Developing Practitioners, Not Theorists
No one questions a hacker's ability based on their theoretical knowledge of cyber—it's all about what they can do. So why do we train cyber defenders the exact opposite?
Real talk: Certifications based upon theoretical knowledge do not stop breaches and do not reduce risk. Action, skill, and ability do.
The Cyber Defense Analyst Bootcamp is a challenging and interactive program that requires students to first demonstrate and then explain their findings, analysis, and applied remediation steps.

Why Our Cyber Defense Analyst Bootcamp?
No frills, no fluff.
The Cyber Defense Analyst Bootcamp is a fast-paced, 15-week program. Learn the skills you'll need to be a cyber defender—by doing the job.
Live and self-paced learning.
You'll get 280+ hours of a mix of live and self-paced learning. Around 74% of your learning will be hands-on.
Real-world exposure to malware and attack techniques.
Make hackers work for their access to your environments by learning how to analyze real malware samples.
Dedicated job prep training and support.
Get job-ready in our dedicated career curriculum that will take you from creating and polishing your resume and social profiles to networking and building your brand. We'll then round it out with real 1-on-1 technical interviews and strategies to succeed.
Lifelong learning access.
Once you become a Level Effect student, you'll always have access to your courses and materials, should you need to refer back for a quick refresher. A career in cybersecurity means you'll be a lifelong learner, and we're here to support that.
Exclusive alumni events and weekly meet-ups.
Gain access to an exclusive weekly meet-up where our instructors dive into new and interesting hacker tradecraft. Upon completion of the program, you'll also have access to other events designed for alumni to network and continue to level up their cyber knowledge.
John Hammond's Testimonial
If you're one of John Hammond's 419k+ YouTube subscribers or one of his 123k+ Twitter followers, you're among like company.
We asked him to take a look at our CDA Bootcamp to give his thoughts and provide an overview of what students can expect in the course.
Watch this video to hear about the CDA Bootcamp experience—and what you'll learn to set you apart as an emerging cybersecurity professional.
How Are We Different?
Hear our co-founders and instructors, Greg Ake and Rob Noeth, explain what we're trying to accomplish and our no-BS approach to getting it done!
Explore The Curriculum
Each module builds upon itself to reinforce your tradecraft and knowledge over 15 weeks. Concepts learned in week one will still be applicable in the final week. Through this cycle, you will build an analytical process, tool mastery, critical thinking, and the ability to assess and validate your findings—in other words, your cyber tradecraft. At this point students are then ready to demonstrate their knowledge attempting the CDCP certification over a final period of one week putting everything to the test.
Contact us if you found this flag as a student LE-H4KTH3PL4N3T.
-
Networking
Description
Understanding communications, networking protocols, networking devices and how to analyze the respective logical and physical components of networking is one of the most crucial skills to learn, adapt, and master as a Cyber Defense Analyst.
Objectives
• Gain demonstratable experience with networking ports and protocols
• Be able to perform in-depth network traffic capture analysis and triage
• Learn how to use industry tools like Wireshark to dissect network traffic
• Identify networked endpoint vulnerabilities -
Windows Domain
Description
The Windows domain is the battlefield where insider threats and malicious adversaries conduct their attacks. Knowing how these networks operate is a critical step in your ability to discover the bad within.
Objectives
• Learn the fundamentals of enterprise Windows networks in today’s workplaces
• Configure key active directory infrastructure and understand how domain services work
• Administer group policies and understand how different components of active directory work together
• Identify common pitfalls of enterprise networks -
Windows OS
Description
The business workstation of choice is the Windows Operating System (OS). A deep understanding of its inner workings ensures you have the knowledge and skill to triage and assess systems that are potentially compromised. Dive into the process of remote management, forensic triage, and operational security.
Objectives
• Deep dive into the Windows operating system
• Understand key components like processes, threads, memory, I/O, DLLs, drivers, and registry
• Be able to perform complete triage of the Windows operating system, binaries, and services
• Perform complete triage of compromised Windows systems and identify indicators of compromise -
Security Operations
Description
Triage, forensic, and analysis skills can only get you so far on your own. The organization needs scalable, measured, responsive, and proactive security. It must be vigilant and must align with business goals and ultimately reduce operational risk to within an acceptable limit. Security Operations (SecOps) are the front-line people, processes, and technology to meet this demand at scale.
Objectives
• Gain the experience of working in a SOC (Security Operations Center) as an analyst
• Be able to use a SIEM to work with network and endpoint data
• Use Windows tools and security software to identify threats contained in logs and network activity
• Identify common obfuscation techniques and analyze phishing emails
• Be able to use a SIEM to work with network and endpoint data
• Identify and create signatures based on network data using Snort
• Use Windows tools and security software to identify threats contained in logs and network activity -
Cyber Threat Intelligence
Description
We will discuss what threat intelligence is and how it is collected, analyzed, and compiled into useful information. You will learn how to gain insight on threat actor behavior with the goal of learning how to predict and prevent malicious activity based on attack patterns.
Objectives
• Be able to explain what threat intelligence is and isn’t
• Be able to use tools such as MISP and FireEye intelligence reports to gather threat actor data
• Disclose an indicator of compromise in a threat intelligence sharing platform
• Succinctly research and deliver a threat intelligence report on a real-world adversary
• Be able to describe and summarize what a threat actor is and suggest solutions to prevent attacks based on their previous patterns -
Linux OS
Description
Gain a solid footing with the Linux operating system and gain proficiency in how to operate it. You’ll learn how to navigate the operating system, manage applications, and manage permissions. Next, you’ll learn how to triage a Linux system, looking for common indicators of compromise.
Objectives
• Be able to navigate Linux and understand the fundamentals of the operating system
• Be able to manage applications, users, and group permissions
• Be able to triage and hunt for indicators of compromise on a Linux system
• Additionally: you should be able to apply many of these concepts to vulnerable systems like HackTheBox and VulnHub, hunting for misconfigurations or breadcrumbs -
Adversary Tactics
Description
Build upon your skills in Linux by learning how adversaries exploit vulnerabilities to gain unauthorized access to systems, bypass common access controls, and maintain a form of persistence. Finally, you’ll learn how to use Command and Control (C2) frameworks like known adversaries.
Objectives
• Learn how to perform external and local endpoint enumeration
• Learn how threat actors perform their attacks by performing exploits yourself
• Gain working knowledge of exploit frameworks like Metasploit and their purpose
• Perform attacks like SQL injection and remote code execution
• Create malicious shellcode and exploit web servers
• Maintain persistence and perform lateral movement
• Learn how to bypass AMSI
• Use C2 frameworks like Covenant -
Network & Computer Forensics
Description
Forensics are the historians of our digital networks. They reconstruct and provide insights on events and activity within a temporal context. Extract vital clues and indicators to improve intelligence, scope a breach, or assist in an ongoing incident.
Objectives
- Learn the concepts of forensic collection for both network and endpoint use-cases
- Analyze and extract indicators and evidence from network traffic
- Collect and parse volatile memory from a compromised system
- Compare and contrast the benefit and visibility provided by Windows forensic triage to uncover and identify malicious activity
-
Memory & Malware Analysis
Description
Delve into analyzing and the reverse engineering of malicious binaries and files to understand the capabilities, goals, and objectives of our adversaries. Identify and extract key indicators of compromise to be used in your analysis and scoping of the breach.
Objectives
- Learn the difference between static and dynamic malware analysis
- Practice dumping strings from a binary to look for clues
- Learn what
Obfuscation
means and how it pertains to malware - Practice de-obfuscating messages to uncover hidden messages
- Familiarize yourself with reverse engineering and how code becomes a program
-
Threat Hunting
Description
It’s a matter of when, not if a network will be compromised. Using that mantra while being empowered with the latest threat intelligence and knowledge of adversary tactics, you'll search for the persistent network threat hiding in your network. The culmination of your experience and skill are brought to bear on your network to hunt for adversaries within.
Objectives
- Understand the concept of threat hunting and what it means for an organization.
- Identify, hypothesize, and plan a threat hunting engagement.
- Learn and apply the methods to operationalize the MITRE ATT&CK framework to support threat hunting activities
-
Practical Cyber Triage
Description
The application of knowledge and skill to a problem is just the begining to identifying a solution. Development and refinement of a process will make our tasks more streamlined and repeatable. This module will focus on contextual triage scenarios to assist in defining and refining our triage process.
Objectives
- Triage and report on diverse incidents within the network
- Analyze logs, OS, binary, and network traffic
- Identify and report on IOCs and MITRE ATT&CK adversary techniques
-
Cloud Security (Bonus Module)
Description
Understand the benefits and challenges of using the cloud and what we can do to harden, detect, and respond to security events in our cloud deployments. Evaluate and remediate misconfigured cloud accounts and resources to ensure business data, systems, and records are protected.
This module is marked as a bonus in learning content for additional content to those interested in pursuing further cloud focused security positions, and does not encompass any testing material in our CDCP certification.
Objectives
- Learn about Amazon Web Services, common services, and administering virtualized cloud resources
- Learn the foundations of web application security and conduct a practical assessment of a web application
- Create and audit an AWS cloud account for misconfigurations and known vulnerabilities
Track Your Cyber Journey
Attending our Cyber Defense Analyst Bootcamp will take you from exposure to competency—and finally, to mastery of your craft. Demonstrate your ability and commitment to this field with our courses and milestones of accomplishment.
Students who successfully complete our Cyber Defense Analyst Bootcamp earn this digital badge. This bootcamp is a culmination of multiple cyber investigations, reports, and challenges that confirm the holder is capable of kicking hackers out of a network—and not just talking about it.
Cost Of Attendance
We won't sugar-coat it: Bootcamps, including ours, are expensive—but they're investments. We bring experience from building our own patented cyber technology and defending more than 70,000 networks with us when we teach and coach you in your cyber journey.
The cost to attend the Cyber Defense Analyst Bootcamp is $11,000 (USD), less any deposits and discounts.
* Discounts, scholarships, and 0% financing are available.
Course Discounts
Early Registration Discount: $500. Register 4 weeks in advance of a cohort start date.
Are you a first responder? You'll receive $500 off the listed tuition price. This discount is available to US, UK, AUS, and CAN students.
Active-Duty military or Veteran? Become a member of VetSec and receive a $2,500 discount. Signup information further down on this page.
Discounts available for financing option/payment method chosen. Review our financing options page to learn more.

Active Duty Military or Veteran?
VetSec members receive a $2,500 discount on the Cyber Defense Analyst Bootcamp. We also provide one VetSec member a full scholarship to attend our bootcamp each cohort.
Thank you for your service!
Frequently Asked Questions
-
What is the Cybersecurity Foundations requirement?
We offer a free 12-hour course on cybersecurity for individuals to learn if a career in cyber is for them. The course is a requirement to attend the Cyber Defense Analyst Bootcamp for all students.
You don't need to setup a call or pay to create an account and begin the Cybersecurity Foundations course.
-
Do I need experience in IT or cybersecurity to succeed in the CDA bootcamp?
No. Although, we do recommend being comfortable using a computer and completing basic tasks on a computer. Students must complete the pre-requisite Cyber Foundations course before the live instructions which outlines basic, foundational skills you will need to succeed in CDA.
-
When are classes taught?
We typically run three cohorts per year each running 15 weeks. During a cohort, students are expected to be present during live virtual instruction which takes place on Monday through Thursday from 7pm-9pm CST. (8pm – 10pm EST or 5pm-7pm PST)
-
What types of roles/jobs do graduates typically get?
Our students get hired in roles such as Cyber Security Analyst, Security Operations Analyst, Cyber Security Engineer, Security Consultant, Digital Forensics & Incident Response Analyst, Compliance Analyst and Penetration Tester.
-
Do I need a new or more powerful computer to attend the course?
No, we host all of the virtual computers, network devices, and tools for you. Any common computer that can run a web browser, Microsoft Teams, and discord should be more than sufficient. If you have concerns, please reach out and we can assess if you are good to go!
-
Are there any hardware or internet requirements to taking the course?
Considering that the course is held on-demand and live remotely online, there are some key items that will make your experience much smoother.
- Stable internet connection. Ideally, a wired connection between your computer/router. A 50ft cable and a USB to ethernet adapter can be acquired for less than $40 dollars online. Wireless connections can be finicky and cause you to lose audio/video from time to time. Reach out to us for recommendations if you need more info.- Decent webcam. Being present in the course by being on camera increases your interaction, focus, and overall success in the course. The course is very interactive.
- Decent headphones with boom mic. Laptop speakers just don't cut it. Headphones will ensure you hear everything and everyone clearly and the boom mic will ensure you are heard well. Again, reach out to us for affordable recommendations.
-
I am not in the United States, can I still attend the CDCP bootcamp?
Yes. We welcome students from wherever they reside. However, there are some caveats that you must take into consideration.
- Our classes are taught live in the U.S. time zone CST from 7-9PM Monday through Thursday. You will need to be available at that time to attend and contribute during live class.
- The course is exclusively taught in the English language. Students should be conversational at a 12th year equivalence to keep pace within the course.
- We are not partnered with any organization that offers financing outside of the U.S. and UK.
The next cohort starts in:
00
days
00
hours
00
minutes
00
seconds
Spring '23 Cohort
May 1, 2023
Fall '23 Cohort
Aug 28, 2023
Winter '24 Cohort
Jan 8, 2024