Overview
The cost of a security breach averages nearly $5M (IBM) and is increasing every year. So, businesses are always looking for professionals who can anticipate threats and prevent them. This IBM Penetration Testing, Threat Hunting, and Cryptography course builds expertise in identifying vulnerabilities, protecting assets, and using AI and cryptography techniques to strengthen an organization’s cybersecurity posture.
During the course, you’ll explore the penetration testing phases and gain practical experience performing software pen testing and scanning code repositories. You’ll also learn to create comprehensive pen testing reports, perform threat hunting, and integrate AI into threat intelligence. Plus, you’ll learn to leverage Cyber Threat Intelligence (CTI) frameworks for effective threat identification. Finally, you’ll explore cryptography, including encryption, decryption, and hashing techniques, while also learning about common cryptographic attacks and cryptanalysis methods.
To complete the hands-on labs and project, you’ll require a laptop or desktop and basic knowledge of networking and cybersecurity.
This course is ideal for existing and aspiring cybersecurity professionals looking to enhance their skills and advance their careers. It is recommended that you have fundamental knowledge of IT systems and cybersecurity principles prior to starting this course.
If you’re looking to build in-demand cybersecurity skills in threat prevention, enroll today! In five weeks, you’ll add penetration testing, threat hunting, and cryptography to your resume.
Syllabus
- Penetration Testing: Planning and Discovery Phases
- This module provides an overview of the different phases of penetration testing, which includes planning, discovery, attack, verification, and reporting. You'll also learn about the fundamental concepts of penetration testing and its importance. The module will focus on the planning and discovery phases. The planning phase will cover the rules of engagement, which ensure penetration tests are conducted ethically and legally. Then, in the discovery phase, you will be introduced to passive and active reconnaissance methods and Google Dorking.
- Penetration Testing: Attack Phase
- This module focuses on the attack phase of penetration testing. You will learn about the key actions involved in the attack phase, including running exploits, bypassing defenses, gaining elevated privileges, and initiating post-attack activities. You will also explore various penetration testing tools and perform port and website scans using online penetration tools. Further, you will solidify your understanding of port scanning, network scanning, and network protocol analyzers through hands-on labs.
- Penetration Testing: Reporting Phase
- This module focuses on the reporting phase of penetration testing, while introducing the concepts of software and application pen testing. You will learn how to scan code repositories for vulnerabilities and understand its benefits. You will also understand the importance of the reporting phase, create comprehensive penetration testing reports, and implement the Penetration Testing Execution Standard (PTES) framework, which provides insights into industry standards for reporting.
- Threat Hunting and Threat Intelligence
- This module provides an overview of threat hunting practices and the role of threat intelligence in cybersecurity. You will explore various threat intelligence sources and learn how to review recent security threat reports using IBM X-Force Threat Exchange. You'll also learn about threat intelligence platforms, security information and event management (SIEM) systems, threat intelligence frameworks, and threat hunting models. Additionally, you'll gain insights into the role of AI in enhancing threat intelligence and hunting capabilities.
- Cryptography: Principles and Techniques
- This module delves into the fundamental concepts and practices of cryptography, covering essential techniques for ensuring data integrity, confidentiality, and authenticity. You will gain insights into symmetric and asymmetric encryption algorithms like AES and RSA, as well as hashing techniques. The module also examines key management practices and crucial cryptographic techniques, such as securing SSL/TLS. Further, it addresses common cryptographic attacks and cryptanalysis techniques, providing a comprehensive understanding of cryptographic solutions for enhancing organizational security.
- Final Project and Wrap-Up
- In this module, you will apply the knowledge gained in the course in a final project. The module also wraps up the course learning and highlights key takeaways and next steps.
Taught by
Dr. Manish Kumar, IBM Skills Network Team, and Dee Dee Collette