There are three huge reasons why SEC474: Building a Healthcare Security and Compliance Program is important to all healthcare organizations. First, the problem of healthcare security is big and only getting bigger. Adversaries are becoming more sophisticated in their approach and more focused on healthcare because of the value of the sector's data. Healthcare organizations of all sizes and types are concerned that the lack of properly trained security professionals is resulting in IT systems that are insecure and that they may be out of compliance and face steep fines. Second, fines under the Health Insurance Portability and Accountability Act (HIPAA) are only getting bigger. Recent years have seen many million-dollar+ fines levied against healthcare organizations for not being "HIPAA Compliant." Recent trends show that this situation is getting worse, not better. Third, HIPAA compliance regulations don't actually tell you how to attain "HIPAA Compliance." With absent specific guidance, organizations are left to figure out these challenges on their own. This course has been designed to help organizations with concrete guidance to build a secure and compliant environment.

The world is changing and so is the data we need to conduct our investigations. New platforms change how data is stored and accessed. They remove the examiner's ability to put their hands directly on the data. Many examiners are trying to force old methods for on-premise examination onto cloud hosted platforms. Rather than resisting change, examiners must learn to embrace the new opportunities presented to them in the form of new evidence sources.

SEC661 is designed to break down the complexity of exploit development and the difficulties with analyzing software that runs on IoT devices. Students will learn how to interact with software running in ARM environments and write custom exploits against known IoT vulnerabilities.

MGT520 teaches students how to build, lead, and implement a cloud security transition plan and roadmap, and then execute and manage ongoing operations. An organization's cloud transition requires numerous key decisions. This course provides the information security leaders need to drive a secure cloud model and leapfrog on security by leveraging the security capabilities in the cloud.

This course teaches practical open-source intelligence (OSINT) analysis and automation techniques. You will learn tradecraft tips, tactics, techniques, and procedures based on real-world examples that will enable you to carry out in-depth OSINT analysis of groups, image and video verification, and OSINT operations security, as well as understand the foundations of automating OSINT with Python.

SEC556 is designed to help you build the vital skills needed to identify, assess, and exploit basic and complex security mechanisms in IoT devices. From firmware and network protocol analysis to hardware implementation issues and all the way to application flaws, this course facilitates examining the entire IoT ecosystem, giving you the tools and hands-on techniques to evaluate the ever-expanding IoT attack surface.

SEC554 will teach you the essential topics of blockchain and smart contract technology. The course takes a detailed look at the cryptography and transactions behind blockchain and provides the hands-on training and tools to deploy, audit, scan, and exploit blockchain and smart contract assets.

SEC557 teaches professionals tasked with ensuring security and compliance how to stop being a roadblock and work at the speed of the modern enterprise. You'll learn how to measure and visualize security data using the same tools that developers and engineers are using, as well as how to extract, load, and visualize data from cloud services, on-premise systems, and security tools. The course includes PowerShell scripting, automation, time-series databases, dashboard software, and even spreadsheets to present management with the strategic information it needs and to facilitate the work of your operations staff with sound tactical data.

SEC583 is a one-day, lab-heavy course designed to teach the powerful skill of how to craft and manipulate packets through the use of many hands-on activities. This skill can be used to test policies, behaviors, and configurations and will also provide deeper understanding of TCP/IP and application protocols.

Are you a Blue Teamer who has been asked to do more with less? Do you wish you could detect and respond at the same pace as your adversaries who are breaking into and moving within the network? SEC586: Blue Team Operations: Defensive PowerShell teaches deep automation and defensive capabilities using PowerShell. Come join us and learn how to automate everything from regular hardening and auditing tasks to advanced defenses. This course will provide you with skills for near real-time detection and response and elevate your defenses to the next level.

Data science, artificial intelligence, and machine learning aren't just the latest buzzwords - they are fast becoming primary tools in our information security arsenal. The problem is that, unless you have a degree in mathematics or data science, you're likely at the mercy of vendors of these tools. The new SEC595 course completely demystifies machine learning and data science. More than 50 percent of the time in class is spent solving machine learning and data science problems hands-on, rather than just talking about them.

SEC550 will give you an understanding of the core principles of cyber deception allowing you to plan and implement cyber deception campaigns to fit virtually any environment. Turn the tables on attackers, so they need to be perfect to avoid detection, while you need to be right only once to catch them.

FOR608: Enterprise-Class Incident Response & Threat Hunting focuses on developing the skills and techniques necessary to respond to large-scale intrusions across diverse enterprise networks.

Open-Source Intelligence (OSINT) is the engine of most major investigations in this digital age, so there has been an increasing need for a more advanced course on the topic. The data in almost every OSINT investigation have become more complex to collect, exploit, and analyze, so practitioners around the world need to perform OSINT at scale and have the means and methods to check and report on the reliability of their analysis for sound and unbiased reports. In SEC587 you will learn how to perform advanced OSINT gathering and analysis, and understand and use common programming languages such as JSON and Python. SEC587 will also cover the dark web and financial (cryptocurrency) topics, as well as OSINT analysis of disinformation and fake news. This is a fast-paced advanced course that provides seasoned OSINT investigators with new techniques and methodologies, while giving entry-level OSINT analysts the extra depth they need to find, collect, and analyze data sources from all around world.