Exploration of the fundamental concepts, tools and techniques of pentesting and ethical hacking. Perform a pentest on a simulated infrastructure and write a findings report.
Web vulnerability analysis (OWASP Top 10) and web application security techniques. Analysis and exploitation of vulnerabilities in a vulnerable web application (OWASP Juice Shop).
Introduction to exploit development and binary analysis via reverse engineering. Developing an exploit for a known vulnerability in a simulated environment.
Firewall configuration and management, threat detection and prevention. Configure a firewall with advanced rules to block simulated attacks.
Fundamental techniques for collecting and analyzing digital evidence. Analysis of hard disks and logs to identify an intrusion in a simulated environment.
Analyze event logs and master SIEM tools. Implement and analyze alerts in a SIEM (e.g. Splunk) to detect an attack.
Project management in cybersecurity, agile methodologies and project risk management. Creation of a project plan for a multi-team pentesting campaign.
Fundamental concepts of risk management and introduction to governance frameworks (ISO 27001, NIST). Risk analysis of a fictitious infrastructure and proposal of corrective measures.
Develop skills in professional English, with a focus on written and oral communication adapted to technical and international contexts.
Explore governance frameworks (ISO 27001, NIST, COBIT) to structure information security. Develop a governance plan based on a framework (ISO 27001) for a fictitious SME.
Design business continuity and disaster recovery plans to ensure resilience. Draw up a business continuity plan for a company affected by a major cyber attack.
Crisis management of cybersecurity incidents, coordination and communication. Simulate a response to a critical incident, with step-by-step documentation and appropriate communication.
Understanding regulatory requirements (GDPR, HIPAA) and making information systems compliant. Conduct a GDPR compliance audit on a simulated infrastructure.
Design security strategies aligned with business needs and identified risks. Design a security architecture for a hybrid infrastructure (cloud and on-premises).
Leadership skills to manage teams and promote a safety culture. Develop a training and awareness plan for a technical team.
Data confidentiality management and ethical considerations in cybersecurity. Draft a personal data management policy that complies with ethical and legal standards.
Implementing governance and compliance in cloud environments. Develop a governance plan for a multi-cloud environment (AWS, Azure).
Develop skills in professional English, with a focus on written and oral communication adapted to technical and international contexts.