Infosec Skills release: NICE mapping plus new Node.js, container security and Linux security training
November 23, 2020
Infosec Skills training is now mapped to the Workforce Framework for Cybersecurity. Three new learning paths are also live in Infosec Skills: Writing Secure Code in Node.js, Container Security and Securing Linux/UNIX.
- Workforce Framework for Cybersecurity mapping
- Writing Secure Code in Node.js Learning Path
- Container Security Learning Path
- Securing Linux/Unix Learning Path
- See what’s coming next
Provide targeting training with NICE Framework mapping
Every Infosec Skills course, cyber range and project has been audited and mapped directly to the Workforce Framework for Cybersecurity (formerly the NICE Cybersecurity Workforce Framework). The new mapping makes it easy for individuals and teams to:
- Find relevant training: Guide skill development from beginner to expert across 52 work roles
- Get detailed insight: See precise mapping down to individual Knowledge and Skill Statements
- Build custom roles: Create a custom training plan that aligns with unique roles within your organization
Below is a partial mapping of how Infosec Skills content maps to one Work Role, Cyber Incident Responder. Download the latest version of the Infosec Skills course catalog to see the full mapping for all 52 roles.
Writing Secure Code in Node.js Learning Path
- Understand web application security principles
- Help engineers think about security when building Node.js applications
- Understand Node.js-specific attacks, such as prototype pollution and its impact on applications
- Know how to spot issues coming from the vast, open-source ecosystem
- Apply application security concepts to modern tools, such as GraphQL
The learning path culminates in a Writing Secure Code in Node.js Project where you’ll put your skills to the test in seven challenges focused around MongoDB injections and event loop blocking, as well as attacking and fixing a GraphQL API.
Container Security Learning Path
- How containers work and their available security options
- How Docker relates to containers
- How to securely manage containers throughout their life cycle, from building images to running containers in production
- How Kubernetes works and how to deploy and maintain a secure cluster for container workloads
In the Container Security Project, you’ll get hands-on experience reviewing images to reduce risk, making docker images follow best practices and scanning images for vulnerable software.
Securing Linux/UNIX Learning Path
Explore the many challenges of securing the Linux operating system in the new Securing Linux/UNIX Learning Path from Senior Linux System Administrator Jason Welsh. The training covers everything from understanding Linux users and groups to the details of SSH hardening and packet sniffing. You’ll learn about:
- Securing the server and applications running on the server
- Encrypting application traffic with GPG and TLS
- Basics of security applications like IPS and IDS
- Hardening guides and programs
- Using sudo
The Securing Linux/UNIX Project includes five hands-on challenges to build your skills around using sudo, configuring OpenSSH, identifying and configuring access to TCP ports, decrypting and encrypting with GPG, and using SELinux.
See what’s coming next
Want a preview of the upcoming content for Infosec Skills? Check out our LX Labs content roadmap to see what learning paths, cyber ranges and boot camp updates are coming next.