Infosec Skills release: New SSO features and learning paths

Single Sign-On (SSO) is now available on all Infosec Skills Teams accounts, making it easier than ever for admins to authenticate and manage their learners. A variety of new content was also released, including six new learning paths, two updated learning paths and a new boot camp.

Jump ahead

• Use SSO to authenticate and manage your team
• Python for Pentesters Learning Path
• Cloud Security Learning Paths
• Paraben Certification Paths
• IAPP CIPP/E Learning Path
• Other Infosec Skills updates
• See what’s coming next

Use SSO to authenticate and manage your team

All Infosec Skills Teams accounts now include the ability to connect to any identity provider that supports the SAML 2.0 standard, including:

• Azure Active Directory (AD)
• Active Directory Federated Services (ADFS)
• Google Suite SSO
• Okta SSO

Admins can configure SSO settings from the “Single Sign-On” menu, including the ability to automatically add newly authenticated learners or manually upload them via CSV.

Python for Pentesters Learning Path

Get an in-depth look at using Python for penetration testing in the new learning path taught by ethical hacker Chris Bingham. You’ll start with a refresher on Python before diving into pentesting topics, such as:  

• Common vulnerabilities Python can exploit
• Using open source intelligence (OSINT)
• Scanning networks
• Building and attacking a Windows domain controller with Active Directory
• Using various Python tools to attack web applications

The learning path culminates in a Python for Pentesters Project where you’ll put your skills to the test across five challenges: creating an email sender, creating a buffer overflow exploit, writing commands to conduct a Wi-Fi attack, starting a new web scraping project and writing a line of smtp code.

Cloud Security Learning Paths

Two new cloud security-related learning paths are also live in Infosec Skills.

• CSP Security Features, taught by senior cloud security engineer Joseph South, covers the ins and outs of security when working with three major cloud service providers: AWS, Azure and GCP. You’ll build hands-on skills as you learn about implementing security control best practices for each provider.
• Cloud Pentesting contains two hands-on projects to help you learn how to navigate, identify and exploit targets located in AWS and Azure cloud environments. You’ll practice a wide range of techniques, including open source intelligence, metadata abuse, post-exploitation information gathering, lateral movement and more.

Paraben Certification Paths

Two new certification paths developed by Paraben CEO Amber Schroader and her team are also live in Infosec Skills. 

• Paraben P2C Operator Certification explores the features, tools and abilities of the Paraben E3 Forensic Platform. Beginning with the basic features, you'll look at the platform's layout and navigation, case control and adding evidence, data triage, artifact exploration, data optimization and reporting, and more.
• Paraben DSMO Mobile Operator Certification teaches you the skills a mobile forensic investigator needs to operate Paraben’s E3 Forensic Platform. You’ll learn how to acquire, analyze and report on digital data in a forensically sound manner.

IAPP CIPP/E Learning Path

Build the knowledge and skills you need to become an IAPP Certified Information Privacy Professional/Europe in the new learning path from global privacy and security advisor Ralph O'Brien. As you progress through 12 courses, you’ll learn: 

• Context of European data protection law
• Data protection concepts, principles and application
• European data protection practices
• Privacy-related internet technology and communications

Other Infosec Skills updates

Two other learning path were refreshed, including:

• CompTIA CySA+, which was updated by Dr. Michael G Solomon and Brent Chapman to reflect the new version of the CySA+ exam (CS0-002)
• ICS/SCADA Security Fundamentals, which was updated with content taught by cybersecurity engineer Matt Campagnola

In addition, CompTIA’s PenTest+ has been approved for several information assurance roles outlined in DoD Directive 8570.01-M, including:

• Cybersecurity Service Provider Analyst (CSSP-A)
• Cybersecurity Service Provider Incident Response (CSSP-IR)
• Cybersecurity Service Provider Auditor (CSSP-AU)

A standalone PenTest+ Boot Camp is available for organizations looking to train their team.

See what’s coming next

Want a preview of the upcoming content for Infosec Skills? Check out our LX Labs content roadmap to see what learning paths, cyber ranges and boot camp updates are coming next.