The Infosec Skills cyber range is getting a major revamp, including a completely redesigned, GUI-based experience loaded with dozens of new, hands-on labs. New labs come equipped with clear learning objectives, real-time feedback based on learner inputs and later this fall, in-depth video walkthroughs to help teams upskill and reskill with one click. A variety of new, video-based content was also released, including nine new and updated learning paths.
- Learn new skills inside realistic operating environments
- Upskill and reskill with dozens of labs mapped to ATT&CK Framework
- Nine new learning paths, 73 additional hours of cyber training
- Other Infosec Skills updates
- See what’s coming next
You and your team can now learn to outmaneuver adversaries targeting your organization today — within the operating environments they’d encounter on the job. The new Infosec Skills cyber range introduces a GUI environment where teams can practice countering MITRE ATT&CK® Framework tactics and techniques, perform penetration tests and write secure code hands-on. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning.
From command line basics to advanced adversarial techniques, Infosec Skills cyber ranges teach your team how to:
- Run red and blue team exercises
- Write secure code by example
- Pass dozens of technical certifications by gaining hands-on domain knowledge
- Attack and defend cloud-based applications
- And much more
The new Infosec Skills cyber range launches on July 8 loaded with 18 new labs. Over 100 additional labs are scheduled for release by the end of 2021. Each lab is mapped to the MITRE ATT&CK® Matrix so your team can learn how to execute dozens of adversarial tactics and techniques, including:
- Vulnerability Scanning
- Compromise Infrastructure
- Replication Through Removable Media
- Boot or Logon Autostart Execution
Nine new learning paths were released over the past few months, bringing 73 additional hours of educational content to Infosec Skills learners and teams. Like every other Infosec Skills course, cyber range and project, new learning paths are mapped to the NICE Workforce Framework for Cybersecurity to align learner responsibilities and goals to role-relevant content.
1. Cybersecurity Leadership and Management Learning Path
Although leadership and management are prerequisite expertise for all information systems security officers (ISSO) and/or chief information security officers (CISO), they must always be intentionally cultivated. Using industry standards, frameworks and models as guidance, this learning path will focus on the key objective elements (KOE) by discussing the information security strategy alignment with the organizational strategy, regulatory systems and operational excellence.
2. DoD CMMC Overview Learning Path
This learning path teaches you the foundational components of the CMMC Model. This is to prepare you to assist your organization for a formal CMMC assessment for certification, or to prepare you to become a Certified Professional or Certified Assessor. You will build the necessary skills to assist your organization in preparing for a CMMC assessment, including understanding the federal government regulations and guidelines; the CMMC ecosystem, model and assessment methodology; developing the assessment scope; familiarity with deliverables; and what to expect from a CMMC assessment.
3. Secure Coding in ASP.NET Learning Path
Secure Coding in ASP.NET is an instrumental pathway for all developers who wish to build secure and cyber-resilient software. With the growing need for cybersecurity across the world, developers who have mastered cyber-resilience get ahead. This skill path will enable you as a professional to execute secure coding practices, identify vulnerabilities in the code, remediate identified weaknesses, design with security in mind and build effective security controls to protect against breaches and malicious hackers.
4. Identity and Access Management Learning Path
This learning path provides a solid grounding in why an organization requires IAM and best practices for implementing it. The Identity and Access Management (IAM) Learning Path provides an introduction to implementing an IAM system. It covers the basic concepts of IAM, information about designing and implementing an IAM system, IAM security considerations and IAM requirements for data protection and federal standards.
5. Database Security Learning Path
In the Database Security learning path, you’ll learn about applicable rules and regulations and what it takes to protect sensitive data. The Database Security learning path gives a high-level view of rules and regulations, the NIST Framework and threats and vulnerabilities. This learning path also includes a more detailed view of database protection methods and labs for both a relational and a non-relational (NoSQL) cloud database, with labs and demos on data masking, column-level encryption, least privilege access management, auditing and more.
6. AWS Certified Security — Specialty Learning Path
Explore the fundamentals of AWS and prepare for the upcoming AWS exam. In this learning path, we will not only review key items of every exam domain but also go hands-on with the AWS services that you must know to pass the exam. This course is meant to reinforce the material the exam expects you to know to pass. The exam is scenario-based and we incorporate that into the learning path, as well with exam-similar questions that prepare you to pass your AWS Certified Security — Specialty exam.
7. CIPM Learning Path
Make data privacy regulations work for your organization by understanding how to implement them in day-to-day operations. Learn to create a company vision, structure a data protection team, develop and implement system frameworks, communicate with stakeholders, measure performance and more. The CIPM training path equips you with the knowledge needed to pass the IAPP’s CIPM exam and is designed to meet their Common Body of Knowledge. The CIPM takes the assumption that you are in charge of a new global privacy team for a global multinational. It uses this case study to run through the creation of a Personal Information Management System that creates a continually improving privacy program for the organization, in order to prepare you for the exam and for managing a real global privacy program in your own organization.
8. Software Security Testing Learning Path
Does finding security bugs, hacking software and breaking into applications and databases sound exciting? If yes, then the Software Security Testing learning path is for you. This pathway will help you master industry standards and enable you to carry out professional assessments to secure technologies, as well as communicate risks to high-level executives, management and technical staff. This learning path teaches you the necessary security testing skills to conduct professional security assessments in various approaches. As you progress through the course, you will learn the core tenets of software security, build up your own personal security testing lab environment, identify and exploit vulnerabilities, break contemporary security systems, utilize world-famous tools and approaches and confidently communicate findings to all stakeholders. Upon completion, you will have the foundational knowledge and skills to carry out multiple types of security assessments, including penetration testing, security auditing and code analysis.
9. Linux Fundamentals Learning Path (update)
Have you ever wanted to learn Linux fundamentals? In this path, students will learn about Linux architecture, common Linux vulnerabilities, networking and more. This path on Linux fundamentals is ideal for the beginner. We will discuss how to install Linux. From there, we will look under the hood to learn about Linux architecture as well as the file system. Next, we will explore the fundamentals: account management, networking, jobs and processes. Finally, we dive into light scripting to automate repeatable tasks.
In case you missed the news, Infosec Skills now integrates with employee development platforms such as Degreed to make it even easier for you to identify and patch your team’s cybersecurity skill gaps. Using our API and SSO, learning admins can:
- Integrate Infosec Skills course names, descriptions and relevant metadata into an existing LMS
- Add learner metrics like training performance, completion rates and skill proficiency to business intelligence tools
- Provide learners frictionless access to the content they need from your LMS platform of choice
- Automatically provision Infosec Skills users from third-party platforms
Want a preview of the upcoming content releases for Infosec Skills? Check out our LX Labs content roadmap to see what learning paths, cyber ranges and boot camp updates are coming next.