Cyber Defense Analyst Bootcamp

Adversaries are always learning, adapting, and deploying new techniques to undermine your network and turn it against itself and the organization.

The Cyber Defense Analyst bootcamp teaches students how to defend and protect an organization’s Windows network. You will also learn how to assess and communicate threats to executives and implement organization wide security practices.

, Cyber Defense Analyst Bootcamp

Rated a top Cyber Security Bootcamp


We don’t mean to brag, but we’re 5 stars across the board. Just check out our reviews. Notably, Course Report, a global authority for online education has included us as a Top Rated bootcamp in their 2021 list of the best Cyber Security Bootcamps, worldwide. 

Bachelor of Science in Cybersecurity Approved

Purdue University Global has officially approved our Cyber Defense Analyst Bootcamp for a 47 credit transfer toward their degree. If you’re already working toward your degree, or are interested in pursuing an amazing education at Purdue – graduating our bootcamp doubles up in helping you succeed in more ways than one.

, Cyber Defense Analyst Bootcamp

What's the Level Effect experience like?

104 Hours

Live online

1 on 1s

For personalized learning

14 Weeks

Mon - Thurs
7pm-9pm CST

70 + Labs

With real world scenarios

CDCP Cert.

Capstone attempt included

Bootcamp classes are instructed live Monday - Thursday from 7pm-9pm CST

Classes are hosted on our custom built platform. Students are provided with personal virtual machines to learn the skills they will need to apply in a corporate network that is under attack from advanced threat actors.


Book a call with our team

What is the Cyber Defense Certified Professional (CDCP) Certification?

, Cyber Defense Analyst Bootcamp

The Cyber Defense Certified Professional (CDCP) is filling a gap in cyber defense certification for both the hard and soft skills that are required and in high demand within the cyber community.

This is accomplished through a battery of real-world security operations scenarios that students must overcome and articulate in a detailed report that includes the appropriate executive summary, findings, recommendations and remediation steps along with applicable evidence.

This course is designed to provide a practical and real-world experience for students. 

The objective is to empower students with realistic and applicable skills that can be applied on the job. The bootcamp is fast-paced, high volume and challenging. 

Holders of a Cyber Defense Certified Professional certificate have demonstrated the knowledge, skills, and practical application to work within a security operations team.

Go for Gold

Holders of the GOLD CDCP demonstrate an excellence in delivery, technical skill, and comprehension of assigned challenges. Only one student can be nominated for GOLD status per cohort and only IF they exceed our traditional passing standards for CDCP.

, Cyber Defense Analyst Bootcamp

Why learn with Level Effect?

Industry Leading Instructors

Taught by real threat hunters and engineers who’ve worked in the industry for years, and wrote the curriculum you will be learning. 

Learn through theory, practice and real world stories from our team of US veterans and seasoned pros. 

Cyber Defense Certified Professional Capstone Exam

Students complete the CDCP capstone exam at the end of each cohort to demonstrate their practical skills and achieve their certification. The exam is 100% hands on, no multiple choice, and submitted as a report that is manually graded by instructors to ensure verification of learning outcomes. 

Custom Cyber Range & Content Platform

No expensive hardware required. Attend the bootcamp with any computer you use to browse the web because our learning platform includes a custom cyber range and content hosting to make your learning experience faster, easier and more accessible.

Career Coaching

The demand for Cyber Defenders is at an all time high. Our team will help you get a job in Cybersecurity, every step of the way. 

From understanding job descriptions, preparing your resume and conducting mock interviews, the job search is part of the bootcamp class discussion every week. 


Curriculum mapped to
NIST NICE Framework

The National Institute of Standards and Technology (NIST) has released a Workforce Framework for Cybersecurity. Our curriculum is built to meet and exceed all requirements that a Cyber Defense Analyst (CDA) requires as per the framework and adds additional intermediate/advanced material based on the real-life experience of our course creators. 

Personalized Learning

Our instructors will meet with you for a series of mandatory 1 on 1s through the bootcamp to ensure you’re pacing well with the learning outcomes, as well as providing individualized support to your growth.

Once you graduate our team is continuously there to support alumni in their job search and as they grow throughout their career.

Bootcamp structure

The Cyber Defense Analyst bootcamp utilizes military style training techniques to equip students with vast knowledge in a short period of time. We do this by structuring the content so every module builds off techniques and tools learned from the previous ones; you’ll use what you learned in the first few weeks in the last weeks but with more skill and complexity involved. 

There’s no Learning Platform out there dedicated to providing Cybersecurity content. So, we built our own, and serve our content on it. This allows a structure that is by design meant to make acquisition of Cyber related knowledge faster, easier, and more accessible. It also means less cost for us to maintain and less cost for you as a student to use.

You will learn Windows and Networking until you're blue in the face, and no, you will not be given a Kali linux box with shiny simple hacking lessons. You will work within Windows to defend and break Windows.  


We don't let you get reliant on auto-win tools. You're going to learn the manual foundational way to triage and defend endpoints. This makes everything easier to understand and greatly expedites your ability to acquire knowledge through the course and beyond. 


Module 1: Networking 

Malware can only get so far until it needs to get over the wire to spread and become an advanced threat. Perform in-depth network traffic capture analysis and triage. Learn how to use industry tools like Wireshark, Snort, and Zeek, to dissect network traffic and identify malicious activity. 


Module 2: Windows Enterprise Network 

Learn the fundamentals of enterprise Windows networks in today’s workplaces from the server to the regular user workstation by configuring key active directory infrastructure and understanding how domain services work – and how they can be vulnerable. You’ll also administer and script group policies to understand how different components of active directory work together. 


Module 3: Advanced Windows OS (2 weeks) 

You’re not done with Windows yet! You’ll work in and out from it the vast majority of your cyber career and need to be able to defend and triage this operating system inside out.  Using what you built the module before, learn key components like processes, threads, memory, I/O, DLLs, drivers, and registry. You’ll then perform complete triage of live compromised Windows systems and identify indicators of compromise along with reporting on how to remediate the incidents.


Read the full curriculum here.

The pace and complexity gets a bit more difficult from here but you’re able to stand on your two feet and navigate through it. You'll come out here where we'll throw a compromised host at you and you'll be able to identify how the attack happened, what it targeted, the magnitude, how to remove its persistence, and how to prevent it from occurring again.  


After the first 8 weeks you'll have obtained all the foundational skills of a Cyber Defense Analyst through hands-on live scenarios and will be ready to start applying to jobs. 


Module 4: Security Operations (2 weeks) 

You’ve been taught the tools and tradecraft. You’ll now start working in a SOC (Security Operations Center) as an analyst using what you’ve learned with the infrastructure you’ve learned how to build. You’ll hunt down indicators of compromise in logs, endpoints, and network activity with greater complexity. You’ll also learn how to create advanced IDS rules to detect threats and utilize PowerShell to build your own security tools.  


Module 5: Cyber Threat Intelligence 

Learn how to compile threat intelligence using tools such as MITRE ATT&CK, MISP, and FireEye intelligence reports to gather threat actor data. Develop the ability to succinctly research and deliver a Threat Intelligence Report on real-world adversaries. Ultimately, be able to describe and summarize what a threat actor is and suggest solutions to prevent attacks based on their tactics, techniques, and procedures. 


Module 6: Linux OS 

Learn how to navigate Linux and understand the fundamentals of the operating system. Be able to manage applications, users, group permissions, and to triage and hunt for indicators of compromise. You’ll also learn data stream redirection in depth, a fundamental component of nearly all remote threat actor activity and how to utilize variables, iteration, user input, error logging, and bash scripting to create your very own security tools! Finally, you’ll go through the gauntlet of a very compromised live Linux system that will put your triage knowledge to the test. 

Read the full curriculum here.

At this point you’re more than ready to be a Security Analyst but you’ll come out more than just entry-level in this bootcamp. You’re going to learn more advanced concepts from here on out and continue building your repertoire of skills.  


Module 7: Adversary Tactics 

You’ll put your red team hat on and learn how to perform the same tactics that adversaries use to exploit modern networks. Learn how to thoroughly enumerate Windows and Linux systems and bypass controls like Windows Defender. Utilize Command & Control (C2) frameworks and toolkits to exploit vulnerable systems and services like threat actors do and maintain a form of advanced persistence. Perform threat actor attacks like pass-the-hash, impersonation, lateral movement, data exfiltration, SQL injection, SMB exfiltration, domain controller takeovers, and more. 


Module 8: Network and Computer Forensics 

Learn the concepts of forensic collection for both network and endpoint use-cases and use cases for registry hive forensics.  Analyze and extract indicators and evidence from network traffic and identify how artifacts from malware can be recovered from areas such as Shimcache and Amcache. Collect and parse volatile memory from a compromised system. Compare and contrast the benefit and visibility provided by Windows forensic triage to uncover and identify malicious activity.  


Module 9: Memory & Malware Analysis 

Learn the difference between static and dynamic malware analysis. Learn how malware is created live in class by working as a group to create a new variant. Practice dumping strings from a binary to look for clues. Learn what obfuscation really means and how it pertains to malware. Practice de-obfuscating messages to uncover hidden messages. Familiarize yourself with reverse engineering and how code becomes a program using tools like Ghidra and PEStudio. Participate in a guided walk through as the instructor reverse engineers several binaries to unlock their secrets. 


Module 10: Practical Cyber Triage 

Put it all together for a week of intense live triage with everything you’ve learned with more complex incident scenarios on compromised systems including live attacks on your infrastructure that you need to respond to! Triage and report on diverse incidents within the network.  


Module 11: Threat Hunting 

Just when you thought you were done with triage – we’re pulling you back in for more! You’ll go through more complex triage scenarios and learn how to perform Threat Hunting and what it means for an organization. You’ll identify, hypothesize, plan and execute a Threat Hunting engagement.  


Now you’re ready to take the CDCP and then go on to defend digital networks! 

Read the full curriculum here.

Alumni experiences


The Cyber Defense Analyst Bootcamp is an investment of $9,500 USD. 

To reserve your spot a deposit of $1,000 USD is required. Deposits can be placed online after clicking “Enroll Now” or by booking a call with our team.

By clicking on “Apply Now” you will be asked for your registration details and directed to a checkout to reserve your spot with a $1,000 USD deposit.  For full payment, multiple financing options are available that we hope covers the majority of financial scenarios for all our students.


, Cyber Defense Analyst Bootcamp

Our partnership with Climb Credit offers great 6 and 18 month interest free payments or a 36-month loan option.

, Cyber Defense Analyst Bootcamp

We have partnered with the Meritize Platform to provide our students with financing options to fund your education. With a Meritize Loan, you can get credit for your merit and potentially improve your loan options by sharing your academic history or military background.

, Cyber Defense Analyst Bootcamp

We’ve teamed up with MiaShare to offer an ISA (Income Share Agreement) so you have the option to defer payments until you get a job.

Early Bird Registration?

Receive $1,000 off tuition when you register four weeks before the cohort start date.

Active Duty, Veteran, First Responder?

We thank you for your service. Receive $500 off tuition.

Upcoming Cohorts

Winter 2022

Starts Jan. 17, 2022 (register by Dec 17th & save $1000)

Spring 2022

Starts May 23, 2022 (register by April 23rd & save $1000)

What students say

Our alumni get hired at companies like:

Frequently Asked Questions

Cyber Defense Analyst Bootcamp


We've partnered with Climb Credit, Meritize, and MiaShare to offer a variety of flexible payment plans, loans, including an income share agreement (ISA).


Check them out here.

Yes, if there is still room in your desired Cohort you may defer your enrollment to another future Cohort (for the same course/bootcamp). If you need to defer your enrollment, tell our team as soon as possible to secure your spot in a future Cohort. 

Deposits are non-refundable. However, Pathways payment plans are built to accept all applicants.  

No. Although, we do recommend being comfortable using a computer and completing basic tasks on a computer. Students must complete the pre-requisite Cyber Foundations course before the live instructions which outlines basic, foundational skills you will need to succeed in CDA. 

Yes. We welcome students from the UK and Canada to attend the CDCP bootcamp. 

Classes begin on the first day of the Cohort and run 14 weeks, Monday through Thursday from 7pm-9pm CST. (8pm – 10pm EST or 5pm-7pm PST) 

Our students get hired in roles Cyber Security Analyst, Cyber Security Engineer, Security Consultant, Digital Forensics & Incident Response Analyst, Compliance Analyst (see note on job titles below). 

General FAQ

A FREE course for those interested in a career in Cyber Security and have no idea where to start with it.

The course is a pre-requisite to the Cyber Defense Analyst Bootcamp.

You'll learn about the most prevalent cyber risks and threats and the basics of Windows, Linux, and networking.

If you like this course, you'll likely really enjoy Cyber Security!

Get started here:

They're all the same position just with different naming conventions due to no standardized name in the private sector. The public sector as per the NIST federally mandated security framework calls these roles a “Cyber Defense Analyst” which is what we adhere to and have built our curriculum in accordance with

The Cyber Defense Analyst is a title suggested by the NIST NICE framework that is the same as these positions

The abilities, knowledge, skills, and tasks for this role can be found: 

A Security Operations Center (SOC) is where the cyber security team works from in most organizations 

Cyber Defense Analyst / Cyber Security Analyst 

This is the majority of the jobs on the market and will likely be your starting position. You're the first point of contact to triage and respond to security incidents based on your "Tier" level and actively monitor the network for threats. There are generally three tiers and each has greater responsibility and expectations to resolve incidents. 


Compliance Analyst 

This could be another starting position but some technical experience will vastly expedite your success. You're responsible for ensuring everyone is following the rules but more importantly following the RIGHT rules and live in the land of processes, policies, documentation, and meetings. You'll work with just about everyone and have a birds-eye view of the security program preparing gap analyses and roadmaps to ensure the company security program is effective. You'll learn or become well-versed in PCI (credit card), HIPAA (health information), SOX (financial) and more legal/federal requirements. 


Cyber Security Engineer 

Part analyst, developer, and sysadmin, and generally considered a role after some experience as an analyst. When you're not supporting analyst activities you'll primarily be building out and implementing secure infrastructure/architecture and solutions with the IT or DevOps or Development team or with other Engineers. You'll work a lot of cloud technology and ensuring availability of resources are met in secure methods that prevent unauthorized access to accounts/data/services. 


Threat Intelligence Analyst/Engineer 

Part technical writer, part analyst and generally considered a role after some experience. You'll research, prepare, and present detailed reports on relative adversaries including their techniques, tactics, procedures and how your network can best stay focused and respond to these threats. 


Incident Response Analyst/Engineer 

Part analyst/part threat intel. A more specific analyst that is focused on responding to immediate threats and prepares playbooks to respond to them for others to follow. Creates log and traffic alerting logic using industry tools. This is typically not entry level and only available in larger organizations with funds to support it. 


Penetration Tester 

Not likely an entry level role but if you're skilled enough by self-teaching it can be. Accounts for a very small percentage of the jobs and is considered to be the "hacker". Your main function is to audit security controls under tight/strict scope put in place by defenders and see if you can circumvent them largely by looking for misconfigured permissions and known vulnerabilities and then preparing and presenting lengthy technical reports that detail your findings and recommended remediation steps to prevent them from happening or mitigating them with the resources available. 


Red Teamer 

This is along the lines of penetration testing but with little to no rules and is focused more on specific targets like "gain access to this database by whatever means" or simulate what advanced persistent threats (like Hafnium and REvil) may try to execute on your network. This role requires a lot of experience and is likely to include phishing and physical entry to the location to test overall security. 


Digital Forensics or Malware Analyst/Engineer 

A specialist role that focuses on post-incident analysis. Your function is to take apart malware and figure out how it works or dive deep into memory and disk data that is assumed to be hard to find/disassemble and recover the pieces. This role requires years of experience and likely only in public sectors or very profitable tech/fintech/health companies. 

A Security+ cert may get you some more screening interviews by recruiters for entry level jobs, and may be required for certain federal/public sector positions.


If you're not taking a bootcamp or a graduate program, a certificate is a great way to demonstrate your interest and has a lower cost.


It gives you a good broad range of theoretical knowledge but you'll still need to supplement this with hands-on training (self-taught or paid) to be effective at work.


It may be necessary to get for advancement or pay raises after you're employed, and may be required for public sector work.


CISSP is for managerial/supervisory positions and requires actual job experience that must be vetted by an awarded CISSP holder for you to receive yours.


The CISSP cert could show demonstrated interest for getting into cyber, but there are better/more appropriate pursuits like Security+, Bootcamps, and self-teaching.

If you're interested in penetration testing or going the offensive route, this is a great certificate to go after currently.


It will highly increase your interview rate and should provide base skills to be ahead in technical interviews, but won't guarantee you a job as it does not currently test for lateral movement and complete active directory exploitation which is the majority of what you’ll encounter on the job.


Supplement pursuit of this cert with a lot of focus on Windows and Active Directory exploitation self-teaching/paid-teaching to make up for missed areas and you’ll be set up for success. 

CTF stands for "Capture the Flag" where you need to find a pattern of text on the system like "LE-R99451-13375"  These text patterns require you to use your knowledge of operating systems to traverse abnormal system configurations and permissions in order to find them. CTFs test on your ability to find "abnormal" configurations... however these will likely not be "common" misconfigurations as seen in the real world. They are the closest thing to "Cyber Olympics" that is currently out there.

Experienced professionals as your Instructors

Thinking about Cybersecurity?

Take a quiz and see if it's right for you.

Technical Aptitude Test

Not sure if you have the technical skills to work in Cybersecurity? Take the quiz and see for yourself. 

Cyber Career Quiz

Explore your skills and get matched with the Cybersecurity role that is right for you. 

Have questions?

Book a call with our team