This mastery program is great for people that a restarting out in cybersecurity, or are a seasoned IT pro who wants to switch into cybersecurity. The “Cybersecurity Master Annual Program” is the perfect and complete learning path, it is designed as a continuous learning program that will keep the participants on top of the latest developments in this ever-changing industry. Every month, the students learn a new essential skill to become a cybersecurity Expert with the most up to date skills.

CMAP Formula

The Cybersecurity Master Annual Program, is a continuous learning program that provides the participants with insights for various cybersecurity skills. The program consists of 12 workshops, delivered by CQURE Academy Trainers. Each live workshop is demo-intensive and accompanied by pre-and post-workshop homeassignments to solidify your learning.

Each workshop touches upon a different area of cybersecurity. Workshops are live and take place on last Wednesday of each month, with the exception of December, when it will take place two weeks earlier (13th Dec) to avoid conflicting dates with any Christmas-related arrangements our students may have. A Discord Server will also be set-up for the students to receive continuous assistance and support from CQURE’s Experts during the program.

The delivery is in EU time zones (CET/CEST). Each workshop will be complemented by pre-work assignment (some reading material that will help the students prepare for the workshop) and an additional home assignment (e.g., self-study exercises, additional reading materials, labs etc.) and a test.

All of the live workshops will be recorded and accessible for students any time – in case any of the customers need to attend some other duties/holidays or simply want to recap. In January 2024, the Final Exam will be performed in a form of a proctored examination – to take on this one, a student must have bought access to the whole program.

CMAP Curriculum

Module 1: Securing Windows Platform: Windows 11 & Windows Server 2022

Date: January 25th; Instructor: Mike Jankowski-Lorek, PhD

• New features in Windows 11 and Windows Server 2022 affecting security
• Implementing rights, permissions and privileges
• Defining and disabling unnecessary services
• Implementing secure service accounts

Module 2: Hardening Active Directory Infrastructure

Date: February 22nd; Instructor: Michael Grafnetter

• Modern Identity Attack Techniques
• Preventing Credential Theft and Misuse
• Recommended AD Configuration Options
• OS-Level Credential Protection Features: LSA Protected Process, Credential Guard, and RDP Restricted Admin Mode
• Detecting Backdoors in Active Directory

Module 3: Collecting and Analyzing Digital Evidence

Date: March 29th; Instructor: Paula Januszkiewicz

• Evidence Gathering
• Memory: Dumping and Analysis
• Memory: Indicators of compromise
• Disk: dumping & analysis
• Disk: extracting and interpreting evidence

Module 4: Implementing Secure Azure Active Directory

Date: April 26th Instructor: Michael Grafnetter

• Azure AD security settings
• AAD Identity Protection
• AAD Privileged Identity Management (PIM)
• AAD Password Protection

Module 5: Pentesting Web Applications

Date: May 31st Instructor: Artur Kalinowski

• Cross Site Scripting
• Injections
• Insecure File Handling
• Testing API

Module 6: Implementing Privileged Access Workstations

Date: June 28th Instructor: Sami Laiho

• Privileged Access Workstations - how and why?
• Different hardware and VM solutions for implementing PAWs
• Difference between normal and privileged access
• Implementing and Managing On-prem PAWs
• Implementing and Managing Cloud-service PAWs

Module 7: Understanding Malware Analysis

Module 8: Mastering Authentication in .NET

Date: August 30th Instructor: Przemek Tomasik

• Implementing OAUTH 2
• Implementing OpenID Connect
• Implementing SAML

Module 9: Configuring Application Whitelisting

Date: September 27th Instructor: Sami Laiho

• Whitelisting in General
• Implementing AppLocker
• Managing AppLocker
• Troubleshooting AppLocker

Module 10: Empowering the PowerShell

Date: October 25th Instructor: Michael Grafnetter

• PowerShell security and specific hacktools (like DSInternals)
• Advanced PowerShell course
• Auditing Active Directory using PowerShell

Module 11: Mastering Monitoring Operations and Threat Intelligence

Date: November 29th Instructor: Piotr Pawlik

• Microsoft 365 security from SOC Analyst perspective
• Microsoft 365 Defender for Endpoint – EDR story
• Detection and Response with Sentinel – Let’s attack Contoso network

Module 12: Securing SQL Server

Date: December 13th Instructor: Damian Widera

• SQL Server Security Baseline Concepts
• SQL Server Instance Security
• Managing Logins & Passwords