Overview Next training

Duration 2 days
Time from 09h00 - 12h00 & 13h00 - 17h00
Next training date 23 october until 24 october 2024
Next training location Van der Valk Hotel Antwerp

Our teachers for the training: CISO M5: Threat & Vulnerability Management





Module 5 Threat & Vulnerability management - presentation video

How do you manage threat & vulnerability? Our teacher for this module, Tom Van den Eynde will enlighten you on all the aspects of this course module. 

This training is taught in English.

Continuous assessment of threats and vulnerabilities is a common practice in a security program. As a CISO, you will set up, manage, and measure the threat and vulnerability process. In this module, we will explain the basics of threat and vulnerability management.

We start with the common ways how security events are identified and logged. SIEM (Security Incident and Event Management) tools will help you capture and correlate logs. SOC (Security Operating Center) is used to monitor all the events and correlations and respond as soon as new events are detected. We will discuss frameworks such as MITRE Att&ck, a knowledge base, and a model that reflects the various phases of an attack lifecycle. It documents attacker tactics and techniques based on real-world observations.

During this module, we will discuss different types of hacking. First, we will teach you the ins and outs of whiteboard hacking (aka Threat Modelling). Next, you will learn how Penetration Testing by ethical hackers fits into the threat and vulnerability management program. We will discuss what kinds of penetration tests you can set up, such as blue, red, and purple teams. We will also discuss the insider threat, as employees sometimes are the first “hackers” you will be confronted with.

In the last section of this course, we will focus on vulnerability and patch management. To protect you from threats, the management of vulnerabilities is crucial. A well-defined and properly managed management of vulnerabilities increases your security resilience.

Why take this course?

  • Learn your role as a CISO in threat and vulnerability management
  • Understand the concepts of SIEM and SOC to monitor threats
  • Know the role of hacking in your security program
  • Be successful in the management of vulnerabilities and patches


This course is also the fifth module in a unique program intended to lead to formal CISO certification. To check out the other modules, download this file: CISO BROCHURE DOWNLOAD

Target group

Who is the Certified CISO program’s ‘Threat and vulnerability management’’ module intended for? This module targets information and cybersecurity officers, managers, and other security professionals tasked with crafting a companywide information security upgrade strategy. Those working in risk management and/or conducting security-related audits could also benefit from this course.

Learning goals

Your role as a CISO in:

  • SIEM and SOC management
  • MITRE Att&ck and other frameworks
  • Threat Modeling and intelligence gathering
  • Penetration Testing & Red Teaming Strategy
  • Vulnerability & patch management
  • Insider Risk Management
  • Security Incident Management

The educational approach of this course

There are various approaches to establishing and running a proper Security Governance Programme. A one-size-fits-all formula doesn’t apply.

For that reason, this course has a two-fold objective. It aims to introduce you to the current standards and frameworks available and supply you with the practical skills required to apply them correctly within your organization.

To accomplish this, we’ve lined up highly skilled professionals who have been in the trenches for years. They share practical advice and workarounds and teach you the core of what you need to know. The course itself blends theoretical models, frameworks, and standards to give you an overview of what’s out there, combined with practical exercises for applying what you’ve learned in real-life situations.

End product

At the end of the course, you will be awarded a certificate of completion. This module does not entail any exams or official certification.

Note: Do you have plans to pursue the entire ‘Certified CISO’ program? In that case, you’ll need a certificate of completion for all modules, and they must have been obtained within the past two years. The first six modules must be completed to start the 7th and final module, the ‘Master Project’, where you will apply the content of the previous modules to a single integrated project. Once finished, you’ll be awarded the ‘Certified CISO’ certificate if you obtain a positive evaluation.

Your bonus training package includes the following:

  • Training material (printed and PDF format): handouts of the presentations with notes
  • A list of useful links with additional information on standards and frameworks discussed during class
  • The exercises and their solutions (where applicable)

How to prepare yourself

This is a classroom-based, non-technical course. Bring something along (e.g., a laptop, notebook, tablet) to take additional notes.

Course prerequisites:

  • A basic understanding of IT
  • Some experience in a corporate environment as a manager could be beneficial but is not essential.


Day 1

09h00 - 17h00

1| Security Operations Center

  • Principles and technologies to manage security incidents (SIEM)
  • Monitor threats (SOC)
  • Resource management when managing security operations

2| MITRE Att&ck and other frameworks

  • What is MITRE ATT&CK?
  • How to put MITRE ATT&CK into use?
  • Learn about other frameworks for advisory tactics and techniques

3| Threat Modeling and intelligence gathering

  • What is Threat modeling (TM) aka white board hacking?
  • How do you execute a TM workshop?
  • What is the outcome of TM and how to manage the results?
  • How can intelligence gathering help you to identify new threats?

Day 2

09h00 - 17h00

1| Penetration Testing & Red Teaming Strategy

  • How penetration testing helps you to test your security posture?
  • Types of pentesting programs
  • How to manage the output of a pentest?
  • Contractual and legal aspects of pentesting
  • What are blue, red, and purple teams?

2| Vulnerability & patch management

  • What is vulnerability management
  • How to react on 0-day exploits?
  • Updates and versioning control
  • Patch management and roll out schemes

3| Insider Risk Management

  • What is the insider risk and how to manage it?
  • Common types of user errors
  • Incident reporting by end users
  • How to build an awareness programme?

4| Security Incident Management

  • Type of incidents
  • Incident categorization
  • Organization of the incident handling
  • How to prepare incident handling
  • Effectively manage security incident response
  • Incident reporting



VAT exclusive


"CISO Certificate of Completion"

Lunch, coffee, refreshments and course material included.

SME portfolio Flanders - higher subsidy for theme CYBERSECURITY: 45% for small and 35% for medium-sized enterprises.

Register now

Book a Call

Schedule 2024 & 2025






CISO M5: Threat & Vulnerability Management

23 October until 24 October


CISO M5: Threat & Vulnerability Management

18 March until 19 March


CISO M5: Threat & Vulnerability Management

21 October until 22 October


We are recognized by:

  • Registration number KMO portefeuille: DV.O213013

    Our courses are accredited for the KMO-portefeuille. This means that, depending on whether you are a small or medium-sized enterprise, you can receive a 45% or 35% subsidy (for cybersecurity) from the Flemish Government on the cost of registration.

  • Acknowledgement by Chèque-Formation

    The training voucher allows you to benefit from financial aid to train your workers in one of the approved training centres. Worth 30 euros, it corresponds to 1 hour of training per worker.

Stay informed via our newsletter

Stay connected with our latest news, offers and available training.


Stay informed via our newsletter

Stay connected with our latest news, offers and available training.