Cyber Defense Analyst Program

A New Cyber Defense Analyst Program Experience is Here!

Three successful years. Hundreds of satisfied and successful alumni. Plenty of feedback. Plenty of experience.

We're excited to release the new and improved version of our Cyber Defense Analyst (CDA) Live Training Program based on everything we've learned to date.

Our Fall 2023 Cohort has already begun, but you can apply to attend our Winter 2024 Cohort.

Hands-on Cybersecurity Training

No one questions a hacker's ability based on their theoretical knowledge of cyber—it's all about what they can do. So why do we train cyber defenders on theory rather than practice?

Real talk: Certifications based upon theoretical knowledge do not stop breaches and do not reduce risk. Action, skill, and ability do.

The Cyber Defense Analyst Program is a challenging and interactive experience that requires students to first demonstrate and then explain their findings, analysis, and applied remediation steps.

Explore the Curriculum

Each module builds upon itself to reinforce your tradecraft and knowledge over 12 weeks. Concepts learned in week one will still be applicable in the final week. Through this cycle, you will build an analytical process, tool mastery, critical thinking, and the ability to assess and validate your findings—in other words, your cyber tradecraft.

Fair warning: This course is NOT a bootcamp that will overwhelm you for 12 weeks. Rather, we'll work with you to develop your abilities for 8 weeks, and then we'll immerse you in a virtual Security Operations Center (SOC) environment for an additional 4 weeks. This is to provide you with realistic, "on-the-job" training and experience to make you career-ready.

Afterward, you'll be ready to demonstrate your knowledge by attempting the CDCP certification over a final period of one week, putting everything to the test.

Please note that before enrolling in our Cyber Defense Analyst Program, you must complete the prerequisite course, Cybersecurity Foundations. Contact us if you found this flag as a student LE-H4KTH3PL4N3T.

Network and Email Security

Network Traffic Analysis
Objectives
- Learn how to recognize normal network traffic patterns and distinguish them from unusual or suspicious patterns.
- Explore techniques for detecting network anomalies, such as unusual protocol activity, obfuscated payloads, and lateral movement.
- Gain hands-on experience in investigating suspicious traffic to understand its origin, destination, and potential impact.
- Discover how to filter, parse, and extract relevant information from captured network packets to identify potential security threats.
- Develop skills to respond effectively to identified threats and incidents based on network traffic analysis findings.
Phishing and Malspam
Objectives
- Learn how to interpret email headers and metadata to trace the origin and path of an email message.
- Understand how to analyze suspicious email content, attachments, and hyperlinks to identify potential threats.
- Explore techniques to detect email spoofing and tampering attempts through header analysis.
- Learn to identify forged or manipulated headers that may indicate malicious intent.
- Develop strategies to respond to identified phishing and malicious emails effectively.

Endpoint Incident Response

Windows Endpoint and Binary Triage
Objectives
- Learn how to navigate and interpret the event logs, registry entries, and system files to identify potential security issues or suspicious activities.
- Acquire skills to detect abnormal behavior and indicators of compromise (IOCs) on Windows endpoints.
- Develop proficiency in analyzing Windows binary executables, such as DLLs (Dynamic Link Libraries) and EXEs (Executables), for signs of malicious behavior.
- Understand how to use static and dynamic analysis techniques to identify malicious code, code obfuscation, and potential vulnerabilities.
- Practice incident response techniques for mitigating threats on Windows endpoints.
Adversary Tactics in Enterprise Networks
Objectives
- Gain insights into the attacker's mindset, motives, and goals to better understand their modus operandi.
- Explore common adversary tactics, techniques, and procedures (TTPs) used to infiltrate Windows enterprise networks, such as phishing, credential theft, lateral movement, and privilege escalation.
- Learn how to use network and host-based monitoring tools to identify suspicious behavior, anomalous activities, and indicators of compromise (IOCs).
- Develop proficiency in analyzing adversary techniques to determine the extent of the compromise and potential impact on the network.
- Practice incident response procedures for effectively mitigating and containing adversary activities in a Windows enterprise network.

Network and Endpoint Log Analytics

Intrusion Detection
Objectives
- Learn various intrusion detection techniques, such as signature-based detection, anomaly-based detection, and behavior-based detection.
- Acquire skills to deploy and configure intrusion detection tools.
- Develop proficiency in analyzing intrusion detection alerts generated by the IDS/IPS tools.
- Learn how to customize detection rules, set up alerting mechanisms, and fine-tune intrusion detection to match the organization's security needs.
- Learn how to mitigate and contain intrusions to prevent further damage and data exfiltration.
Log Analytics with a SIEM
Objectives
- Learn how to collect, correlate, and analyze logs and events from various sources, including Windows endpoints and network devices.
- Develop a methodology building queries and filters to identify anomalous activities, suspicious patterns, and potential indicators of compromise (IOCs) on Windows endpoints.
- Acquire skills in utilizing a SIEM to conduct proactive threat hunting engagements.
- Learn how to conduct in-depth investigations, trace lateral movement, and perform forensic analysis to understand the nature and impact of incidents.

Digital Forensics

Digital Forensics
Objectives
- Acquire hands-on experience in acquiring digital evidence from compromised Windows endpoints while ensuring data integrity and authenticity.
- Develop skills in analyzing data artifacts, such as files, registry entries, event logs, and memory dumps, to identify potential evidence of compromise or malicious activity.
- Understand the basics of how to reverse-engineer malware and extract valuable indicators of compromise (IOCs) for threat hunting.
- Learn how to create comprehensive and well-documented forensic reports detailing the findings, analysis, and conclusions of the investigation.

Threat Intelligence and Security Operations

Threat Intelligence and Security Operations
Objectives
- Work with multiple formats of threat intelligence, including open-source intelligence (OSINT), feeds, and internal data, and how to leverage them for proactive defense.
- Acquire skills in collecting and analyzing threat intelligence data to identify emerging threats, malicious actors, and potential vulnerabilities.
- Understand how to use threat intelligence platforms and tools to correlate and enrich data for actionable insights.
- Learn how to integrate Cyber Threat Intelligence into security operations to enhance threat detection, incident response, and threat hunting capabilities.
- Explore the use of threat intelligence in decision-making, incident triage, and risk management.

No frills, no fluff

The Cyber Defense Analyst Program is a fast-paced, 12-week program aligned to the NIST workforce role of a Cyber Defense Analyst. Learn the skills you'll need to be a SOC analyst—by doing the job.

Bridge the gap between theory and practice

During the first eight weeks, you'll develop the competencies you'll need to successfully mitigate, contain, and respond to security threats. This is achieved through live classes, real-world scenarios, and practical assessments.

Security Operations Center (SOC) Training

The last four weeks of the class will be spent working in a virtualized Security Operations Center (SOC) environment. You'll have tickets to triage and manage and will report to your SOC manager every week—just like you'd do on the job.

Career prep and technical interview practice

Get job-ready in our dedicated career curriculum that will take you from creating and polishing your resume and social profiles to networking and building your brand. We'll then round it out with real 1-on-1 technical interviews and strategies to succeed.

Lifelong learning access

Buy the course once and own it forever—including future updates and improvements made. Graduates will also have access to our alumni network and will receive extended career support.

Learn how to hunt for the adversary

Discover the art of outsmarting hackers as you master the craft of dissecting authentic malware samples, forcing them to toil for their entry into your digital domains.

What You'll Earn

Attending our Cyber Defense Analyst Program will take you from exposure to competency—and finally, to mastery of your craft. Demonstrate your ability and commitment to this field with our courses and milestones of accomplishment.

The Cyber Defense Certified Professional badge is a testament to tradecraft mastery. Badge holders have demonstrated a practical ability to hunt, discover, and defend networks from a multitude of threats, whether they come from inside or outside the network.

Takers who exceed the requirements for CDCP certification are awarded the Gold CDCP status. This badge sets the taker apart by showcasing their mastery of the tradecraft required to conduct sophisticated cyber analysis and investigations.

Cost of Attendance

The Cyber Defense Analyst Program costs $11,000 $5,000.

A note on our new pricing model: We've revamped our Cyber Defense Analyst Program to cater specifically to highly qualified students seeking SOC Tier 1 and 2 positions.

Our students and alumni have expressed overwhelming satisfaction with the program, highlighting that it empowers them to outperform their peers. We ultimately recognized that some of the content in the course would be better suited for separate training courses or more advanced tiers (we're looking at you, malware development and penetration testing). As a result, we took the initiative to better streamline the curriculum.

This improvement allowed us to significantly reduce the cost of the program, making it more accessible to aspiring professionals. Our commitment to delivering top-notch education that specifically focuses on the requirements for SOC Tier 1 and 2 roles remains unwavering, ensuring our students receive the best value for their investment.

The new revised Cyber Defense Analyst Program is just as effective, offering a superior learning experience at a fraction of the previous cost, and demonstrating our dedication to student success and affordability.

Financing Options

We've partnered with multiple financing solutions to offer a range of options to provide flexibility in funding to start your cyber journey.

Open Doors Scholarship

As a company, we’ve committed a portion of each cohort for accessible education, ensuring we remove financial barriers for those who need a hand.

Active Duty Military or Veteran?

We're proud to partner with VetSec, a non-profit organization whose mission is to help employ all veterans who want to pursue a career in cybersecurity.

We provide TWO VetSec members with a full scholarship to attend our program each cohort. In addition, VetSec members receive a $500 discount on our listed course price.

Details on how to apply are available to VetSec members.

Thank you for your service!

*Please note that our Open Doors scholarship is not open to recipients of a VetSec scholarship.

Frequently Asked Questions

How is this program so much cheaper than other cybersecurity bootcamps?

The simple answer is our program is not a bootcamp. We’ve spent the past three years refining and perfecting the CDA experience based on feedback from current students and alumni.

We've revamped our Cyber Defense Analyst Program to cater specifically to highly qualified students seeking SOC Tier 1 and 2 positions.

Our students and alumni have expressed overwhelming satisfaction with the program, highlighting that it empowers them to outperform their peers. We ultimately recognized that some of the content in the course would be better suited for separate training courses or more advanced tiers (we're looking at you, malware development and penetration testing). As a result, we took the initiative to better streamline the curriculum.

This improvement allowed us to significantly reduce the cost of the program, making it more accessible to aspiring professionals. Our commitment to delivering top-notch education that specifically focuses on the requirements for SOC Tier 1 and 2 roles remains unwavering, ensuring our students receive the best value for their investment.

The new revised Cyber Defense Analyst Program is just as effective, offering a superior learning experience at a fraction of the previous cost, and demonstrating our dedication to student success and affordability.

P.S. If you’re a go-getter who wants additional training, stay tuned: We’ve got more courses on the horizon!
What is the Cybersecurity Foundations requirement?
Do I need experience in IT or cybersecurity to succeed in the CDA program?
When are classes taught?
What types of roles/jobs do graduates typically get?
Do I need a new or more powerful computer to attend the course?
Are there any hardware or internet requirements to taking the course?
Considering that the course is held on-demand and live remotely online, there are some key items that will make your experience much smoother.
- Stable internet connection. Ideally, a wired connection between your computer/router. A 50ft cable and a USB to ethernet adapter can be acquired for less than $40 dollars online. Wireless connections can be finicky and cause you to lose audio/video from time to time. Reach out to us for recommendations if you need more info.
- Decent webcam. Being present in the course by being on camera increases your interaction, focus, and overall success in the course. The course is very interactive.
- Decent headphones with boom mic. Laptop speakers just don't cut it. Headphones will ensure you hear everything and everyone clearly and the boom mic will ensure you are heard well. Again, reach out to us for affordable recommendations.
I am not in the United States, can I still attend the CDA program?
Yes. We welcome students from wherever they reside. However, there are some caveats that you must take into consideration.
- Our classes are taught live in the US Central timezone from 7-9pm Monday through Thursday. You will need to be available at that time to attend and contribute during live class.
- The course is exclusively taught in the English language. Students should be conversational at a 12th year equivalence to keep pace within the course.
- We are not partnered with any organization that offers financing outside of the U.S. and UK.

Winter '24 Cohort

January 15, 2024

Spring '24 Cohort

May 6, 2024

Fall '24 Cohort

Sep 9, 2024

Free Training

Premium Training

hbspt.cta._relativeUrls=true;hbspt.cta.load(21954108, 'ef6aa14d-6f24-44f9-a281-3a8e6475c0bc', {"useNewLoader":"true","region":"na1"});

Quizzes

Tuition & Scholarships

Certification and Badging

Do You Have What It Takes

To HUNT. DISCOVER. DEFEND?

A New Cyber Defense Analyst Program Experience is Here!

Hands-on Cybersecurity Training

Explore the Curriculum

Network and Email Security

Network Traffic Analysis

Phishing and Malspam

Endpoint Incident Response

Windows Endpoint and Binary Triage

Adversary Tactics in Enterprise Networks

Network and Endpoint Log Analytics

Intrusion Detection

Log Analytics with a SIEM

Digital Forensics

Digital Forensics

Threat Intelligence and Security Operations

Threat Intelligence and Security Operations

Security Operations Center (SOC) Training

SOC Training

Why Our Cyber Defense Analyst Program?

No frills, no fluff

Bridge the gap between theory and practice

Security Operations Center (SOC) Training

Career prep and technical interview practice

Lifelong learning access

Learn how to hunt for the adversary

John Hammond's Thoughts

What You'll Earn

Cost of Attendance

Financing Options

Open Doors Scholarship

Active Duty Military or Veteran?

Frequently Asked Questions

How is this program so much cheaper than other cybersecurity bootcamps?

What is the Cybersecurity Foundations requirement?

Do I need experience in IT or cybersecurity to succeed in the CDA program?

When are classes taught?

What types of roles/jobs do graduates typically get?

Do I need a new or more powerful computer to attend the course?

Are there any hardware or internet requirements to taking the course?

I am not in the United States, can I still attend the CDA program?

The next cohort starts in:

00

00

00

00

Winter '24 Cohort

Spring '24 Cohort

Fall '24 Cohort

So, do you have what it takes?