ESCP Cybersecurity Bootcamp
Curriculum
Our curriculum is award-winning, and we evolve it to meet the needs of the job-market and ever-changing world of cybersecurity.
curriculum
Introduction to Cybersecurity
This module introduces core principles that are essential to forming a security mindset, which include the CIA Triad (Confidentiality / Integrity / Availability), Defense-in-Depth, Authentication, and Authorization. Cybersecurity is a broad subject so this module provides a general overview of the different domains within security including Application Security, Network Security, Hardware Security, Physical Security, Mobile Security, Operational Security (SecOps/OpsSec), Incident Response, Identity and Access Management, Governance, Risk & Compliance (GRC), and Disaster Recovery / Business Continuity.
topics:
Key Elements, CIA Triad, Defense-In-Depth, Domain Landscape, AAA Services
Networking
Networking is the process of how connections are made and how computers and systems communicate with each other which forms the basis of cybersecurity. This module provides the foundational understanding for computer networking and covers network protocols that are used for data communication, networking hardware, subnetting, networking utilities and traffic analysis.
topics:
LAN / WAN, OSI Model, TCP / IP Model, Network Protocols, IP v4 & IP v6, TCP, UDP, ICMP, Ports and Services, Routing & Switching, NAT / PAT, DNS, Network segmentation, Subnetting, VLANS
tools:
Kali Linux, TCPDUMP, Netcat, Netstat, Dig, Nslookup, Whois, Packet Tracer, Nmap, Wireshark
Security Program
This module focuses on how to understand, implement and manage a security program within an enterprise. Security professionals must have strong knowledge of how a company operates to implement effective security policies and procedures. You must understand who the organization’s employees, customers, suppliers, and competitors are and how digital information is created, accessed, and shared. Students will learn about the various compliance standards and security frameworks that are most used in the industry.
topics:
Cybersecurity governance and strategy, Risk management (Rating methodologies), Compliance (Legal / Regulatory / HIPAA / PCI - DSS)
tools:
NIST Cyber Security Framework, CIS Top 18 Framework
OSINT & Social Engineering
Open Source Intelligence (OSINT) is a tradecraft used for conducting reconnaissance and information against an adversary or target to gain insights into people or organizations. Students will learn how to gather information about a victim and craft a phishing campaign to compromise the victim’s organization. Knowledge of these simple offensive techniques will help students understand how to craft security awareness campaigns and defend against phishing attacks.
topics:
Information gathering with open source tools, Network and Domain enumeration, Anonymization on the Internet, Security Awareness, Social Engineering (Email / Phishing / In-Person / Telephony)
tools:
Kali Linux, Google Hacking Database, VPN, TOR Browser, Whois, DNS records, Traceroute, GoPhhish, Email Header Analysis, Shodan, theHarvester, OSINT Framework
Threat Intelligence
An enterprise cannot properly defend their information unless they understand who they are defending against. This module discusses the current threat landscape, Advanced Persistent Threats (APTs) and dives into where threats are coming from and what is motivating the nation-state and non-nation-state threat actors.
topics:
Threat Sources & Events, Adversarial (Fraud / Theft , Insider Threat, Malicious Hackers, Malicious Code, Malware, Ransomware, Espionage), Non-adversarial (Errors and Omissions, Physical Infrastructure, Privacy and Data Sharing), Threat Motivations (Monetary, Hacktivism, IP Theft, Espionage)
tools:
Data Breach Reports, MITRE ATT&CK Framework
Scripting for Security
Python has become increasingly popular in the offensive and defensive cyber communities. Tool developers and hackers primarily used Python, but with the rise of analysis-driven and proactive cyber activities, it is now a staple in the cybersecurity industry. In this self-paced module, students will learn the basics of scripting with Python to solve common and emerging cybersecurity challenges.
topics:
Client Server Model, App and Web Servers, programming fundamentals, functions and classes, API connections, Regular Expressions
tools:
Python, Jupyter Lab, Git, PIP, VirtualENV
Security Operations Architecture
The ability to prevent and detect cyber-attacks as they occur in real time is the epicenter of defending against cybercrime. Good defense starts with thoughtful network architecture design that leverages Cloud and on-prem technologies. In this module, students will learn about network architecture / design, virtual private cloud (VPC) configuration, end-point hardening and deployment, and secure two-factor authorization.
topics:
Network Architecture Design, Virtual Private Cloud (VPC) design, configuration and deployment, Firewalls (Access Control Lists / Filters / Rules / White List / Black List), Proxies, Remote Access, Virtual Private Network (VPN) configuration and deployment, Access Control, Infrastructure as Code, Cloud Infrastructure Auditing, Systems Hardening
tools:
Kali Linux, AWS, Terraform, ScoutSuite, DUO, Lynis, Windows Security Policies, OpenVPN
Security Operations Detection
Cybersecurity should always be proactive rather than reactive. It is much more difficult and expensive to address security after a system has been deployed. In this module, students will learn best practices for network threat modelling, prevention, and continuous monitoring and mitigation.
topics:
Detect / Defend, Traffic Analysis, Logging / Log Management, Security Information Event Management (SIEM), Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Data Loss Prevention (DLP)
tools:
Kali Linux, IPtables, Snort, SIEM Dashboards, ELK Stack
Cryptography
A cybercriminal cannot do as much damage to an enterprise if they are unable to read the stolen data. This module covers the core concepts of encryption (Boolean Logic, Modulus Arithmetic, hashing) and how it is used within secure protocols (SSL, TLS, SSH). It focuses on how to implement and manage encryption policies within an enterprise (signatures, key management, PKI). Students will learn the importance of understanding the vulnerabilities and misconfigurations that commonly go wrong during implementation. At the end of the module, students use brute force, rainbow tables and various other hacker tools to crack passwords from hashed data.
topics:
Boolean Logic, Modulus Arithmetic, Symmetric / Asymmetric, Hashing, TLS / SSL, Disk encryption, Key Derivation Functions, Digital Signatures, Key Management: Public Key Infrastructure, Password Cracking: Rainbow Tables
tools:
OpenSSL, CertBot, Nginx, MD5 / SHA, CertBot, Hydra, Hashcat
AppSec & Offensive Security
How do we know if all the policies, procedures, firewalls, ACLs, or intrusion detection and prevention systems are working unless we test them? This module focuses on how to review security programs and perform various security vulnerability assessments throughout an enterprise. Students will embody the mindset of a hacker and perform penetration tests where they mimic real-world attacks to identify methods to circumvent the security features of an application, system, or network. A successful penetration tester has in-depth knowledge of how networks, systems, and applications are defended. This module allows students to test everything they have learned thus far. Students participate in a competitive red team / blue team exercise to showcase their skills in a team environment.
topics:
Assessment Approach, Testing Viewpoints (Internal / External, Overt / Covert, White box / Gray Box / Black Box), Mitigation and Remediation, OWASP Top 10, Vulnerability Scanning, Penetration Testing, Bug Bounty, DevSecOps, Red Team / Blue Team
tools:
Nmap, Metasploit, Nikto, Nessus, Burp Suite, Veracode, Shodan, Discover scripts, DNSExfiltrator, Qualys
Threat Hunting & Incident Response
There are two types of companies: companies that know they have been breached and companies that do not know they have been breached. One-third of U.S. businesses were breached last year and nearly 75% were unaware of how the incident occurred. In this module, students learn why it is vital for companies to properly respond after a breach and have a process to perform a forensics analysis to learn how the breach occurred and understand how it affects the company.
topics:
CSIRT, NIST: IR Methodology (Preparation / Detection & Analysis / Containment, Eradication & Recovery / Post-Incident Activity), NIST: Forensics Process (Data Collection / Examination / Analysis / Reporting), Threat Intelligence (Cyber Kill Chain / Diamond Model)
tools:
NetworkMiner, Windows Event Logs, Volatility, BinText, Incident Response Tabletop exercises
Security Apprenticeship
Cybersecurity should always be proactive rather than reactive. It is much more difficult and expensive to address security after a system has been deployed. In this module, students will learn best practices for network threat modelling, prevention, and continuous monitoring and mitigation.
Job Preparation
In addition to the technical cybersecurity training, students will learn the skills and strategy to confidently navigate their job search with our support. Job preparation training is integrated throughout the bootcamp and available after graduation. Through career coaching, cybersecurity resume prep, mock interviews, networking strategies, alumni connections and employer partners, students land jobs that launch their cybersecurity careers. Students are encouraged to take advantage of virtual and in-person EvolveSec Meetup events to connect with industry professionals and expand their network. We know what it takes to get a job in cybersecurity and support our students throughout their job search process.
topics:
Networking, LinkedIn Profile, Resume Prep, Interview Prep, Career Coaching, Job Search Strategy, Continuing Education