Threat & Vulnerability Management

About this course

Continuous assessment of threats and vulnerabilities is a common practice in a security program. As a CISO, you will set up, manage, and measure the threat and vulnerability process. In this module, we will explain the basics of threat and vulnerability management.

We start with the common ways how security events are identified and logged. SIEM (Security Incident and Event Management) tools will help you capture and correlate logs. SOC (Security Operating Center) is used to monitor all the events and correlations and respond as soon as new events are detected. We will discuss frameworks such as MITRE Att&ck, a knowledge base, and a model that reflects the various phases of an attack lifecycle. It documents attacker tactics and techniques based on real-world observations.

During this module, we will discuss different types of hacking. First, we will teach you the ins and outs of whiteboard hacking (aka Threat Modelling). Next, you will learn how Penetration Testing by ethical hackers fits into the threat and vulnerability management program. We will discuss what kinds of penetration tests you can set up, such as blue, red, and purple teams. We will also discuss the insider threat, as employees sometimes are the first “hackers” you will be confronted with.

In the last section of this course, we will focus on vulnerability and patch management. To protect you from threats, the management of vulnerabilities is crucial. A well-defined and properly managed management of vulnerabilities increases your security resilience.

Why take this course?

• Learn what threat and vulnerability management entails
• Understand the concepts of SIEM and SOC to monitor threats
• Know the role of hacking in a security program
• Be successful in the management of vulnerabilities and patches

Target group

Who is the Certified CISO program’s ‘Threat and vulnerability management’’ module intended for? This module targets information and cybersecurity officers, managers and other security professionals tasked with crafting a companywide information security upgrade strategy. Those working in risk management and/or conducting security-related audits could also benefit from this course.

Learning goals

• SIEM and SOC management
• MITRE Att&ck and other frameworks
• Threat Modeling and intelligence gathering
• Penetration Testing & Red Teaming Strategy
• Vulnerability & patch management
• Insider Risk Management
• Security Incident Management

The educational approach of this course

When it comes to establishing and running a proper Security Governance Programme, there are a variety of approaches. A one-size-fits-all formula doesn’t apply.

And it’s for that reason that this course has a two-fold objective. It aims to introduce you to the current standards and frameworks available and to supply you with the practical skills required to apply them correctly within your organisation.

To accomplish this, we’ve lined up highly skilled professionals who have been in the trenches for years. They share practical advice and workarounds and teach you the core of what you need to know. The course itself blends theoretical models, frameworks, and standards to give you an overview of what’s out there, combined with practical exercises for applying what you’ve learnt in real-life situations.

• Theory: Threat landscapes and response methodologies.
• Case Study: Analyze a company with no logging or incident response process that faces a potential breach.
• Practical Assignment: Create an Incident Response Playbook for a specific scenario (e.g., ransomware).
• Feedback: Walkthrough of playbooks during the online session.

End product

You’ll be awarded a certificate of completion at the end of the course.

Your bonus training package includes:

• Training material (printed and PDF format): handouts of the presentations with notes
• Extra online training materials
• A list of useful links with additional information on standards and frameworks discussed during class
• The exercises and their solutions (where applicable)

How to prepare yourself

This is a classroom-based, non-technical course. Bring something along (e.g., a laptop, notebook, tablet) to take additional notes.

Course prerequisites:

• A basic understanding of IT
• Some experience in a corporate environment as a manager could be beneficial but is not essential.

Between the two in-person training days and the online follow up session, you will have homework:

• Complete the online knowledge assessment
• Prepare an assignment for discussion during the online session.