(Free with your Safari / O'Reilly Learning Subscription)
< Most people start here.
In this course you will learn introductory cyber security concepts, as well as the different focus areas in cyber security. You will explore different concepts of incident response, digital forensics, security operations, and security management. This course will also go over cyber security in the Internet of Things (IoT), secure development management, and how cyber security is affecting software development (including DevOps and cloud computing).
Introduction to the concepts, tools, and methodologies of Penetration Testing (Ethical Hacking) >>
If you are starting your cyber career, seeking your Certified Ethical Hacking or Offensive Security Certified Professional (OSCP) Certification, or just interested in learning more about cyber security, this two-day training session is a great place to start.
With live discussions, demos, whiteboard instruction and screencasts this training course will introduce you to the basics of ethical hacking or penetration testing. No prior experience is needed. Omar Santos, best-selling security author, speaker and Principal Engineer in the Cisco Product Security Incident Response Team (PSIRT) within Cisco's Security Research and Operations will introduce you to security concepts and then walk you through a complete a penetration test, from beginning to end. You will also explore professional networking and security topics, including an introduction to the world of white hat hacking, reconnaissance, Kali Linux, and exploitation. This course provides step-by-step real-life scenarios. You will see first-hand how an ethical hacker performs initial reconnaissance of a victim and how to assess systems and network security controls security posture.
This training includes live discussions, demos, whiteboard instruction and screencasts. You will benefit from expert insights of the methodologies used to assess and compromise a network. You will also learn about the legal aspects of ethical hacking and the associated risks. This course additionally reviews many different tools that can be used to penetrate a wired and wireless network and the systems within that network. In this training we will go over several tools like the social engineering tool kit (SET), Metasploit, Maltego, and many more. After that you’ll different best practices on how to write a penetration testing report.
CEHv10 Exam Preparation
This live and interactive training is designed to help you prepare for the EC-Council Certified Ethical Hacker (CEH) version 10 certification exam. In this training we will review: Key topics and methodologies that you need to master the CEHv10 exam objectives; step by step examples of security penetration testing methodologies and concepts; and sample questions for each of the topics covered in the exam.
Learn how to craft exploits used by ethical hackers to perform real-world penetration testing engagements. Understand the methods for conducting wired and wireless network assessments, hacking web servers, and web applications. Explore attack techniques against mobile devices, IoT devices, and cloud deployments.
CompTIA PenTest+ Certification
This live and interactive training is designed to help you prepare for the new CompTIA PenTest+ exam. In this training we will review the main topics and methodologies that you need to master the PenTest+ exam objectives. You will learn security penetration testing methodologies and concepts by going over step-by-step examples. In this class we will also review several sample questions for each of the topics covered.
Learn how to craft the exploits used by ethical hackers to perform real world penetration testing engagements. Understand the methods for conducting wired and wireless network assessments, hacking web servers, and web applications. You will learn mitigations to the most common attacks and vulnerabilities. You will also learn details about pre-engagement tasks including planning, scoping, compliance-based testing, and more. You will also learn how to write penetration testing reports and include best practices explaining recommended mitigation strategies for the discovered vulnerabilities.
Hands-on Web Application Penetration Testing
This course starts with an introduction to modern web applications and then immediately dives into the mapping and discovery phase of testing. In this course, you will learn security penetration testing methodologies and concepts by going over step-by-step examples in real time.
This hands-on training course will use various open source tools. You will learn how to exploit SQL injection, command injection, cross-site scripting (XSS), XML External Entity (XXE), and cross-site request forgery (CSRF). You will also learn how to perform assessments of modern APIs used for mobile and IoT applications. This course includes interactive labs where students can interact with a series of vulnerable web applications in a safe environment. Learn how to craft the exploits used by ethical hackers to perform real-world penetration testing attacks and vulnerabilities.
3-day Pen Testing Bootcamp!!
This is a comprehensive Ethical Hacking (security penetration testing) hands-on boot camp! In this 3-day course you will get the training and experience you need to successfully launch your ethical hacking career. You will participate in live discussions, demos, whiteboard instruction and lab exercises. No prior experience is needed. Omar Santos, best-selling security author, speaker and Principal Engineer in the Cisco Product Security Incident Response Team (PSIRT) within Cisco's Security Research and Operations will walk you through numerous exercises and ethical hacking concepts. If you are starting your cyber career, seeking your Certified Ethical Hacking, CompTIA PenTest+, or Offensive Security Certified Professional (OSCP) Certification, or are just interested in learning more about cyber security, this three-day training session is for you!
This course provides step-by-step real-life scenarios. It starts by going over passive and active recon, then dives deep into scanning, target exploitation, password attacks, web application testing, buffer overflows, wired and wireless network hacking, and post-exploitation techniques. You will use dozens of different tools that can be used to penetrate a wired and wireless network and the systems within that network. In this training we will go over several tools like the social engineering tool kit (SET), Metasploit, Maltego, and many more. After that you’ll different best practices on how to write a penetration testing report.
The number of cyber-attacks and breaches continue to rise. The field of digital forensics and incident response (DFIR) is in high-demand. Digital cybersecurity forensics, threat hunting and incident response tactics and procedures have evolved rapidly over the past several years. Incident response and digital forensics teams are tasked to identify malware, indicators of compromise, and patterns of activity in order to detect current and future intrusions.
In this course you will learn the fundamentals of incident response and digital forensics. You will learn how to create effective incident response teams and best practices on how to contain and remediate cybersecurity incidents. You will also learn how to develop how to extract and create necessary cyber threat intelligence that can help you properly scope the compromise and detect future breachesYou will also learn how to collect evidence from network infrastructure devices and endpoints; and how to preserve that evidence.
In this course you will learn all about cybersecurity blue and red teams while also building the skills necessary to create your own teams. We will start with exploring the concepts of red, blue and "purple teams" or "purple teaming," which combines the elements of defense and offense within an organization. Next you will find out how to create and manage cybersecurity red, blue and "purple" teams before jumping into best practices for understanding how your teams can effectively collect and analyze data to defend your organization against threat actors. You will also learn different tools that are appropriate for blue and red teams and how to proactively and iteratively "hunt" and isolate advanced threats that evade existing security solutions within your organization. We will then end with a look at threat intelligence and how blue and red teams use it in their engagements.
This live and interactive training is designed to help you understand your network environment, monitor it for threats, perform incident response against identified threats, and learn different adversary tactic, techniques, and procedures (TTPs). You will gain hands-on experience of the process of monitoring, responding to, and remediating internal threats (also known as active defense). You will learn how to use tools such as Security Onion and RedHunt OS to perform digital forensics and incident response (DFIR), as well as Threat Hunting.
In this live training you will complete different a hands-on real-world incident response and learn concepts such as using threat intelligence, security monitoring, and utilizing threat analysis and incident response methodologies. You will learn about tools such as Snort, Suricata, Zeek (formerly known as Bro), Sguil, Squert, Elasticsearch, logstash, and Kibana (ELK), Caldera, Atomic Red Team, Metasploit, Maltego, Datasploit, Yeti, Harpoon, and many others.
The CCNP and CCIE Security Core SCOR 350-701 Crash Course serves as comprehensive 2-day training for anyone interested in taking and passing the Cisco CCNP Security certification.
A fast-paced live training course designed to help you learn about every objective in the SCOR exam. This training will also help any network professionals interested in learning the skills required to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate security threats.
This course starts with an introduction to the new Cisco CCNP Security and CCIE Security certifications. You will then quickly dive into the topics of the CCNP Security Implementing and Operating Cisco Security Core Technologies (300-701 SCOR) exam and the cybersecurity foundation topics that you need to study to pass the exam. This is the first exam you must take and pass to pursue your Cisco Security certification career path. You will also learn about different Cisco network security concepts needed to pass the exam, how to secure multi-cloud environments, and the different Cisco Content Security solutions available. In this training you will also learn details about endpoint protection and detection, secure network access, visibility, and enforcement.
This live and interactive training is designed to help you prepare for the Cisco CCIE Security and CCNP Security Implementing and Operating Cisco Security Core Technologies (300-701 SCOR) exam. We will review all the topics in the exam blueprint.
< You need a good Linux, Python, and Bash Background for Offensive and Defensive Security
Numerous cybersecurity jobs require a solid background in programming, Linux, and scripting languages. In this fast-paced and hands-on course you will learn several fundamental skills that you need to master to be competitive in today’s cybersecurity job market.
Having working knowledge of Linux, Python programming, and Bash scripting will help you become a better cybersecurity professional. This course also helps students that are preparing for hands-on cybersecurity certifications like the Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH) Practical, Licensed Penetration Tester (LPT), and several GIAC certifications. This course starts with an introduction to Linux, Python, and the Bash shell and then immediately dives into several hands-on lab scenarios where you will learn the details about Linux user and group accounts; Linux file permissions, networking, processes, and logs for incident response. In addition, you will learn how to create Linux-based firewalls and deploy open source Intrusion Prevention Systems (IPS). You will learn how to get started with Python, how to create your own network scanner and network sniffer using Python. You will learn several tips for post exploitation activities using Python. In this course, you will also learn how to use Bash scripting for penetration testing and for incident response.
Build Your Labs using VMs, Containers, or even in the cloud! >>
Numerous cybersecurity and penetration testing tools and techniques have the potential to damage or destroy the target system or the underlying network. In addition, if malware is used in testing, there is the potential for infection and spread if testing in an Internet-connected testbed. This class will teach how to build your own virtualized, physical, or cloud-based environment to practice your skills in a safe ecosystem.
You will learn what you need to create a lab for offensive and defensive cybersecurity concepts. You will also learn and obtain access to numerous tools that you can use to practice your skills, from virtual machines (VMs), Docker containers, and intentionally vulnerable systems. You will learn how you can leverage tools like Virtual Box, VMWare Workstation/Fusion, ESXi, Proxmox, or even OpenStack to build your own cyber range. In addition, you will also learn how to use tools like Vagrant and Ansible to automate a lot of tasks. Vagrant files and Ansible playbooks will be shared during the class for you to build complex lab environments within minutes. You will also learn how to create environments in cloud services such as AWS, Azure, Google Cloud, and Digital Ocean.
This course is designed for anyone preparing for a certification like Certified Ethical Hacker (CEH), CompTIA PenTest+, CEH Practical, Offensive Security Certified Professional (OSCP), Cisco CCIE Security, CCNP Security. It is also designed to help those just learning how to perform penetration testing (ethical hacking), exploit development, or reverse engineer malware.
This live and interactive training is designed to help you get started building different lab environments to practice cybersecurity skills. This training is important for any individuals preparing for cybersecurity certifications or that are just passionate about learning new hands-on skills.