Governance, risk, and compliance
- Security program documentation: policies, procedures, standards, and guidelines.
- Program management: training (phishing, security, privacy), communication, reporting, and RACI matrix.
- Frameworks: COBIT, ITIL, etc.
- Configuration management: asset life cycle, CMDB, and inventory.
- GRC tools: mapping, automation, and compliance tracking.
- Data governance: production, development, testing, and QA.
- Risk management: impact analysis, risk assessment (quantitative vs. qualitative), third-party risk, confidentiality, integrity, and availability.
- Threat modeling: actor characteristics, attack patterns, and frameworks (ATT&CK, CAPEC, STRIDE).
- Attack surface: architecture reviews, data flows, and trust boundaries.
- Compliance strategies: industry-specific standards (PCI DSS, ISO 27000).
- Security frameworks: NIST, CSF, CSA, and others.
Security architecture
- Cloud capabilities: CASB (API-based, proxy-based), shadow IT detection, shared responsibility model, CI/CD pipeline, Terraform, Ansible, container security, orchestration, and serverless workloads.
- Cloud data security: data exposure, leakage, remanence, insecure storage, and encryption keys.
- Cloud control strategies: proactive, detective, and preventative controls; customer-to-cloud connectivity, service integration, and continuous authorization.
- Network architecture: segmentation, micro segmentation, VPN, always-on VPN, and API integration.
- Security boundaries: asset identification, management, attestation, data perimeters, and secure zones.
- De-perimeterisation: SASE, SD-WAN, and software-defined networking.
- Zero trust concepts: defining subject-object relationships.
Security engineering
- Automation: scripting (PowerShell, Bash, Python), event triggers, IoC, cloud APIs, generative AI, containerization, patching, SOAR, and workflow automation.
- Vulnerability management: scanning, reporting, and SCAP (OVAL, XCCDF, CPE, CVE, CVSS).
- Advanced cryptography: PQC, key stretching, homomorphic encryption, forward secrecy, and hardware acceleration.
- Cryptographic use cases: data at rest, in transit, and in use; secure email, blockchain, privacy, compliance, and certificate-based authentication.
- Cryptographic techniques: tokenization, code signing, cryptographic erase, digital signatures, hashing, and symmetric/asymmetric cryptography.
Security operations
- Monitoring and data analysis: SIEM (event parsing, retention, false positives/negatives), aggregate analysis (correlation, prioritisation, trends), and behaviour baselines (network, systems, users).
- Vulnerabilities and attack surface: injection, XSS, insecure configurations, outdated software, and weak ciphers; mitigations include input validation, patching, encryption, and defence-in-depth.
- Threat hunting: internal intelligence (honeypots, UBA), external intelligence (OSINT, dark web, ISACs), TIPs, IoC sharing (STIX, TAXII), and rule-based languages (Sigma, YARA, Snort).
- Incident response: malware analysis (sandboxing, IoC extraction, code stylometry), reverse engineering, metadata analysis, data recovery, and root cause analysis.
Exams and assessments
This course prepares learners for the CompTIA SecurityX® (CVO-005) certification exam, taken post course, and included with your course booking.
- Exam format: Maximum of 90 multiple-choice and performance-based questions
- Duration: 165 minutes
- Grading: Pass/fail
Participants will also complete scenario-based labs, knowledge checks, and discussions to reinforce exam readiness. An exam voucher is included.
Hands-on learning
This course features:
- Guided labs to apply concepts in identity, network, and cloud security
- Real-world threat modelling, compliance, and automation tasks
- Group discussions on AI risks, Zero Trust, and governance practices
- Instructor-led simulations of incident response and malware forensics
