Security is a major concern in the DevOps world. There is a constant push for companies to move more quickly, and security teams struggle to keep up with testing. This has led to the rise of a new field: DevSecOps. This course introduces the concept of DevSecOps and explains how an organization can build out a DevSecOps program that helps teams integrate security into the application development pipeline. Learn about the role of APIs, containers, and automation, and how a continuous integration and delivery framework can help your organization run security tests as often as developers want. Instructor Tim Chase also introduces some free tools and resources for starting your DevSecOps journey.

The number of IoT (internet of things) devices being deployed is growing exponentially and securing those devices is a huge challenge. In this course, Luciano Ferrari discusses how IoT devices work, including the architectures and protocols used. He covers the main attack surfaces used by hackers and security professionals against IoT devices, how to assess IoT security threats and vulnerabilities, and how to properly secure the devices by following industry best practices and implementing countermeasures.

Learning Objectives:

  • How IoT devices work
  • IoT technologies and protocols
  • IoT communication models
  • Common OWASP vulnerabilities
  • Overcoming inherent IoT challenges
  • Attacks occurring on IoT devices
  • Methodologies used for hacking
  • Securing IoT devices


Apply for this course

What is ethical hacking? When it comes to cybersecurity, hacking comes in many colors: white, grey, black, and shades in between. White hat hackers use their skills for good. They practice ethical hacking: involved testing to see if an organization's network is vulnerable to outside attacks. Ethical hacking is key to strengthening network security, and it's one of the most desired skills for any IT security professional. If you're interested in becoming an ethical hacker, or getting started securing your own network, this introduction is for you. Security expert Lisa Bock explores today's threat landscape, dissecting the top attack vectors and motives for attacks. Lisa identifies a variety of ways to secure an organization, explores policies that help enforce security objectives, and more.

Note: The Ethical Hacking series maps to the 20 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50) version 10.

Learning Objectives:

  • Today's threat landscape
  • Managing incidents
  • Creating security policies
  • Protecting data
  • The COBIT framework
  • Conducting penetration testing


Apply for this course

What is ethical hacking? When it comes to cybersecurity, hacking comes in many colors: white, grey, black, and shades in between. White hat hackers use their skills for good. They practice ethical hacking: involved testing to see if an organization's network is vulnerable to outside attacks. Ethical hacking is key to strengthening network security, and it's one of the most desired skills for any IT security professional. If you're interested in becoming an ethical hacker, or getting started securing your own network, this introduction is for you. Security expert Lisa Bock explores today's threat landscape, dissecting the top attack vectors and motives for attacks. Lisa identifies a variety of ways to secure an organization, explores policies that help enforce security objectives, and more.

Note: The Ethical Hacking series maps to the 20 parts of the EC-Council Certified Ethical Hacker (CEH) exam (312_50) version 10.

Learning Objectives:

  • Today's threat landscape
  • Managing incidents
  • Creating security policies
  • Protecting data
  • The COBIT framework
  • Conducting penetration testing


Apply for this course

Social engineering is a technique hackers use to manipulate end users and obtain information about an organization or computer systems. In order to protect their networks, IT security professionals need to understand social engineering, who is targeted, and how social engineering attacks are orchestrated.

In this course, cybersecurity expert Lisa Bock discusses the methods a hacker might use, including embedding malicious links and attachments in emails and using mobile devices and social media to deploy an attack. She discusses the concept of "misuse of trust"—how hackers use charm, power, and influence to penetrate an organization—and why you need to be extra cautious with the disgruntled employee. Finally, Lisa discusses countermeasures security professionals can take to address these attacks.

Note: This course maps to the Social Engineering competency of the Certified Ethical Hacking exam. Review the exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.

Learning Objectives:

  • Visualizing the victim
  • Recognizing an attack
  • Using charm, power, and influence
  • Manipulating with social media
  • Preventing insider attacks
  • Stealing identities
  • Pen testing with social engineering
  • Taking countermeasures


Apply for this course

System hacking is the way hackers get access to individual computers on a network. Ethical hackers learn system hacking to detect, prevent, and counter these types of attacks. This course explains the main methods of system hacking—password cracking, privilege escalation, spyware installation, and keylogging—and the countermeasures IT security professionals can take to fight these attacks. Security expert Lisa Bock also covers steganography, spyware on a cell phone, and tactics for hiding files and tools. These tutorials, along with the other courses featured in the Ethical Hacking series, will prepare students to pass the Certified Ethical Hacker exam and start a career in this in-demand field. Find out more about the exam at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.

Learning Objectives:

  • Acquiring passwords
  • Generating rainbow tables
  • Understanding where passwords are stored
  • Defending against privilege escalation
  • Understanding spyware
  • Protecting against keylogging
  • Detecting steganography
  • How hackers cover their tracks


Apply for this course

Wireless networks are convenient and popular, but poor configuration and encryption leave them open to attack. Hackers can use Wi-Fi vulnerabilities to infiltrate your entire network. Security professionals need to know how to detect, prevent, and counter these kinds of attacks using the latest tools and techniques—the subject of this course with cybersecurity expert Malcolm Shore. Malcolm covers everything from configuring basic security to understanding how hackers extract passwords, harvest connections at rogue access point, and attack networks via Bluetooth. He also explains how to select the right antennae for testing and introduces some sophisticated Windows and Linux tools to scan for vulnerabilities, including Acrylic, Ekahau, and Wireshark. By the end of the course, you should be able to shore up your wireless connections and gain confidence that your local network is safe to use.

Note: This course is part of our test prep series for the Certified Ethical Hacker exam. Review the complete exam objectives at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.

Learning Objectives:

  • Selecting an antenna
  • Configuring security
  • Extracting WEP and network passwords
  • Testing passwords
  • Harvesting connections from rogue access points
  • Attacking networks via Bluetooth
  • Capturing wireless packets with Acrylic Wi-Fi
  • Heat mapping with Ekahau
  • Wi-Fi sniffing with Wireshark
  • Testing the Internet of Things


Apply for this course

En tant que responsable de la sécurité ou DSI, vous devez mettre en place une politique de cybersécurité pour répondre aux menaces qui pèsent sur votre informatique. Pour cela, Pierre Cabantous vous propose de faire un tour de la cybersécurité en entreprise. Dans ce cours, vous étudierez la démarche d'un pirate, avant et après l'intrusion dans un système, à la suite de l'exploitation d'une vulnérabilité. Vous verrez comment gérer ces vulnérabilités par rapport à un niveau de risque que vous apprendrez à calculer. Vous aborderez aussi une des principales menaces encourues aujourd'hui par tout service accessible en ligne : les attaques par déni de service. Puis vous découvrirez comment protéger votre organisation aux niveaux technique et organisationnel, en suivant des bonnes pratiques, des process ainsi que des normes européennes comme le RGPD.

This course is in French only. If this is not a problem for you, by all means go ahead and apply.

Apply for this course

Learn about the most important security concerns when developing websites, and what you can do to keep your servers, software, and data safe from harm. Instructor Kevin Skoglund explains what motivates hackers and their most common methods of attacks, and then details the techniques and mindset needed to craft solutions for these web security challenges. Learn the eight fundamental principles that underlie all security efforts, the importance of filtering input and controlling output, and smart strategies for encryption and user authentication. Kevin also covers special considerations when it comes to credit cards, regular expressions, source code managers, and databases.

This course is great for developers who want to secure their client's websites, and for anyone else who wants to learn more about web security.

Topics include:

  • Why security matters
  • What is a hacker?
  • How to write a security policy
  • Cross-site scripting (XSS)
  • Cross-site request forgery (CSRF)
  • SQL injection
  • Session hijacking and fixation
  • Passwords and encryption
  • Secure credit card payments