Join our 16 intensive modules and equip yourself with 16 essential cybersecurity skills for Windows systems!
The program consists of 16 modules covering different area of cybersecurity. Each module is delivered live on Zoom and consists of 8 hours of interactive and demo-intensive workshops, starting at 9:00 AM CET and ending at 5:00 PM CET. A Discord Server will also be set-up for you to receive continuous assistance and support from CQURE’s Experts during the program.
Each workshop will be complemented by pre-work assignment (some reading material that will help you prepare for the workshop), an additional home assignment (e.g., self-study exercises, additional reading materials, labs etc).
All of the live workshops will be recorded and accessible for you any time – in case you need to attend some other duties/holidays or simply want to recap. You will have access to each workshop recording for 12 months after the live training.
You will get to learn from some of the best cybersecurity Experts in their field. We run all workshops always with the newest content to give you relevant industry skills. Everything you will learn has been vetted by passionate practitioners from the CQURE team.
You can enroll in separate modules or in the full program. The decision is yours.
CMAP agenda
Module 1: Securing Windows Platform: Windows 11 & Windows Server 2022
Date: January 30th
Instructor: Paula Januszkiewicz
- Defining and disabling unnecessary services
- Implementing rights, permissions and privileges
- Code signing
- Implementing secure service accounts
Module 2: Hardening Active Directory Infrastructure
Date: February 27th
Instructor: Michael Grafnetter
- Modern Identity Attack Techniques
- Preventing Credential Theft and Misuse
- Recommended AD Configuration Options
- OS-Level Credential Protection Features: LSA Protected Process, Credential Guard, and RDP Restricted Admin Mode
- Detecting Backdoors in Active Directory
Module 3: Cloud-based incident response in Azure and Microsoft 365
Date: March 13th
Instructor: Beata Zalewa
- Azure&O365 cloud security challenges
- Zero Trust principles and architecture
- Incident response management process
- Cyber kill chain process
- Hunting through attack chain
- Azure monitor
- Azure incident response – best practices
Module 4: Detecting and hunting for malware activities and prevention
Date: March 27th
Instructor: Amr Thabet
- Intro to malware and malware functionalities
- Hunting for malware C&C communication in network activities
- Hunting for malware behaviour in Sysmon logs
- Creating a Yara rule for malware family of a suspicious functionality
Module 5: Implementing Privileged Access Workstations
: April 24th
Instructor: Sami Laiho
- Privileged Access Workstations – how and why?
- Different hardware and VM solutions for implementing PAWs
- Difference between normal and privileged
- Implementing and Managing On-prem PAWs
- Implementing and Managing Cloud-service PAWs
Module 6: Advancing at PowerShell for security and administration
Date: May 29th
Instructor: Michael Grafnetter
- PowerShell security and specific hacktools (like DSInternals)
- Advanced PowerShell course
- Auditing Active Directory using PowerShell
Module 7: Everything you need to know about application whitelisting
Date: June 12th
Instructor: Sami Laiho
- Whitelisting in general
- Implementing AppLocker
- Managing AppLocker
- Troubleshooting AppLocker
Module 8: High priority security features in Azure
Date: June 26th
Instructor: Beata Zalewa
- Managing identity and access in Microsoft Entra ID
- Network security
- Microsoft Purview data protection
- Microsoft Defender for Cloud
- Application security
Module 9: Securing monitoring of SQL Server to feed SIEM solutions
Date: July 31st
Instructor: Damian Widera
- SQL Server security baseline concepts
- SQL Server instance security
- Managing logins & passwords
Module 10: Techniques for effective automation with PowerShell
Date: August 28th
Instructor: Arnaud Petitjean
- Navigating execution policies: picking the right security strategy
- PowerShell language modes: locking down your scripts
- Fortify your scripts: the power of digital signatures
- Restricting execution permissions: enforcing least privilege for scripts
- Protecting sensitive information: secure secrets management in PowerShell
- AMSI: Defending against malicious code with PowerShell
- Comprehensive logging: auditing and monitoring your PowerShell scripts
Module 11: Threat hunting with AI support
Date: September 11th
Instructor: Paula Januszkiewicz
- Introduction to threat hunting and AI in cybersecurity
- Leveraging AI to detect anomalies and threats
- Automating threat hunting with machine learning
- Using AI-powered tools for real-time threat detection
Module 12: Cyber threat intelligence
Date: September 25th
Instructor: Paula Januszkiewicz, Piotr Pawlik
- Threat Intelligence, Assessment and Threat Modeling
- Open-Source Intelligence Tools and Techniques
- Patterns of Attack
Module 13: Mastering monitoring operations in Azure
Date: October 30th
Instructor: Piotr Pawlik
- Microsoft 365 Security from SOC Analyst perspective
- Microsoft 364 Defender for Endpoint – EDR story
- Detection and response with Sentinel – Let’s attack Contoso network
Module 14: Boosting your penetration testing skills
Date: November 13th
Instructor: Paula Januszkiewicz
- From zero to domain admin almost always working exploitation techniques and discovery
- Advanced network penetration testing
- Bypassing modern security controls
- Reporting and remediation strategies in penetration testing
Module 15: Defending against threats with SIEM Plus XDR
Date: November 27th
Instructor: Beata Zalewa
- Intro with Unified Security Operation with Defender XDR, Microsoft Sentinel and Security Copilot in the Defender XDR portal
- Configuring and managing Microsoft Defender XDR and integration with Defender Family
- Configuring and managing Microsoft Sentinel
- Configuring and managing Security Copilot
- Automated investigation and incident response with Microsoft Sentinel, Microsoft Defender XDR and Security Copilot
- Automatic attack disruption in Microsoft Defender XDR and SOC optimization
- Threat Hunting through attack chain with Defender XDR
Module 16: Implementing Secure Entra ID
Date: December 11th
Instructor: Piotr Pawlik
- Entra ID security settings
- Entra ID identity protection
- Entra ID privileged identity management (PIM)
- Entra ID password protection
Cybersecurity Master Annual Program
