویسنده: Admin

The age of cloud computing has arrived as organizations have seen the advantages of migrating their applications from traditional on-premises networks. However, the rapid adoption of cloud has left the cloud security architect scrambling to design on this new medium. A shift to the cloud requires cybersecurity professionals to reorient their security goals around a new threat model to enable business requirements while improving their organization’s security posture. This enterprise cloud security architecture training course will teach students to create secure identity and network patterns in the cloud in order to support business at any stage of the cloud journey, whether planning for first workloads, managing complex legacy environments, or operating in an advanced cloud-native ecosystem. 20 Hands-On Labs

Syllabus

SEC549.1: Cloud Account Management and Identity Foundations
SEC549.2: Implementing an Identity Perimeter in the Cloud
SEC549.3: Network Access Perimeters for the Cloud
SEC549.4: Data Access Perimeters in the Cloud
SEC549.5: Enabling the Cloud-Focused SOC

ادامه مطلب

SEC542 empowers students to quickly evaluate and expose security vulnerabilities in web applications, showcasing the potential business repercussions of exploitation. Gain practical experience in exploiting web apps within your enterprise, mastering attackers’ tools and methods. Through hands-on exercises you will learn a best practice process for web application penetration testing, inject SQL into back-end databases to learn how attackers exfiltrate sensitive data, and utilize cross-site scripting attacks to dominate a target infrastructure. 30+ Hands-on Labs

Syllabus

SEC542.1: Introduction and Information Gathering
SEC542.2: Fuzzing, Scanning, Authentication, and Session Testing
SEC542.3: Injection
SEC542.4: XSS, SSRF, and XXE
SEC542.5: CSRF, Logic Flaws and Advanced Tools
SEC542.6: Capture the Flag

SEC542: Web App Penetration Testing and Ethical Hacking

ادامه مطلب

Organizations are moving to the cloud to enable digital transformation and reap the benefits of cloud computing. However, security teams struggle to understand the DevOps toolchain and how to introduce security controls in their automated pipelines responsible for delivering changes to cloud-based systems. Without effective pipeline security controls, security teams lose visibility into the changes released into production environments. SEC540 provides security professionals with the knowledge they need to automate guardrails and security policies in their organization’s DevOps pipelines, cloud infrastructure, container orchestrators, and microservice environments. By embracing the DevOps culture, students will walk away from SEC540 battle-tested and ready to build to their organization’s Cloud & DevSecOps Security Program. 35 Unique, Immersive, Hands-On Labs + CloudWars Bonus Challenges

Syllabus

SEC540.1: DevOps Security Automation
SEC540.2: Cloud Infrastructure Security
SEC540.3: Cloud Native Security Operations
SEC540.4: Microservice and Serverless Security
SEC540.5: Continuous Compliance and Protection

SEC540: Cloud Security and DevSecOps Automation

ادامه مطلب

Web Applications are increasingly distributed. What used to be a complex monolithic application hosted on premise has become a distributed set of services incorporating on-premise legacy applications along with interfaces to cloud-hosted and cloud-native components. Because of this coupled with a lack of security knowledge, web applications are exposing sensitive corporate data. Security professionals are asked to provide validated and scalable solutions to secure this content in line with best industry practices using modern web application frameworks. Attending this class will not only raise awareness about common security flaws in modern web applications, but it will also teach students how to recognize and mitigate these flaws early and efficiently. This course offers 20 Hands-On Labs + Defend the Flag Game in Section 6.

Syllabus

SEC522.1: Web Fundamentals and Secure Configurations
SEC522.2: Input-Related Defenses
SEC522.3: Authentication and Authorization
SEC522.4: Web Services and Front-End Security
SEC522.5: APIs and Microservices Security
SEC522.6: DevSecOps and Defending the Flag

SEC522: Application Security: Securing Web Apps, APIs, and Microservices

ادامه مطلب

This course assesses the current state of security architecture and continuous monitoring, and provides a new approach to security architecture that can be easily understood and defended. When students finish, they have a list of action items in hand for making their organization one of the most effective vehicles for frustrating adversaries. Students are able to assess deficiencies in their own organization’s security architectures and affect meaningful changes that are continuously monitored for deviations from their expected security posture. 21 Hands-On Labs + Capstone

ادامه مطلب

If you are a SOC manager or leader looking to unlock the power of proactive, intelligence-informed cyber defense, then LDR551 is the perfect course for you! In a world where IT environments and threat actors evolve faster than many teams can track, position your SOC to defend against highly motivated threat actors. Highly dynamic modern environments require a cyber defense capability that is forward-looking, fast-paced, and intelligence-driven. This SOC manager training course will guide you through these critical activities from start to finish and teach you how to design defenses with your organization’s unique risk profile in mind. Walk away with the ability to align your SOC activities with organizational goals. 17 hands-on exercises + Cyber42 interactive leadership simulations.

Syllabus

MGT551.1: SOC Design and Operational Planning
MGT551.2: SOC Telemetry and Analysis
MGT551.3: Attack Detection, Hunting, and Triage
MGT551.4: Incident Response
MGT551.5: Metrics, Automation, and Continuous Improvement

MGT551: Building and Leading Security Operations Centers

ادامه مطلب