A
By Ahala
Wishlist Share
Share Course
Page Link
Share On Social Media
Categories: Cybersecurity

About Course

AHALA SOFTWARE AND DIGITAL ACADEMY LTD

About

Ahala Software & Digital Academy Ltd is a premier provider of cybersecurity and digital skills training dedicated to empowering professionals, organizations, and institutions in Africa and beyond. Founded with a mission to close the cybersecurity skills gap, we develop industry-ready talent through practical, hands-on learning aligned with global standards such as NIST, MITRE ATT&CK, and NICE.

Our comprehensive curriculum covers core cybersecurity disciplines, GRC (Governance, Risk Management, and Compliance), Cloud Security, penetration testing, incident response, threat intelligence, and automation. We’re committed to fostering talent, innovation, and security in the digital landscape.

Services

  • Cybersecurity Training & Certification Programs
  • Governance, Risk, and Compliance (GRC) Courses
  • Cloud Security Courses (AWS, Azure, Google Cloud)
  • Hands-on Labs & Simulations
  • Corporate & Institutional Training (Customizable)
  • Threat Intelligence & SOC Automation
  • Cybersecurity Assessments & Consultancy
  • Internships & Student Projects
  • Job Readiness & Placement Support

Trainings

Core Cybersecurity Courses

  • SOC Analyst (Level 1–3)
  • Ethical Hacking & Penetration Testing
  • Incident Response & Digital Forensics
  • Cyber Threat Intelligence (CTI)
  • Vulnerability Management & Risk Assessment
  • Threat Hunting & Attack Simulations
  • Cybersecurity Fundamentals & Awareness
  • Cloud Security Fundamentals
  • Cloud Security Configuration & Best Practices
  • GRC Frameworks & Compliance Standards

Specialized Courses

  • Security Information & Event Management (SIEM)
  • Security Automation & Orchestration (SOAR)
  • Penetration Testing & Ethical Hacking
  • Incident Response & Digital Forensics
  • Cyber Threat Intelligence
  • Cloud Security (AWS, Azure, Google Cloud)
  • Governance, Risk, and Compliance (GRC)
  • Data Privacy & Data Protection
  • Web Application Security & OWASP Top 10
  • Secure Software Development & DevSecOps
  • AI & Machine Learning in Cybersecurity

Benefits

  • Practical, real-world, hands-on labs
  • Industry-aligned curriculum developed by experts
  • Flexible learning formats (online, hybrid, on-site)
  • Mentorship and industry engagement
  • Certification preparation for globally recognized exams
  • Support for job placement and career advancement
  • Access to cutting-edge tools, simulations, and attack scenarios
  • Customized programs for organizations and institutions

Partners

Technology & Tool Partners

  • Splunk
  • ELK Stack (Elasticsearch, Logstash, Kibana)
  • Security Onion
  • Kali Linux & Offensive Security
  • Atomic Red Team
  • Gophish
  • Microsoft Azure
  • Amazon Web Services (AWS)
  • Google Cloud

Academic & Training Partners

  • Universities & Polytechnics
  • Vocational & Tertiary Institutions
  • Research Centers
  • EdTech Platforms

Industry & Government Collaborations

  • MITRE ATT&CK
  • OWASP
  • NICE Framework
  • CVE Program
  • National ICT Authorities
  • Cybersecurity & Data Protection Agencies
  • Ministry of Education

Non-Profit & Community Initiatives

  • Youth & Women in Tech
  • Digital Literacy Campaigns
  • Community Cybersecurity Outreach

Corporate Clients

  • Financial Institutions
  • Healthcare
  • Telecoms
  • Oil & Gas
  • Startups & Small Businesses
  • Public Sector

How to Get Started

  1. Explore Courses: Visit our website or contact us for program details.
  2. Register: Sign up online or via our contact channels.
  3. Select Format: Choose in-person, online, or hybrid.
  4. Participate: Engage in labs, lectures, and projects.
  5. Certify & Grow: Complete exams, earn certifications, and access job support.
  6. Partner & Collaborate: Customized enterprise solutions—reach out!

Office Address

Head Office:
 39 Alfred Rewane Road, Ikoyi, Lagos, Nigeria

Team Members / Faculty

Our team comprises certified cybersecurity experts, seasoned trainers, and mentors with extensive industry and teaching experience. Faculty are recruited on a contractual basis, selected for their practical expertise and pedagogical skills.

Join Us

Become part of our network of cybersecurity professionals, learners, and organizational partners committed to protecting our digital future. Whether as a student, trainer, or partner, we invite you to collaborate with us.

Clientele

Our clients span various sectors:

  • Financial Services
  • Healthcare and Pharmaceuticals
  • Telecoms & ICT
  • Government & Defense
  • Educational Institutions
  • Startups & Tech Firms
  • NGOs & Development Agencies

Courses

  1. SOC Analyst (Level 1–3)

Objectives:

  • Equip learners with skills to monitor, analyze, and respond to security events.
  • Develop proficiency in SIEM tools and incident management.
  • Prepare for SOC analyst certifications.

Curriculum:

  • Introduction to SOC Operations and Roles
  • SIEM Fundamentals & Log Management
  • Alert Analysis & Incident Triage
  • Threat Detection & Correlation Techniques
  • Incident Escalation & Reporting
  • Automation & Playbooks
  • Advanced Malware & Attack Techniques
  • Real-world SOC scenarios and hands-on exercises

12-Week SOC Analyst (Level 1–3) Training Curriculum

Week 1: Introduction to SOC Operations and Roles
 The program begins with an overview of Security Operations Center (SOC) functions, roles, and responsibilities. Participants will learn how a SOC operates within an organization, the different analyst levels, and typical workflows. This foundational knowledge will include understanding SOC processes such as threat monitoring, incident detection, analysis, escalation, and response. Interactive discussions and role-playing exercises will help embed these concepts.

Week 2: Fundamentals of SIEM and Log Management
 Participants will dive into Security Information and Event Management (SIEM) concepts, focusing on how SIEM tools like Splunk and ELK Stack are deployed to collect, aggregate, and normalize logs across diverse IT environments. Hands-on labs will involve configuring these tools, ingesting logs, and performing basic searches to understand event data. The emphasis is on building skills for effective log management critical for threat detection.

Week 3: Log Analysis and Basic Alerting
 This week focuses on analyzing raw logs to identify suspicious activities. Participants will learn how to write queries, filter data, and identify anomalies. Labs include practical exercises in parsing logs, creating alerts, and understanding how alerts correspond to security threats. The goal is to develop acute log analysis skills for early detection.

Week 4: Fundamentals of Alert Analysis and Incident Triage
 Learners will understand how SIEMs generate alerts and how to differentiate between benign and malicious alerts. They will practice initial triage steps—prioritizing alerts based on severity, scope, and potential impact—and documenting findings systematically. Labs simulate real-world alert scenarios for hands-on triage experience.

Week 5: Threat Detection and Event Correlation Techniques
 Participants will explore techniques to detect sophisticated threats by correlating multiple security events. They will learn to create and tune detection rules, leverage TTPs (Tactics, Techniques, and Procedures), and recognize attack patterns. Practical exercises include rule creation and threat scenario simulations to enhance detection capabilities.

Week 6: Incident Escalation and Reporting
 This week covers the escalation process, including when and how to escalate an incident internally or externally. Learners will draft incident reports, communicate findings, and document timelines accurately. Through role-playing and simulated incidents, students will reinforce reporting best practices vital for effective incident management.

Week 7: Automation and SOC Playbooks
 Automation is key to operational efficiency. Learners will explore scripting fundamentals (Python, Bash) and how to develop automation playbooks to handle repetitive tasks such as alert enrichment and response. Labs will include developing simple automation scripts and understanding how automation integrates into SOC workflows.

Week 8: Advanced Malware & Attack Techniques
 This week covers the analysis of malware and understanding attacker tactics. Participants will examine malware behavior, persistence mechanisms, lateral movement, and data exfiltration. Labs will involve malware reverse engineering, analyzing attack chains, and understanding how to detect these behaviors within logs and endpoints.

Week 9: Real-world SOC Scenarios and Threat Hunting
 Students will participate in comprehensive simulations mimicking real-world attack scenarios. This includes responding to simulated breaches, threat hunting exercises, and lateral movement detection. The focus is on applying detection rules and analysis skills in dynamic situations, reinforcing real-time response capabilities.

Week 10: Threat Detection & Response Exercises
 Building on previous weeks, students will run full-cycle attack simulations—from initial intrusion detection, analysis, to containment and eradication. Labs will involve using SIEM tools to identify complex threats, execute incident response procedures, and learn from simulated attack chains.

Week 11: Capstone Project & Integration
 During this week, learners will undertake a capstone project that combines detection, analysis, automation, and reporting. Working in teams, they will analyze a simulated attack, develop detection rules, automate responses, and produce detailed reports. This project demonstrates mastery of skills acquired and prepares students for certification and real-world deployment.

Week 12: Review, Certification Preparation, and Final Assessment
 The final week provides a comprehensive review of all topics, mock exams, and scenario-based quizzes. Participants will receive feedback on their performance and preparation strategies for industry certifications such as CompTIA CySA+. The course concludes with a certification readiness assessment, ensuring participants are equipped to transition into operational SOC roles.

Labs/Tools/Simulations:

  • Splunk, ELK Stack
  • Log analysis exercises
  • Incident response drills
  • Threat detection simulations
  • SOC automation demos

Internships & Projects:

  • Building a Mini SOC
  • Real-time log monitoring projects
  • Incident response case studies

Certifications:

  • Certified SOC Analyst (CSA)
  • SIEM and incident management certifications

Job Readiness Program:

  • Resume & interview coaching
  • Industry insights
  • Mock interview sessions
  • Placement assistance
  1. Ethical Hacking & Penetration Testing

Objectives:

  • Teach ethical hacking techniques legally and responsibly.
  • Identify vulnerabilities in systems, networks, and applications.
  • Prepare learners for industry-standard certifications like OSCP, CEH.

Curriculum:

  • Ethical Hacking Legal & Ethical Considerations
  • Reconnaissance & Footprinting
  • Scanning & Enumeration
  • Exploitation Techniques
  • Post-Exploitation & Privilege Escalation
  • Web Application Attacks & OWASP Top 10
  • Wireless & Network Attacks
  • Pen Testing Tools & Report Writing

12-Week Ethical Hacking & Penetration Testing Curriculum

Week 1: Introduction to Ethical Hacking and Legal Considerations
 The course kicks off with an overview of ethical hacking principles, emphasizing the importance of legal and responsible hacking practices. Participants will learn about the ethics, laws, and authorization required for penetration testing. This foundation ensures trainees understand the boundaries and legal frameworks guiding their activities. Discussions will include the role of penetration testers, the importance of consent, and professional conduct.

Week 2: Reconnaissance & Footprinting
 Students will explore techniques to gather intelligence on target systems, networks, and applications. This phase involves passive and active reconnaissance, including OSINT (Open Source Intelligence) tools and methods to identify potential entry points. Labs will include using tools like Maltego and reconnaissance modules within Kali Linux to perform footprinting in a controlled environment.

Week 3: Scanning & Enumeration
 Building upon reconnaissance, learners will dive into scanning and enumeration techniques to identify open ports, services, and vulnerable applications. They will utilize tools such as Nmap, Netcat, and default scripts to enumerate system details and identify weaknesses. Practical exercises will simulate scanning of target environments to discover exploitable configurations.

Week 4: Exploitation Techniques
 In this critical week, trainees will learn how attackers exploit discovered vulnerabilities. They will use Metasploit and other exploitation frameworks to execute exploits, gain access, and demonstrate control over target systems. The focus will be on understanding exploitation workflows, payloads, and evasion techniques, with hands-on labs to practice exploitation in a safe, lab environment.

Week 5: Post-Exploitation & Privilege Escalation
 Participants will understand what happens after initial access is achieved. This includes maintaining access, privilege escalation, and lateral movement. Labs will involve privilege escalation exploits, bypassing security mechanisms, and establishing persistence within compromised systems, simulating real-world attacker behavior.

Week 6: Web Application Attacks & OWASP Top 10
 This week focuses on attacking web applications by exploiting common vulnerabilities from the OWASP Top 10 list. Participants will learn techniques such as SQL injection, Cross-site Scripting (XSS), file inclusion, and CSRF. Practical labs will involve attacking deliberately vulnerable web applications such as DVWA and OWASP Juice Shop, along with Burp Suite for intercepting and manipulating HTTP requests.

Week 7: Wireless & Network Attacks
 Learners will explore attacking wireless networks, including WPA/WPA2 password cracking, fake access points, and Evil Twin attacks. Network attacks such as ARP poisoning, Man-in-the-Middle (MITM), and packet sniffing will be covered using tools like Aircrack-ng, Wireshark, and bettercap. Hands-on labs will involve capturing traffic and executing wireless attacks within controlled environments.

Week 8: Penetration Testing Tools & Automation
 Participants will familiarize themselves with essential pentesting tools like Kali Linux, Nmap, Metasploit, Burp Suite, and others. They will learn to automate reconnaissance, scanning, and exploitation tasks using scripting and batch processes to improve efficiency. Labs will focus on tool integration, scripting basic automation scripts, and creating repeatable attack workflows.

Week 9: Vulnerability Scanning & Exploit Development
 This week emphasizes using vulnerability scanners like Nessus, OpenVAS, or Nikto to identify security flaws. Students will learn to analyze scan results and develop simple exploits or modify existing ones to exploit vulnerabilities. Practical labs include vulnerability assessment and basic exploit development in safe lab environments.

Week 10: Penetration Testing Methodology & Report Writing
 Participants will learn how to plan, execute, and document penetration tests following a structured methodology (e.g., PTES or OSSTMM). They will develop skills in assessing target scope, conducting tests methodically, and writing professional reports outlining vulnerabilities, exploit techniques, findings, and remediation recommendations. Labs will simulate delivering comprehensive reports based on previous exercises.

Week 11: Capstone Practice & Simulated Pen Tests
 In this culminating week, learners will undertake simulated full-scale penetration tests in a controlled lab environment. They will perform reconnaissance, scanning, exploitation, post-exploitation, and reporting in an end-to-end exercise. This practical experience reinforces theoretical knowledge while honing real-world skills.

Week 12: Certification Preparation & Final Assessment
 The final week prepares trainees for industry certifications such as OSCP or CEH. It includes review sessions, scenario-based quizzes, and mock exams to reinforce learned concepts. Participants will receive feedback and guidance on exam strategies, ensuring they are confident and ready to attain their certifications.

Labs/Tools/Simulations:

  • Kali Linux tools (Nmap, Metasploit, Burp Suite)
  • Web app attack simulations
  • Wireless penetration labs
  • Exploit Development Practice
  • Vulnerability scanning exercises

Internships & Projects:

  • Penetration test engagements
  • Vulnerability assessment reports
  • Capture-the-Flag (CTF) challenges

Certifications:

  • Certified Ethical Hacker (CEH)
  • Offensive Security Certified Professional (OSCP)

Job Readiness Program:

  • Portfolio building
  • Interview prep
  • Industry networking
  1. Incident Response & Digital Forensics

Objectives:

  • Train learners to handle security incidents effectively.
  • Develop skills in digital evidence collection, analysis, and reporting.
  • Foster incident management lifecycle expertise.

Curriculum:

  • Incident Response Lifecycle & Frameworks
  • Types of Cyber Incidents
  • Evidence Collection & Chain of Custody
  • Malware & Root Cause Analysis
  • Forensic Tools & Techniques
  • Legal & Compliance Aspects
  • Recovery & Remediation Strategies
  • Case study analyses

12-Week Incident Response & Digital Forensics Curriculum

Week 1: Incident Response Lifecycle & Frameworks
 The course opens with an overview of the incident response (IR) lifecycle, emphasizing frameworks such as NIST SP 800-61 and SANS Incident Handling. Participants will understand the stages—Preparation, Detection & Analysis, Containment, Eradication, Recovery, and Lessons Learned. This foundational week covers the roles and responsibilities within an IR team, incident classification, and establishing an incident response plan. Discussions will highlight the importance of readiness and proactive preparation.

Week 2: Types of Cyber Incidents
 Learners will explore different incident types, including malware outbreaks, data breaches, privilege escalation, insider threats, and DoS/DDoS attacks. They will gain knowledge on how to identify and prioritize incidents based on their characteristics and potential impact. Case studies of real-world incidents will help contextualize these concepts, highlighting the importance of swift, accurate response.

Week 3: Evidence Collection & Chain of Custody
 This week centers on the collection of digital evidence while maintaining integrity and admissibility. Participants will learn techniques for imaging disks, capturing volatile data, and preserving evidence in a forensically sound manner. Emphasis will be on documenting every step to establish an unbroken chain of custody. Labs will simulate evidence handling scenarios, including write-blocker usage and forensic imaging.

Week 4: Malware & Root Cause Analysis
 Participants will study malware types, behaviors, and indicators of compromise. The focus will be on analyzing suspicious files, processes, and system artifacts to trace the root cause of incidents. Labs include malware sandboxing, static and dynamic analysis, and utilizing tools like Volatility to extract memory artifacts. This week aims to equip learners with skills to identify how malware infiltrates and persists.

Week 5: Forensic Tools & Techniques
 This week introduces key forensic tools such as EnCase, FTK, and open-source alternatives. Participants will practice imaging drives, analyzing file systems, recovering deleted files, and examining logs. Focused labs will involve performing forensic analysis on disk images, extracting metadata, and understanding typical forensic methodologies to support investigations.

Week 6: Legal & Compliance Aspects
 Understanding legal considerations is crucial in digital forensics. Learners will explore laws affecting evidence handling, privacy, and data protection (e.g., GDPR, HIPAA). They will learn about jurisdictional issues, reporting requirements, and the importance of proper documentation. Discussions will include legal scenarios and the role of forensic evidence in court proceedings.

Week 7: Recovery & Remediation Strategies
 This week covers techniques to restore systems after an incident, including malware removal, patching vulnerabilities, and restoring backups. Participants will learn the importance of thorough forensic analysis in guiding remediation efforts, ensuring that threats are fully eradicated, and similar future attacks are prevented. Labs will model recovery scenarios in lab environments.

Week 8: Incident Response Playbooks & Communication
 Participants will develop and refine incident response playbooks, detailing step-by-step procedures for various incident types. The importance of clear communication, escalation procedures, and coordination with legal and PR teams will be emphasized through interactive exercises and role-playing. Effective reporting and documentation skills will be practiced.

Week 9: Forensic Analysis of Network Traffic & Log Files
 This week emphasizes analyzing network traffic captures, firewall logs, and system logs to uncover attack vectors, lateral movements, and data exfiltration attempts. Tools such as Wireshark and log analysis platforms will be introduced. Labs will focus on detecting anomalies, reconstructing attack timelines, and correlating data for comprehensive incident understanding.

Week 10: Forensic Investigation Simulations
 Realistic forensic investigation scenarios will be conducted, combining evidence collection, malware analysis, and endpoint investigations. Participants will work in teams to solve simulated cases, analyzing artifacts, identifying attack methods, and documenting findings thoroughly. Emphasis will be on applying all forensic techniques learned throughout the course.

Week 11: Case Study Analyses & Best Practices
 Learners will study famous security incidents, dissecting their causes, response strategies, and lessons learned. This week reinforces best practices in incident response, including communication, documentation, and continuous improvement. Discussion sessions will encourage critical analysis and practical application of principles.

Week 12: Final Assessment and Certification Preparation
 The program culminates with comprehensive review sessions, scenario-based assessments, and mock incident response exercises. Participants will demonstrate their capability to execute an incident response plan, perform forensic analysis, and generate reports. Guidance for industry certifications such as GCIH or EnCE will be provided, ensuring trainees are ready to validate their skills professionally.

Labs/Tools/Simulations:

  • EnCase, FTK, Volatility
  • Malware analysis sandbox
  • Evidence handling exercises
  • Network traffic analysis
  • Forensic investigation simulations

Internships & Projects:

  • Digital forensic investigations
  • Incident simulation exercises
  • Capstone forensic project

Certifications:

  • GIAC Certified Incident Handler (GCIH)
  • EnCase Certified Examiner (EnCE)

Job Readiness Program:

  • Soft skills & communication
  • Resume workshops
  • Industry case studies
  • Job placement support
  1. Cyber Threat Intelligence (CTI)

Objectives:

  • Enable skills to gather, analyze, and disseminate threat intelligence.
  • Adopt proactive security strategies.
  • Use open-source and proprietary threat intelligence platforms.

Curriculum:

  • Fundamental CTI Concepts & Lifecycle
  • Data Collection & Source Analysis
  • Threat Actor Profiling
  • Indicator of Compromise (IOC) Analysis
  • Threat Reports & Intelligence Sharing
  • Threat Hunting Integration
  • Using Threat Intel Platforms (MISP, Recorded Future)
  • Trend Analysis & Case Studies

12-Week Cyber Threat Intelligence (CTI) Curriculum

Week 1: Introduction to CTI & Lifecycle
 The course begins with an overview of Cyber Threat Intelligence fundamentals. Participants will understand what CTI is, its importance in modern cybersecurity, and how it fits into an effective security posture. The CTI lifecycle—planning, collection, analysis, dissemination, and feedback—will be explored in depth, establishing a systematic approach to threat intelligence operations. This week emphasizes understanding the goals and scope of threat intelligence programs.

Week 2: Data Collection & Sources Analysis
 Learners will explore various data sources for threat intelligence collection, including open-source feeds, commercial platforms, and internal logs. Techniques for gathering relevant data while filtering noise will be covered. Labs will involve collecting threat data from sources like OTX, analyzing their credibility, and integrating this data into intelligence workflows to support proactive defense.

Week 3: Threat Actor Profiling
 Participants will learn to profile threat actors by analyzing their tactics, techniques, procedures (TTPs), motivations, and attack patterns. This includes understanding nation-states, cybercriminal groups, and hacktivists. Exercises will involve building threat actor profiles from real-world case studies and using available intelligence to predict potential future activities.

Week 4: Indicator of Compromise (IOC) Analysis
 This week focuses on identifying, analyzing, and operationalizing Indicators of Compromise such as IP addresses, domains, file hashes, and email addresses. Trainees will practice detecting IOCs in logs, networks, and endpoint data. Labs will simulate IOC detection within SIEM logs and develop IOC feeds for use in automated detection systems.

Week 5: Threat Reports & Intelligence Sharing
 Learners will develop skills in writing threat intelligence reports, ensuring clarity, accuracy, and actionability. They will study best practices in disseminating intelligence within organizations and sharing information via ISACs or proprietary platforms. Practical exercises will involve drafting threat reports based on simulated attack data.

Week 6: Threat Hunting & Proactive Defense Integration
 This week integrates threat intelligence into active threat hunting activities. Participants will learn to formulate hypotheses based on intelligence, identify potential threats lurking in their environments, and proactively hunt for malicious activity. Labs will include developing hunting queries and correlating threat data with their telemetry.

Week 7: Using Threat Intelligence Platforms (MISP, Recorded Future)
 Participants will get hands-on experience with prominent open-source platforms like MISP and proprietary solutions such as Recorded Future. They will learn how to import, organize, and share threat intelligence data, automate threat feeds, and correlate IOCs against logs and alerts. System demonstrations and labs will focus on platform navigation and threat intel enrichment.

Week 8: Trend Analysis & Case Studies
 This week emphasizes analyzing threat trends over time, identifying emerging threats, and understanding attack campaigns. Participants will examine real-world case studies of major cyber attacks like ransomware outbreaks, supply chain compromises, and nation-state campaigns. Exercises will involve trend analysis and presentation of findings.

Week 9: Threat Attribution & Attack Chain Reconstruction
 Learners will develop skills to attribute cyber attacks to specific threat actors by analyzing TTPs, IOCs, and campaign overlaps. Labs will involve attack attribution exercises, reconstructing attack chains, and correlating threat intelligence with incident data to provide context and support attribution efforts.

Week 10: Threat Intelligence Integration into Defensive Operations
 This week focuses on embedding threat intelligence into incident response, vulnerability management, and security controls. Participants will learn to operationalize intelligence feeds, enhance security controls, and inform strategic risk assessments. Labs will simulate applying CTI insights to real-world defense scenarios and automation workflows.

Week 11: Final Threat Hunting & Intelligence Synthesis
 Building on previous weeks, students will conduct comprehensive threat hunts using diverse intelligence sources. They will synthesize intelligence into strategic and tactical insights, producing actionable intelligence for security operations teams. Labs will include developing threat landscape reports and conducting attack simulations.

Week 12: Capstone Project & Certification Preparation
 The course concludes with a capstone project where teams develop a comprehensive threat intelligence report, including actor profiling, IOC analysis, and mitigation recommendations based on a simulated or real threat scenario. Additionally, review sessions, mock exams, and scenario-based questions will prepare participants for industry certifications like CySA+ or Threat Intelligence certifications, ensuring readiness for professional roles.

Labs/Tools/Simulations:

  • MISP, Open Threat Exchange (OTX)
  • Threat report writing exercises
  • IOC detection in logs
  • Attack attribution simulations
  • Threat actor behavior analysis

Internships & Projects:

  • Threat intelligence reports
  • IoC development projects
  • Real-world threat attribution cases

Certifications:

  • Certified Threat Intelligence Analyst (CTIA)
  • GIAC Threat Intelligence (GCTI)

Job Readiness Program:

  • Report writing & presentation
  • Industry insights
  • Networking sessions
  1. Vulnerability Management & Risk Assessment

Objectives:

  • Teach how to identify, evaluate, and mitigate vulnerabilities.
  • Develop skills to assess and manage cyber risks.
  • Prepare for roles involving compliance and security audits.

Curriculum:

  • Introduction to Vulnerability Management
  • Vulnerability Scanning & Assessment Tools
  • Risk Assessment Methodologies
  • Threat & Vulnerability Prioritization
  • Patch Management & Remediation
  • Continuous Monitoring & Reporting
  • Compliance Standards (ISO 27001, PCI-DSS)
  • Risk Management Frameworks

12-Week Vulnerability Management & Risk Assessment Curriculum

Week 1: Introduction to Vulnerability Management
 The course begins with an overview of vulnerability management fundamentals, emphasizing its role in cybersecurity defense. Participants will learn about the importance of identifying, prioritizing, and mitigating vulnerabilities to reduce organizational risk. The key components of a vulnerability management program and the typical lifecycle will be introduced, highlighting how vulnerability management integrates with broader security and compliance efforts.

Week 2: Vulnerability Scanning & Assessment Tools
 Participants will explore popular assessment tools such as Nessus, OpenVAS, and Qualys. Hands-on labs will include deploying, configuring, and running scans on test environments, interpreting scan results, and understanding common vulnerabilities and exposures (CVEs). This week emphasizes selecting appropriate tools and using them effectively to discover weaknesses.

Week 3: Vulnerability Evaluation & Data Analysis
 This week trains learners to analyze scan reports, identify critical vulnerabilities, and understand their implications. Focus will be on vulnerability scoring systems like CVSS, prioritization strategies, and differentiating false positives from genuine threats. Labs will involve assessing scan outputs and creating vulnerability dashboards for stakeholders.

Week 4: Risk Assessment Methodologies
 Participants will examine various risk assessment frameworks such as NIST 800-30, OWASP Risk Rating, and FAIR. They will learn how to perform qualitative and quantitative risk analyses, considering asset value, threat likelihood, and impact. Practical exercises will include developing risk matrices and performing mock assessments for different organizational scenarios.

Week 5: Threat & Vulnerability Prioritization
 This week emphasizes prioritizing remediation efforts based on risk levels, exploitability, and business impact. Learners will practice developing remediation roadmaps and risk-based decision-making. Labs will simulate risk scoring and prioritization workflows tailored to real-world environments.

Week 6: Patch Management & Remediation Strategies
 Participants will explore patch management best practices, including patch testing, deployment, and tracking. They will learn to develop effective remediation plans, track vulnerabilities, and verify patch effectiveness. Labs will simulate patch deployment workflows and escalation procedures, highlighting challenges and risk mitigation.

Week 7: Continuous Monitoring & Security Reporting
 This week focuses on establishing ongoing vulnerability monitoring processes. Learners will explore integrating vulnerability data with SIEM systems, dashboards, and automated alerts. They will practice generating reports, tracking remediation progress, and communicating risk status to stakeholders for compliance and decision-making.

Week 8: Standards & Compliance (ISO 27001, PCI-DSS)
 Participants will review key compliance standards, their vulnerability management requirements, and audit processes. They will learn how organizations implement controls to meet standards such as ISO 27001 and PCI-DSS, including documenting policies, conducting assessments, and maintaining compliance evidence.

Week 9: Risk Management Frameworks & Governance
 This week covers broader risk management philosophies, including frameworks like COBIT, NIST Cybersecurity Framework, and FAIR. Learners will understand governance principles, risk appetite, and integration of risk management into organizational strategy. Case studies will demonstrate successful implementations.

Week 10: Vulnerability & Patch Management Simulation
 Participants will execute hands-on vulnerability scanning, risk assessment, vulnerability prioritization, and patch deployment in a simulated environment. The labs will involve coordinating remediation efforts, verifying patch effectiveness, and documenting progress, mimicking real-world workflows.

Week 11: Gap Analysis & Audit Preparation
 Learners will perform comprehensive vulnerability and compliance gap analyses within simulated audits. They will review organizational policies, assess control gaps, and prepare audit documentation for standards like ISO or PCI-DSS. This session emphasizes audit readiness and continuous improvement.

Week 12: Capstone Project & Final Review
 The program concludes with a capstone project where participants develop a complete vulnerability management plan for a hypothetical organization, including assessment, prioritization, remediation, and reporting. Final review sessions, mock assessments, and practical quizzes will prepare learners for certifications and real-world roles, solidifying their understanding of vulnerability and risk management.

 

Labs/Tools/Simulations:

  • Nessus, OpenVAS, Qualys scans
  • Risk scoring exercises
  • Patch implementation simulations
  • Vulnerability reporting workflows
  • Compliance gap analysis

Internships & Projects:

  • Vulnerability scanning & mitigation projects
  • Risk assessment case studies
  • Security audit reports

Certifications:

  • CompTIA Security+
  • Certified Vulnerability Assessor
  • Risk Management certifications (CRISC)

Job Readiness Program:

  • CV/resume writing sessions
  • Interview prep specific to vulnerability management roles
  • Industry best practices workshops
  1. Threat Hunting & Attack Simulations

Objectives:

  • Enable proactive detection and investigation of threats.
  • Develop hypothesis-driven analysis skills.
  • Conduct simulated attacks to test defenses.

Curriculum:

  • Fundamentals of Threat Hunting
  • Data Collection & Telemetry Analysis
  • Using MITRE ATT&CK Framework
  • Behavior-based Detection Techniques
  • Threat Hunting Tools & Platforms
  • Planning & Executing Attack Campaigns
  • Detecting & Responding to Attacks
  • Continuous Improvement & False Positive Reduction

12-Week Threat Hunting & Attack Simulations Curriculum

Week 1: Introduction to Threat Hunting
 The course kicks off with an overview of threat hunting fundamentals, distinguishing proactive hunting from reactive incident response. Participants will learn the importance of hypothesis-driven investigation, understanding threat landscapes, and integrating threat intelligence into hunting strategies. The session emphasizes mindset shifts needed for proactive defense.

Week 2: Data Collection & Telemetry Analysis
 Learners will explore the types of telemetry data essential for threat hunting, including network logs, endpoint data, DNS records, and user activity logs. Techniques for collecting, normalizing, and analyzing this data will be demonstrated, with hands-on exercises in querying and visualizing data using platforms like Kibana.

Week 3: Using MITRE ATT&CK Framework
 Participants will learn to leverage the MITRE ATT&CK framework to map attacker TTPs to observed behaviors and develop hypotheses. They will practice applying the framework to categorize and analyze suspicious activities and understand attack patterns frequently encountered in real-world scenarios.

Week 4: Behavior-based Detection Techniques
 This week emphasizes understanding attacker behaviors and identifying anomalies instead of relying solely on signatures. Techniques include analyzing process behavior, file modifications, privilege escalations, and lateral movement. Labs will include developing behavioral detection rules and detecting unusual patterns.

Week 5: Threat Hunting Tools & Platforms
 Participants will familiarize themselves with popular threat hunting tools such as Elastic Security, Kibana, Osquery, and Sigma rules. They’ll learn how to deploy, configure, and utilize these tools effectively for hunting activities. Labs will include writing custom queries and rules to identify malicious behaviors.

Week 6: Planning & Executing Attack Campaigns
 This week guides learners through planning simulated attack campaigns, developing hypotheses based on intelligence, and executing these within controlled environments to test defenses. They will learn attack lifecycle stages, infrastructure planning, and simulating attack vectors.

Week 7: Detecting & Responding to Attacks
 Participants will practice identifying ongoing attacks through hunting methods, analyzing indicators, and deploying detection rules. They will simulate responding to detected threats, containing malicious activities, and escalating findings appropriately.

Week 8: Continuous Improvement & Reducing False Positives
 This session focuses on refining hunting processes based on previous findings, tuning rules, and reducing false positives. Participants will review detection efficacy, incorporate lessons learned, and optimize workflows to improve accuracy and efficiency.

Week 9: Attack Simulation Exercises
 Using tools like Atomic Red Team, learners will execute predefined attack simulations to test organizational defenses. These controlled exercises will mimic real attack techniques, allowing students to observe detection gaps and response procedures in a safe environment.

Week 10: Threat Hunting Exercises
 Building on previous weeks, students will conduct comprehensive threat hunts based on hypothetical threat scenarios. They will analyze data, generate hypotheses, investigate anomalies, and document findings, enhancing their proactive detection skills.

Week 11: Incident Response Tabletop & Debrief
 This week involves tabletop exercises where teams respond to simulated threats uncovered during hunting activities. Students will simulate incident handling, coordination, and decision-making, emphasizing communication, documentation, and lessons learned.

Week 12: Capstone Project & Final Review
 The program concludes with a capstone project: designing and executing a full threat hunt and attack simulation based on a fictional scenario, then creating detailed reports of findings and recommended actions. Final review, mock scenarios, and Q&A sessions will prepare learners for real-world threat detection roles and certifications.

Labs/Tools/Simulations:

  • Elastic Security & Kibana
  • Osquery & Sigma rules
  • Attack simulation with Atomic Red Team
  • Threat hunting exercises
  • Incident response tabletop scenarios

Internships & Projects:

  • Developing threat hunting hypotheses
  • Detecting simulated attacks
  • Hunting engagements on real environments

Certifications:

  • Certified Threat Hunter (CTH)
  • GIAC Cyber Threat Intelligence (GCTI)

Job Readiness Program:

  • Practical exercises in detection
  • Resume and interview practices
  • Industry case study discussions
  1. Cybersecurity Fundamentals & Awareness

Objectives:

  • Provide foundational knowledge of cybersecurity concepts.
  • Foster awareness of common threats and best practices.
  • Prepare beginners for further specialized training.

Curriculum:

  • Basic Security Principles
  • Common Cyber Threats (Phishing, Malware)
  • Password & Authentication Security
  • Data Privacy Fundamentals
  • Safe Internet/Email Practices
  • Security Policies & Social Engineering
  • Security Incident Basics
  • Importance of End-User Vigilance

12-Week Cybersecurity Fundamentals & Awareness Curriculum

Week 1: Introduction to Cybersecurity Principles
 Begin with an overview of cybersecurity, emphasizing its importance in protecting assets, information, and reputation. Cover core principles like confidentiality, integrity, and availability (CIA triad), along with the basic concepts of risk management and defense-in-depth strategies.

Week 2: Understanding Common Cyber Threats
 Introduce prevalent threats such as phishing, malware, ransomware, and denial-of-service attacks. Use real-world examples to illustrate how these threats operate, their impact, and how attackers exploit vulnerabilities.

Week 3: Password & Authentication Security
 Teach best practices for creating strong, unique passwords, and emphasize multi-factor authentication (MFA). Conduct password strength testing exercises to demonstrate vulnerabilities of weak passwords and importance of password hygiene.

Week 4: Data Privacy Fundamentals
 Explain data privacy concepts, including the importance of protecting personal and sensitive data, privacy laws (like GDPR), and organizational policies for data handling. Highlight the significance of data classification and encryption basics.

Week 5: Safe Internet & Email Practices
 Cover safe browsing habits, recognizing malicious websites, and avoiding unsafe downloads. Demonstrate how to identify suspicious emails, including signs of phishing, and practice safe email handling.

Week 6: Security Policies & Social Engineering Awareness
 Review organizational security policies, emphasizing adherence and reporting procedures. Discuss social engineering tactics like pretexting, baiting, and tailgating, and conduct simulated social engineering exercises to reinforce vigilance.

Week 7: Basics of Security Incidents & Reporting
 Introduce fundamental incident response concepts, including identifying, escalating, and reporting security incidents. Emphasize the importance of prompt reporting and maintaining security logs.

Week 8: Recognizing & Preventing Phishing Attacks
 Focus on identifying phishing attempts, with exercises recognizing fake emails and websites. Conduct phishing email recognition exercises and discuss procedures for reporting suspected phishing.

Week 9: Mobile & Remote Security Best Practices
 Address securing mobile devices, the risks of public Wi-Fi, and safe remote work practices. Demonstrate VPN usage, device encryption, and secure configuration tips.

Week 10: End-User Vigilance & Ongoing Awareness
 Highlight the role each user plays in organizational security. Develop personal security habits, such as regular updates, awareness of social engineering tactics, and safeguarding credentials.

Week 11: Interactive Awareness Campaigns & Simulations
 Use quizzes, games, and simulated attack scenarios to reinforce learning. Conduct role-playing exercises and awareness campaigns to embed cybersecurity best practices in daily routines.

Week 12: Final Assessment & Awareness Certification
 Conclude with assessments to evaluate understanding, including quizzes and scenario-based questions. Provide certificates or recognition for completing the program, encouraging ongoing vigilance.

Labs/Tools/Simulations:

  • Phishing email recognition exercises
  • Password strength testing
  • Security awareness quizzes
  • Simulated social engineering attacks
  • Best practice demonstrations

Internships & Projects:

  • Awareness campaign planning
  • Simulated phishing campaigns
  • User training sessions

Certifications:

  • Security+ (for beginners)
  • Security Awareness Certification

Job Readiness Program:

  • Soft skills workshops
  • Communication & reporting skills
  • Interview prep for entry-level roles
  1. Cloud Security Fundamentals

Objectives:

  • Introduce cloud architecture and security challenges.
  • Prepare learners for cloud security roles.
  • Cover basic security best practices for cloud environments.

Curriculum:

  • Cloud Computing Models (IaaS, PaaS, SaaS)
  • Cloud Deployment & Service Models
  • Cloud Security Risks & Threats
  • Identity & Access Management (IAM)
  • Data Security & Encryption
  • Cloud Compliance & Governance
  • Cloud Security Architectures
  • Cost & Security Trade-Offs

12-Week Cloud Security Fundamentals Curriculum

Week 1: Introduction to Cloud Computing & Architecture
 Begin with an overview of cloud computing, including its evolution, benefits, and core concepts. Cover the primary service models — Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) — and deployment models such as public, private, and hybrid clouds.

Week 2: Understanding Cloud Service & Deployment Models
 Deepen knowledge on how different models are used in real-world scenarios, their advantages, and security implications. Discuss case studies of popular cloud providers like AWS, Azure, and Google Cloud.

Week 3: Cloud Security Risks & Threats
 Introduce common security challenges and threats in cloud environments, such as data breaches, misconfigurations, account hijacking, and insider threats. Emphasize the shared responsibility model of cloud security.

Week 4: Identity & Access Management (IAM)
 Focus on managing user identities, permissions, and policies within cloud platforms. Hands-on labs configuring IAM roles, users, groups, and policies in AWS, Azure, or GCP to enforce least privilege.

Week 5: Data Security & Encryption
 Cover data protection in transit and at rest, including encryption mechanisms, key management, and data masking. Conduct exercises encrypting data at rest and in transit in cloud environments.

Week 6: Cloud Compliance & Governance
 Discuss applicable compliance standards (e.g., GDPR, HIPAA, PCI-DSS) and how to implement governance controls. Focus on audit trails, logging, and establishing security policies aligned with compliance requirements.

Week 7: Cloud Security Architectures
 Explore best practices for designing secure cloud architectures, including network segmentation, Web Application Firewalls (WAF), intrusion detection/prevention, and security controls placement.

Week 8: Cost & Security Trade-Offs
 Address balancing security with cost management. Discuss options like over-provisioning, automation, and choosing optimal security controls versus budget constraints. Use real-world scenarios to illustrate trade-offs.

Week 9: Hands-On Cloud Security Configurations
 Utilize free cloud tiers (AWS Free Tier, Azure, GCP) for practical labs: setting up secure virtual machines, storage, and networks; configuring IAM roles and policies; implementing basic security controls.

Week 10: Implementing Data Security & Encryption
 Conduct exercises on encrypting data stored in cloud buckets, databases, and virtual machines. Practice key management with cloud-native tools such as AWS KMS, Azure Key Vault, or GCP Cloud KMS.

Week 11: Multi-Cloud & Hybrid Cloud Security Best Practices
 Learn about managing security across multiple cloud providers and hybrid environments. Cover multi-cloud identity federation, unified security policies, and centralized monitoring solutions.

Week 12: Final Review & Cloud Security Best Practices
 Conclude with a summary of principles, best practices, and common pitfalls. Include a capstone project: designing a secure cloud architecture for a hypothetical scenario. Assess understanding through quizzes and scenario-based exams.

Labs/Tools/Simulations:

  • AWS Free Tier, Azure, GCP environments
  • Configuring IAM roles and policies
  • Secure VM & Storage setups
  • Cloud Data Encryption exercises
  • Multi-cloud security best practices

Internships & Projects:

  • Cloud architecture design & security review
  • Data security in cloud projects
  • Cloud compliance assessments

Certifications:

  • AWS Certified Security – Specialty
  • Microsoft Certified: Azure Security Engineer
  • Google Professional Cloud Security Engineer

Job Readiness Program:

  • Cloud security case studies
  • Cloud vendor-specific interview prep
  • Resume building for cloud roles
  1. Cloud Security Configuration & Best Practices

Objectives:

  • Equip students with skills to securely configure cloud services.
  • Reduce vulnerabilities in cloud deployments.
  • Ensure compliance and security controls are in place.

Curriculum:

  • Designing Secure Cloud Architectures
  • Implementing Multi-Factor Authentication (MFA)
  • Configuring Secure Network Boundaries
  • Data Encryption & Key Management in Cloud
  • Monitoring & Logging Cloud Resources
  • Harden Cloud Infrastructure & Resources
  • Automating Security & Compliance Checks
  • Cloud Incident Response Planning

12-Week Cloud Security Configuration & Best Practices Curriculum

Week 1: Designing Secure Cloud Architectures
 Begin with principles of secure cloud design, including defense-in-depth, network segmentation, and architecture review. Discuss how to leverage cloud-native security services to build resilient, compliant environments.

Week 2: Implementing Multi-Factor Authentication (MFA)
 Focus on deploying MFA across cloud platforms to secure access. Practicals include configuring MFA for administrator and user accounts using cloud provider MFA services, and understanding MFA best practices.

Week 3: Configuring Secure Network Boundaries
 Cover creating secure network boundaries using Virtual Private Clouds (VPCs), subnets, NAT gateways, and private links. Labs involve setting up security groups, firewall rules, and private connectivity options for isolation.

Week 4: Data Encryption & Key Management in Cloud
 Discuss encryption principles at rest and in transit: utilizing TLS, encryption keys, and vault services. Hands-on exercises in configuring cloud-native key management tools like AWS KMS, Azure Key Vault, or GCP Cloud KMS.

Week 5: Monitoring & Logging Cloud Resources
 Learn to enable and configure logging and monitoring tools such as AWS CloudWatch, Azure Monitor, and GCP Operations. Practice setting up alerts, analyzing logs, and establishing incident detection mechanisms.

Week 6: Hardening Cloud Infrastructure & Resources
 Use security benchmarks and checklists (e.g., CIS benchmarks) to harden cloud virtual machines, containers, and storage. Apply security best practices via scripts and manual configurations to reduce attack surfaces.

Week 7: Automating Security & Compliance Checks
 Introduce infrastructure as code (IaC) tools such as Terraform, CloudFormation, and deployment pipelines for automated security checks. Practice writing scripts for automated vulnerability scanning and compliance validation.

Week 8: Cloud Incident Response Planning
 Develop a cloud-specific incident response plan that includes identification, containment, eradication, and recovery strategies. Incorporate cloud logging, early detection, and automated response workflows.

Week 9: Practical Configuration Exercises with Major Cloud Platforms
 Hands-on labs configuring multi-factor authentication, network security rules, security groups, and access roles across AWS, Azure, and GCP. Use cloud-native dashboards like AWS Security Hub, Azure Security Center, GCP Security Command Center for assessment.

Week 10: Cloud Hardening & Security Checks
 Follow security hardening checklists and scripts for virtual machines, containers, and storage objects. Audit configurations against best practices and automate compliance scans with cloud provider tools.

Week 11: Automating Compliance & Security Audits
 Implement automated audits leveraging tools like AWS Config, Azure Policy, and GCP Forseti. Practice setting policies to enforce security standards and generate compliance reports.

Week 12: Final Lab & Best Practices Review
 Wrap up with a comprehensive lab where students review, verify, and improve a pre-configured cloud environment to meet security and compliance standards. Conduct a scenario-based assessment and reinforce continuous security improvement principles.

Labs/Tools/Simulations:

  • AWS Security Hub, Azure Security Center, GCP Security Command Center
  • Configuring IAM roles, policies, and permissions
  • Security Group & Firewall Rule setups
  • Cloud Hardening checklists & scripts
  • Automated Compliance & Security Audits

Internships & Projects:

  • Design & implement a secure cloud environment
  • Conduct cloud security reviews
  • Create incident response playbooks for cloud

Certifications:

  • AWS Certified Security – Specialty
  • Azure Security Engineer Associate
  • Google Professional Cloud Security Engineer

Job Readiness Program:

  • Real-world case studies
  • Cloud security role play exercises
  • Resume & interview prep for cloud security positions
  1. GRC Frameworks & Compliance Standards

Objectives:

  • Teach how to develop and manage Governance, Risk, & Compliance programs.
  • Familiarize learners with major standards like ISO 27001, NIST, GDPR.
  • Prepare candidates for GRC certifications.

Curriculum:

  • Introduction to GRC concepts & principles
  • Risk assessment methodologies
  • Policy development & management
  • Control implementation & monitoring
  • Auditing & compliance reporting
  • Data protection laws (GDPR, CCPA)
  • Incident management in GRC context
  • Business continuity planning

12-Week GRC Frameworks & Compliance Standards Curriculum

Week 1: Introduction to GRC Concepts & Principles
 Start with defining GRC, its importance in organizational security, and how governance, risk management, and compliance interrelate. Cover the benefits of integrated GRC programs and frameworks.

Week 2: Risk Assessment Methodologies
 Explore different risk assessment techniques like qualitative, quantitative, and hybrid methods. Include practical exercises applying frameworks such as NIST 800-30 and FAIR to evaluate organizational risks.

Week 3: Policy Development & Management
 Teach the essentials of creating, approving, and maintaining security policies and procedures. Practice drafting policies aligned with organizational goals and compliance requirements, including version control and approval processes.

Week 4: Control Implementation & Monitoring
 Discuss how to select, implement, and monitor controls to mitigate identified risks. Cover control frameworks like ISO 27001 Annex A controls, and demonstrate control tracking via GRC tools.

Week 5: Auditing & Compliance Reporting
 Learn how to plan, execute, and document audits to verify control effectiveness. Use simulated audit scenarios and reporting templates to prepare compliance reports and remediation plans.

Week 6: Major Compliance Standards & Laws
 Cover key standards and regulations including ISO 27001, NIST Cybersecurity Framework, GDPR, CCPA, and PCI-DSS. Highlight their scope, requirements, and how to align organizational policies accordingly.

Week 7: Data Protection Laws & Privacy
 Focus on compliance with GDPR, CCPA, and other privacy laws. Discuss data subject rights, breach notification procedures, and privacy-by-design principles.

Week 8: Incident Management & GRC Integration
 Address integrating incident response into GRC programs, including detection, reporting, and recovery aligned with compliance mandates. Conduct tabletop exercises reflecting GRC processes during incidents.

Week 9: Business Continuity & Disaster Recovery Planning
 Teach the development of BCPs and DRPs, emphasizing resilience planning, backup strategies, and testing. Review how these plans support compliance and risk management.

Week 10: Practical GRC Tool Usage & Control Mapping
 Utilize GRC tools like RSA Archer and ServiceNow GRC modules. Conduct hands-on exercises in control creation, mapping controls to policies, and managing risk registers within these platforms.

Week 11: Gap Analysis & Audit Scenario Exercises
 Perform compliance gap analysis exercises, identifying deficiencies against standards. Run simulated audit scenarios, including reporting and remediation planning.

Week 12: Final Project & Certification Preparation
 Develop a comprehensive GRC program proposal for a hypothetical organization, including risk assessments, policy frameworks, and controls. Review key concepts and prepare for GRC certification exams. Conclude with a Q&A and scenario-based assessment.

Labs/Tools/Simulations:

  • GRC tools (RSA Archer, ServiceNow GRC modules)
  • Policy and control creation exercises
  • Risk assessment case studies
  • Compliance gap analysis
  • Audit simulation scenarios

Internships & Projects:

  • Develop a GRC implementation plan
  • Conduct a mock compliance audit
  • Policy review and improvement exercises

Certifications:

  • ISO 27001 Lead Implementer/Auditor
  • Certified Information Security Manager (CISM)
  • Certified in Governance of Enterprise IT (CGEIT)
  • NIST Cybersecurity Framework Certification

Job Readiness Program:

  • Policy writing workshops
  • Risk assessment simulation
  • Interview coaching for GRC roles

 

Show More

Student Ratings & Reviews

No Review Yet
No Review Yet

Want to receive push notifications for all major on-site activities?