This course will help you build a foundation of some of the fundamental concepts in secure programming. We will learn about the concepts of threat modeling and cryptography and you'll be able to start to create threat models, and think critically about the threat models created by other people. We'll learn the basics of applying cryptography, such as encryption and secure hashing. We'll learn how attackers can exploit application vulnerabilities through the improper handling user-controlled data. We'll gain a fundamental understanding of injection problems in web applications, including the three most common types of injection problems: SQL injection, cross-site scripting, and command injection. We'll also cover application authentication and session management where authentication is a major component of a secure web application and session management is the other side of the same coin, since the authenticated state of user requests need to be properly handled and run as one session. We'll learn about sensitive data exposure issues and how you can help protect your customer's data. We'll cover how to effectively store password-related information, and not to store the actual plaintext passwords. We'll participate in coding assignment that will help you to better understand the mechanisms for effectively storing password-related information. Along the way, we’ll discuss ways of watching out for and mitigating these issues and be able have some fun and exploit two different vulnerabilities in a web application that was designed to be vulnerable, called WebGoat.

This course gives you the background needed to gain Cybersecurity skills as part of the Cybersecurity Security Analyst Professional Certificate program. You will understand network defensive tactics, define network access control and use network monitoring tools. You will understand data protection risks and explore mobile endpoint protection. Finally you will recognize various scanning technologies, application security vulnerabilities and threat intelligence platforms. This course also gives you hands on access to cybersecurity tools important to a system analyst. This course is intended for anyone who wants to gain a basic understanding of Cybersecurity or as the sixth course in a series of courses to acquire the skills to work in the Cybersecurity field as a Cybersecurity Analyst. The completion of this course also makes you eligible to earn the Cyber Threat Intelligence IBM digital badge. More information about the badge can be found https://www.youracclaim.com/org/ibm/badge/cyber-threat-intelligence. In this course, you will learn to: • Describe examples of network defensive tactics. • Discuss data loss prevention and endpoint protection concepts and tools. • Explore a data loss prevention tool and learn how to classify data in your database environment. • Describe security vulnerability scanning technologies and tools. • Recognize application security threats and common vulnerabilities. • Identify the key concepts around threat intelligence. • Explore a SIEM product and review suspicious alerts and how to take action.

This is a self-paced lab that takes place in the Google Cloud console. In this hands-on lab, you will learn the basics of Vault.

This course it the first part of the Python for Cybersecurity Specialization. Learners will get an introduction and overview of the course format and learning objectives.

Explore the C and C++ languages. Look at the specificity of the C/C++ languages and how this impacts security, ways C/C++ can interact with the external world, error handling, the execution environment and much more.

Managing cybersecurity is about managing risk, specifically the risk to information assets of valued by an organization. This course examines the role of Governance, Risk Management, and Compliance (GRC) as part of the Cybersecurity management process, including key functions of planning, policies, and the administration of technologies to support the protection of critical information assets. In this course, a learner will be able to: ● Identify the importance and functions of Governance, Risk Management, and Compliance in Cybersecurity program management. ● Describe best practices in risk management including the domains of risk assessment and risk treatment. ● Describe the structure and content of Cybersecurity-related strategy, plans, and planning ● Identify the key components and methodologies of Cybersecurity policies and policy development ● Discuss the role of performance measures as a method to assess and improve GRC programs

Every organization uses its information to support its business operations. When there are threats in the internal and external environments, they create the risk of information loss or damage. This course examines the design and construction of a risk management program, including policies and plans, to support the identification and treatment of risk to the organization’s information assets.

The Cyber Incident Response course will give students an understanding of how incidents are responded to at a high level, as well as allow them to build important technical skills through the hands-on labs and projects. This course starts with a high-level discussion of what happens at each phase of responding to an incident, followed by a technical deep dive into some of the more exciting parts of memory, network, and host analysis and forensics. This course is for anyone wishing to apply learned forensics and offensive knowledge such as ethical hacking to the incident response process.

This 8 week online course equips learners with the basics of network virtualization with VMware NSX. To get the most of this course, you should have familiarity with generic IT concepts of routing, switching, firewalling, disaster recovery, business continuity, cloud and security. At the end of the course, you will be able to: • Understand network virtualization basics • Describe NSX business value and use cases • Explain how NSX is different from traditional networking • Summarize networking and security solution architecture with VMware NSX around these key areas: + Micro-segmentation + Automation with OpenStack + Automation with VMware vRealize Automation + Disaster Recovery and Business Continuity + Operational Transformation • Demonstrate understanding through hands-on experience • Develop a learning plan for network virtualization certification If you are new to network virtualization, download our Network Virtualization for Dummies guide. http://learn.vmware.com/36350_NSX_ITAutomation_Reg?src=af_5acfd24cebb90&cid=70134000001YR9b All Hands on Labs referenced in this course are OPTIONAL and available for FREE. Direct links to free labs can be found on the Resources Tab or you can access our full library at https://labs.hol.vmware.com/HOL/catalogs/catalog/877

Palo Alto Networks Cybersecurity Foundation Course Description: In this course, students will learn fundamental principles associated with the current cybersecurity landscape and identify concepts required to recognize and potentially mitigate attacks against enterprise networks as well as mission critical infrastructure. Students will also learn how to initially setup and configure security zones, authentication, and policies on a next generation firewall. Learning Objectives: Upon completion of this course, students will be able to: Upon completion of this course students will be able to perform the following: • Discover modern computing trends and application threat vectors. • Configure a network interface and test for connectivity. • Identify cloud computing and software-as-a-service (SaaS) application challenges. • Explore recent cyberattacks and their impact on business. • Review attacker profiles, motivations and the Cyber-Attack Lifecycle. • Recognize high-profile cybersecurity attacks and Advanced Persistent Threats. • Identify malware types, vulnerabilities, exploits, spamming and phishing attacks. • Configure and test a malware analysis security profile. • Describe how bots and botnets are used to attack enterprise networks. • Explore Zero Trust design principles, architecture, capabilities, and implementation. • Review perimeter network security strategies, policies, models, and trust boundaries. • Setup and configure inside, outside and DMZ security zones on a NGFW. • Create and test an authentication policy on a next generation firewall. • Review capabilities of the Security Operating Platform and components. • Explore how to secure the enterprise with NGFW and Traps endpoint protection. • Discover how to secure the cloud with Prisma Access, SaaS, and Cloud. • Examine how to secure the future with Cortex Data Lake and XDR. • Apply two-factor authentication on the next generation firewall (NGFW). • Configure the NGFW to allow only trusted applications.