Exploration of the fundamental concepts, tools and techniques of pentesting and ethical hacking. Perform a pentest on a simulated infrastructure and write a findings report.
Web vulnerability analysis (OWASP Top 10) and web application security techniques. Analysis and exploitation of vulnerabilities in a vulnerable web application (OWASP Juice Shop).
Introduction to exploit development and binary analysis via reverse engineering. Developing an exploit for a known vulnerability in a simulated environment.
Firewall configuration and management, threat detection and prevention. Configure a firewall with advanced rules to block simulated attacks.
Fundamental techniques for collecting and analyzing digital evidence. Analysis of hard disks and logs to identify an intrusion in a simulated environment.
Analyze event logs and master SIEM tools. Implement and analyze alerts in a SIEM (e.g. Splunk) to detect an attack.
Project management in cybersecurity, agile methodologies and project risk management. Creation of a project plan for a multi-team pentesting campaign.
Fundamental concepts of risk management and introduction to governance frameworks (ISO 27001, NIST). Risk analysis of a fictitious infrastructure and proposal of corrective measures.
Develop skills in professional English, with a focus on written and oral communication adapted to technical and international contexts.
In-depth exploration of SOC operations, threat detection techniques and alert management. Set up a simulated SOC and configure a SIEM to detect and respond to an attack campaign.
Malware analysis, signature creation and containment strategies to limit damage. Analyze unknown malware and develop a containment and removal strategy.
Cloud infrastructure monitoring, incident management, and high availability implementation. Configure a cloud monitoring solution (e.g., AWS GuardDuty) and document a resilience plan.
Advanced firewall settings to block complex attacks and manage distributed networks. Create advanced firewall rules and test them against simulated attack scenarios.
Design and deploy a Zero Trust architecture to enhance organizational security. Design a Zero Trust architecture for a fictitious corporate network and document the implementation.
Best practices for secure development, vulnerability identification and code review. Perform a code review on a vulnerable application and correct identified vulnerabilities.
Proactively manage vulnerabilities and implement patch strategies to reduce risk. Deploy a vulnerability management strategy on a simulated network, including patch prioritization.
Using SOAR platforms to automate incident response and security workflows. Configure a SOAR platform to automatically respond to a simulated incident with full documentation.
Develop skills in professional English, with a focus on written and oral communication adapted to technical and international contexts.
