Join our 16 intensive modules and equip yourself with 16 essential cybersecurity skills for Windows systems!
The program consists of 16 modules covering different area of cybersecurity. Each module is delivered live on Zoom and consists of 8 hours of interactive and demo-intensive workshops, starting at 9:00 AM CET and ending at 5:00 PM CET. A Discord Server will also be set-up for you to receive continuous assistance and support from CQURE’s Experts during the program.
Each workshop will be complemented by pre-work assignment (some reading material that will help you prepare for the workshop), an additional home assignment (e.g., self-study exercises, additional reading materials, labs etc).
All of the live workshops will be recorded and accessible for you any time – in case you need to attend some other duties/holidays or simply want to recap. You will have access to each workshop recording for 12 months after the live training.
You will get to learn from some of the best cybersecurity Experts in their field. We run all workshops always with the newest content to give you relevant industry skills. Everything you will learn has been vetted by passionate practitioners from the CQURE team.
You can enroll in separate modules or in the full program. The decision is yours.
CMAP agenda
Module 1: Boosting your penetration testing skills
Date: 29.01.2026
Instructor: Artur Kalinowski
- From zero to domain admin almost always working exploitation techniques and discovery
- Advanced network penetration testing
- Bypassing modern security controls
- Reporting and remediation strategies in penetration testing
Module 2: : Threat hunting with AI support
Date: 12.02.2026
Instructor: : TBA
- Introduction to threat hunting and AI in cybersecurity
- Leveraging AI to detect anomalies and threats
- Automating threat hunting with machine learning
- Using AI-powered tools for real-time threat detection
Module 3: Hardening Active Directory Infrastructure
Date: 05.03.2026
Instructor: Peter Kloep
- Modern Identity Attack Techniques
- Preventing Credential Theft and Misuse
- Recommended AD Configuration Options
- OS-Level Credential Protection Features: LSA Protected Process, Credential Guard, and RDP
Restricted Admin Mode
- Detecting Backdoors in Active Directory
Module 4: : Privileged Access Workstations (PAW) in 2026
Date: 02.04.2026
Instructor: Sami Laiho
- On-prem & cloud PAWs
- Hardware vs. VM trade-offs
- Just-enough admin
- Break-glass paths
Module 5: Malware Investigation & Yara Rules
: 16.04.2026
Instructor: Amr Thabet
- Malware Investigation Fundamentals
- Static & Dynamic Analysis
- Building Effective YARA Rules
- Testing & Operationalizing YARA
Module 6: Become a Hunter: configuring and perfecting monitoring with Sentinel + MDE Design
Date: 07.05.2026
Instructor: Norbert Krzepicki
- Signals that matter
- Cost-aware data plans
- Advanced hunting
- Incident workflows across SIEM + EDR
Module 7: Securing SQL Server
Date: June 28.05.2026
Instructor:Damian Widera
- SQL Server Security Baseline Concepts
- SQL Server Instance Security
- Managing Logins & Passwords
Module 8: Mastering Public Key Infrastructure (PKI), Certificate Services and FIDO2
Date: 18.06.2026
Instructor: Peter Kloep
- Cryptography basics
- Essence of PKI
- Best practices for PKI Architecture
- Active Directory Certificate Services Migration
- Attacks on Certificates Infrastructure & Mitigations
Module 9: Identity Under Fire: Entra ID, Conditional Access & MFA Configuration
Date: 09.07.2026
Instructor: Marcin Krawczyk
- Secure Entra ID at scale
- Token protection
- Phishing-resistant MFA
- Session risk & workload identities
Module 10: PowerShell for Digital Investigation & Triage
Date: 30.07.2026
Instructor: Amr Thabet
- PowerShell Essentials for Investigators
- Collecting System & User Artifacts
- Analyzing Evidence with PowerShell
Module 11: Mastering Code Security r>
Date: 10.09.2026
Instructor: Ronald Harmsen
- Introduction to OWASP Secure Coding
- Authentication and Access Control
- Hardening your API and Web application
Module 12: Cloud Post-Exploitation Mitigation: Azure & Microsoft 365
Date: September 25th
Instructor: Marcin Krawczyk
- Abusing app registrations
- Compromised service principals
- OAuth consent
- Mailbox exfiltration paths
- SharePoint exfiltration paths
Module 13: Modern Windows Security Baselining: Standards, Settings and Solutions for Managing
Safe Environment
Date: 01.10.2026
Instructor: John O’Neill
- Harden Windows 11/Server 2025
- Secure AD/Entra ID hybrid joins
- Local admin controls
- New auditing baselines
Module 14: Configuring Application Whitelisting
Date: 07.10.2026
Instructor: Sami Laiho
- Whitelisting in general
- Advanced network penetration testing
- Implementing AppLocker
- Managing AppLocker
- Troubleshooting AppLocker
Module 15: Deprecation NTLMv2 – Technical Preparation and Infrastructure Considerations
Date: 19.11.2026
Instructor: Peter Kloep
- Understanding NTLMv2 risks and Microsoft’s deprecation roadmap
- Discovering and auditing NTLMv2 dependencies in your environment
- Planning migration to Kerberos and modern authentication mechanisms
- Technical remediation strategies and compatibility considerations
- Monitoring, fallback options and operational continuity
Module 16: Steps for Building Incident Response Readiness
Date:10.12.2026
Instructor: Paula Januszkiewicz
- Defining IR readiness: scope, roles and responsibilities
- Building effective detection and response playbooks
- Integrating tooling, automation and communication channels
- Validating readiness with tabletop and purple-team exercises
- Continuous improvement: metrics, after-action reviews and roadmap
Cybersecurity Master Annual Program
