Adversaries are always learning, adapting, and deploying new techniques to undermine your network and turn it against itself and the organization.
The Cyber Defense Analyst bootcamp teaches students how to defend and protect an organization’s Windows network. You will also learn how to assess and communicate threats to executives and implement organization wide security practices.
We don’t mean to brag, but we’re 5 stars across the board. Just check out our reviews. Notably, Course Report, a global authority for online education has included us as a Top Rated bootcamp in their 2021 list of the best Cyber Security Bootcamps, worldwide.
Purdue University Global has officially approved our Cyber Defense Analyst Bootcamp for a 47 credit transfer toward their degree. If you’re already working toward your degree, or are interested in pursuing an amazing education at Purdue – graduating our bootcamp doubles up in helping you succeed in more ways than one.
Book a call with our team
The Cyber Defense Certified Professional (CDCP) is filling a gap in cyber defense certification for both the hard and soft skills that are required and in high demand within the cyber community.
This is accomplished through a battery of real-world security operations scenarios that students must overcome and articulate in a detailed report that includes the appropriate executive summary, findings, recommendations and remediation steps along with applicable evidence.
This course is designed to provide a practical and real-world experience for students.
The objective is to empower students with realistic and applicable skills that can be applied on the job. The bootcamp is fast-paced, high volume and challenging.
Holders of a Cyber Defense Certified Professional certificate have demonstrated the knowledge, skills, and practical application to work within a security operations team.
Holders of the GOLD CDCP demonstrate an excellence in delivery, technical skill, and comprehension of assigned challenges. Only one student can be nominated for GOLD status per cohort and only IF they exceed our traditional passing standards for CDCP.
Taught by real threat hunters and engineers who’ve worked in the industry for years, and wrote the curriculum you will be learning.
Learn through theory, practice and real world stories from our team of US veterans and seasoned pros.
Students complete the CDCP capstone exam at the end of each cohort to demonstrate their practical skills and achieve their certification. The exam is 100% hands on, no multiple choice, and submitted as a report that is manually graded by instructors to ensure verification of learning outcomes.
No expensive hardware required. Attend the bootcamp with any computer you use to browse the web because our learning platform includes a custom cyber range and content hosting to make your learning experience faster, easier and more accessible.
The demand for Cyber Defenders is at an all time high. Our team will help you get a job in Cybersecurity, every step of the way.
From understanding job descriptions, preparing your resume and conducting mock interviews, the job search is part of the bootcamp class discussion every week.
The National Institute of Standards and Technology (NIST) has released a Workforce Framework for Cybersecurity. Our curriculum is built to meet and exceed all requirements that a Cyber Defense Analyst (CDA) requires as per the framework and adds additional intermediate/advanced material based on the real-life experience of our course creators.
Our instructors will meet with you for a series of mandatory 1 on 1s through the bootcamp to ensure you’re pacing well with the learning outcomes, as well as providing individualized support to your growth.
Once you graduate our team is continuously there to support alumni in their job search and as they grow throughout their career.
The Cyber Defense Analyst bootcamp utilizes military style training techniques to equip students with vast knowledge in a short period of time. We do this by structuring the content so every module builds off techniques and tools learned from the previous ones; you’ll use what you learned in the first few weeks in the last weeks but with more skill and complexity involved.
There’s no Learning Platform out there dedicated to providing Cybersecurity content. So, we built our own, and serve our content on it. This allows a structure that is by design meant to make acquisition of Cyber related knowledge faster, easier, and more accessible. It also means less cost for us to maintain and less cost for you as a student to use.
You will learn Windows and Networking until you're blue in the face, and no, you will not be given a Kali linux box with shiny simple hacking lessons. You will work within Windows to defend and break Windows.
We don't let you get reliant on auto-win tools. You're going to learn the manual foundational way to triage and defend endpoints. This makes everything easier to understand and greatly expedites your ability to acquire knowledge through the course and beyond.
Module 1: Networking
Malware can only get so far until it needs to get over the wire to spread and become an advanced threat. Perform in-depth network traffic capture analysis and triage. Learn how to use industry tools like Wireshark, Snort, and Zeek, to dissect network traffic and identify malicious activity.
Module 2: Windows Enterprise Network
Learn the fundamentals of enterprise Windows networks in today’s workplaces from the server to the regular user workstation by configuring key active directory infrastructure and understanding how domain services work – and how they can be vulnerable. You’ll also administer and script group policies to understand how different components of active directory work together.
Module 3: Advanced Windows OS (2 weeks)
You’re not done with Windows yet! You’ll work in and out from it the vast majority of your cyber career and need to be able to defend and triage this operating system inside out. Using what you built the module before, learn key components like processes, threads, memory, I/O, DLLs, drivers, and registry. You’ll then perform complete triage of live compromised Windows systems and identify indicators of compromise along with reporting on how to remediate the incidents.
Read the full curriculum here.
The pace and complexity gets a bit more difficult from here but you’re able to stand on your two feet and navigate through it. You'll come out here where we'll throw a compromised host at you and you'll be able to identify how the attack happened, what it targeted, the magnitude, how to remove its persistence, and how to prevent it from occurring again.
After the first 8 weeks you'll have obtained all the foundational skills of a Cyber Defense Analyst through hands-on live scenarios and will be ready to start applying to jobs.
Module 4: Security Operations (2 weeks)
You’ve been taught the tools and tradecraft. You’ll now start working in a SOC (Security Operations Center) as an analyst using what you’ve learned with the infrastructure you’ve learned how to build. You’ll hunt down indicators of compromise in logs, endpoints, and network activity with greater complexity. You’ll also learn how to create advanced IDS rules to detect threats and utilize PowerShell to build your own security tools.
Module 5: Cyber Threat Intelligence
Learn how to compile threat intelligence using tools such as MITRE ATT&CK, MISP, and FireEye intelligence reports to gather threat actor data. Develop the ability to succinctly research and deliver a Threat Intelligence Report on real-world adversaries. Ultimately, be able to describe and summarize what a threat actor is and suggest solutions to prevent attacks based on their tactics, techniques, and procedures.
Module 6: Linux OS
Learn how to navigate Linux and understand the fundamentals of the operating system. Be able to manage applications, users, group permissions, and to triage and hunt for indicators of compromise. You’ll also learn data stream redirection in depth, a fundamental component of nearly all remote threat actor activity and how to utilize variables, iteration, user input, error logging, and bash scripting to create your very own security tools! Finally, you’ll go through the gauntlet of a very compromised live Linux system that will put your triage knowledge to the test.
Read the full curriculum here.
At this point you’re more than ready to be a Security Analyst but you’ll come out more than just entry-level in this bootcamp. You’re going to learn more advanced concepts from here on out and continue building your repertoire of skills.
Module 7: Adversary Tactics
You’ll put your red team hat on and learn how to perform the same tactics that adversaries use to exploit modern networks. Learn how to thoroughly enumerate Windows and Linux systems and bypass controls like Windows Defender. Utilize Command & Control (C2) frameworks and toolkits to exploit vulnerable systems and services like threat actors do and maintain a form of advanced persistence. Perform threat actor attacks like pass-the-hash, impersonation, lateral movement, data exfiltration, SQL injection, SMB exfiltration, domain controller takeovers, and more.
Module 8: Network and Computer Forensics
Learn the concepts of forensic collection for both network and endpoint use-cases and use cases for registry hive forensics. Analyze and extract indicators and evidence from network traffic and identify how artifacts from malware can be recovered from areas such as Shimcache and Amcache. Collect and parse volatile memory from a compromised system. Compare and contrast the benefit and visibility provided by Windows forensic triage to uncover and identify malicious activity.
Module 9: Memory & Malware Analysis
Learn the difference between static and dynamic malware analysis. Learn how malware is created live in class by working as a group to create a new variant. Practice dumping strings from a binary to look for clues. Learn what obfuscation really means and how it pertains to malware. Practice de-obfuscating messages to uncover hidden messages. Familiarize yourself with reverse engineering and how code becomes a program using tools like Ghidra and PEStudio. Participate in a guided walk through as the instructor reverse engineers several binaries to unlock their secrets.
Module 10: Practical Cyber Triage
Put it all together for a week of intense live triage with everything you’ve learned with more complex incident scenarios on compromised systems including live attacks on your infrastructure that you need to respond to! Triage and report on diverse incidents within the network.
Module 11: Threat Hunting
Just when you thought you were done with triage – we’re pulling you back in for more! You’ll go through more complex triage scenarios and learn how to perform Threat Hunting and what it means for an organization. You’ll identify, hypothesize, plan and execute a Threat Hunting engagement.
Now you’re ready to take the CDCP and then go on to defend digital networks!
Read the full curriculum here.
The Cyber Defense Analyst Bootcamp is an investment of $9,500 USD.
To reserve your spot a deposit of $1,000 USD is required. Deposits can be placed online after clicking “Enroll Now” or by booking a call with our team.
By clicking on “Apply Now” you will be asked for your registration details and directed to a checkout to reserve your spot with a $1,000 USD deposit. For full payment, multiple financing options are available that we hope covers the majority of financial scenarios for all our students.
Our partnership with Climb Credit offers great 6 and 18 month interest free payments or a 36-month loan option.
We have partnered with the Meritize Platform to provide our students with financing options to fund your education. With a Meritize Loan, you can get credit for your merit and potentially improve your loan options by sharing your academic history or military background.
We’ve teamed up with MiaShare to offer an ISA (Income Share Agreement) so you have the option to defer payments until you get a job.
$9500
We've partnered with Climb Credit, Meritize, and MiaShare to offer a variety of flexible payment plans, loans, including an income share agreement (ISA).
Check them out here.
Yes, if there is still room in your desired Cohort you may defer your enrollment to another future Cohort (for the same course/bootcamp). If you need to defer your enrollment, tell our team as soon as possible to secure your spot in a future Cohort.
Deposits are non-refundable. However, Pathways payment plans are built to accept all applicants.
No. Although, we do recommend being comfortable using a computer and completing basic tasks on a computer. Students must complete the pre-requisite Cyber Foundations course before the live instructions which outlines basic, foundational skills you will need to succeed in CDA.
Yes. We welcome students from the UK and Canada to attend the CDCP bootcamp.
Classes begin on the first day of the Cohort and run 14 weeks, Monday through Thursday from 7pm-9pm CST. (8pm – 10pm EST or 5pm-7pm PST)
Our students get hired in roles Cyber Security Analyst, Cyber Security Engineer, Security Consultant, Digital Forensics & Incident Response Analyst, Compliance Analyst (see note on job titles below).
A FREE course for those interested in a career in Cyber Security and have no idea where to start with it.
The course is a pre-requisite to the Cyber Defense Analyst Bootcamp.
You'll learn about the most prevalent cyber risks and threats and the basics of Windows, Linux, and networking.
If you like this course, you'll likely really enjoy Cyber Security!
Get started here: https://leveleffect.com/home/cyber-security-foundations/
They're all the same position just with different naming conventions due to no standardized name in the private sector. The public sector as per the NIST federally mandated security framework calls these roles a “Cyber Defense Analyst” which is what we adhere to and have built our curriculum in accordance with
The Cyber Defense Analyst is a title suggested by the NIST NICE framework that is the same as these positions
The abilities, knowledge, skills, and tasks for this role can be found:
A Security Operations Center (SOC) is where the cyber security team works from in most organizations
Cyber Defense Analyst / Cyber Security Analyst
This is the majority of the jobs on the market and will likely be your starting position. You're the first point of contact to triage and respond to security incidents based on your "Tier" level and actively monitor the network for threats. There are generally three tiers and each has greater responsibility and expectations to resolve incidents.
Compliance Analyst
This could be another starting position but some technical experience will vastly expedite your success. You're responsible for ensuring everyone is following the rules but more importantly following the RIGHT rules and live in the land of processes, policies, documentation, and meetings. You'll work with just about everyone and have a birds-eye view of the security program preparing gap analyses and roadmaps to ensure the company security program is effective. You'll learn or become well-versed in PCI (credit card), HIPAA (health information), SOX (financial) and more legal/federal requirements.
Cyber Security Engineer
Part analyst, developer, and sysadmin, and generally considered a role after some experience as an analyst. When you're not supporting analyst activities you'll primarily be building out and implementing secure infrastructure/architecture and solutions with the IT or DevOps or Development team or with other Engineers. You'll work a lot of cloud technology and ensuring availability of resources are met in secure methods that prevent unauthorized access to accounts/data/services.
Threat Intelligence Analyst/Engineer
Part technical writer, part analyst and generally considered a role after some experience. You'll research, prepare, and present detailed reports on relative adversaries including their techniques, tactics, procedures and how your network can best stay focused and respond to these threats.
Incident Response Analyst/Engineer
Part analyst/part threat intel. A more specific analyst that is focused on responding to immediate threats and prepares playbooks to respond to them for others to follow. Creates log and traffic alerting logic using industry tools. This is typically not entry level and only available in larger organizations with funds to support it.
Penetration Tester
Not likely an entry level role but if you're skilled enough by self-teaching it can be. Accounts for a very small percentage of the jobs and is considered to be the "hacker". Your main function is to audit security controls under tight/strict scope put in place by defenders and see if you can circumvent them largely by looking for misconfigured permissions and known vulnerabilities and then preparing and presenting lengthy technical reports that detail your findings and recommended remediation steps to prevent them from happening or mitigating them with the resources available.
Red Teamer
This is along the lines of penetration testing but with little to no rules and is focused more on specific targets like "gain access to this database by whatever means" or simulate what advanced persistent threats (like Hafnium and REvil) may try to execute on your network. This role requires a lot of experience and is likely to include phishing and physical entry to the location to test overall security.
Digital Forensics or Malware Analyst/Engineer
A specialist role that focuses on post-incident analysis. Your function is to take apart malware and figure out how it works or dive deep into memory and disk data that is assumed to be hard to find/disassemble and recover the pieces. This role requires years of experience and likely only in public sectors or very profitable tech/fintech/health companies.
A Security+ cert may get you some more screening interviews by recruiters for entry level jobs, and may be required for certain federal/public sector positions.
If you're not taking a bootcamp or a graduate program, a certificate is a great way to demonstrate your interest and has a lower cost.
It gives you a good broad range of theoretical knowledge but you'll still need to supplement this with hands-on training (self-taught or paid) to be effective at work.
It may be necessary to get for advancement or pay raises after you're employed, and may be required for public sector work.
CISSP is for managerial/supervisory positions and requires actual job experience that must be vetted by an awarded CISSP holder for you to receive yours.
The CISSP cert could show demonstrated interest for getting into cyber, but there are better/more appropriate pursuits like Security+, Bootcamps, and self-teaching.
If you're interested in penetration testing or going the offensive route, this is a great certificate to go after currently.
It will highly increase your interview rate and should provide base skills to be ahead in technical interviews, but won't guarantee you a job as it does not currently test for lateral movement and complete active directory exploitation which is the majority of what you’ll encounter on the job.
Supplement pursuit of this cert with a lot of focus on Windows and Active Directory exploitation self-teaching/paid-teaching to make up for missed areas and you’ll be set up for success.
CTF stands for "Capture the Flag" where you need to find a pattern of text on the system like "LE-R99451-13375" These text patterns require you to use your knowledge of operating systems to traverse abnormal system configurations and permissions in order to find them. CTFs test on your ability to find "abnormal" configurations... however these will likely not be "common" misconfigurations as seen in the real world. They are the closest thing to "Cyber Olympics" that is currently out there.
Book a call with our team
Get updates and general awesomeness right from our team
© Copyright Level Effect LLC. 2021. All rights reserved.
