This module introduces core principles that are essential to forming a security mindset, which include the CIA Triad (Confidentiality / Integrity / Availability); Defense-in-Depth; Authentication, Authorization and Accounting; and Open Web Application Security Project (OWASP). Also, security is a mile wide and a mile deep and this module provides an overview of the various different domains within security, which include Application Security; Network Security; Hardware Security; Physical Security; Mobile Security; Operational Security (SecOps/OpsSec); Incident Response; Identity and Access Management; Governance, Risk & Compliance (GRC); and Disaster Recovery / Business Continuity.
If you want to be 99% secure, just lock the door, unplug your Ethernet and turn off your WiFi. This module lays the foundation for computer networking and covers the basic network protocols that are used to run the Internet. Networking is the process of how connections are made and how computers / systems communicate with each other, which lays the foundation for cybersecurity.
TOOLS: Kali Linux, Wireshark, TCPDUMP, Netcat, Netstat, Nmap, Dig, Nslookup, Whois
This module focuses on how to understand, implement and manage a security program within an enterprise. Security professionals must have strong knowledge of how a company operates in order to implement effective security policies and procedure. You must understand who the company’s employees, customers, suppliers and competitors are and how digital information is created, accessed, and shared. Students will learn about the various compliance standards and security frameworks that are most commonly used in the industry.
Strategies: Accept / Transfer / Mitigate), Compliance (Legal / Regulatory / HIPAA / PCI - DSS), Frameworks (NIST Cyber Security Framework / ISO 27001:02), Administration (Policies / Procedures / Standards / Guidelines), Privacy, Data Classification & Handling (Identification / Ownership / Data at rest / Data at motion / Scoping)
OSINT & Social
Physical security has been important for thousands of years and will most likely be just as important for thousands of more years. It doesn’t matter how complex your encryption algorithm is or how robust your firewall is if you leave the door to the server room unlocked. Also, people will always be involved in the process of accessing information and thus will continue to be vulnerable to attacks. People may not be fooled by the Tanzanian prince needing a US bank account to transfer his $20 million, but it will still be a while before they can resist the temptation to click on the link to a funny cat video. In this module, students will learn to pick locks, will socially engineer themselves through a help desk and will run actual email phishing campaigns.
TOOLS: Lock picking
An enterprise cannot properly defend their information unless they understand who they are defending against. This module discusses the current threat landscape and dives into where threats are coming from and what is motivating the threat actors.
TOOLS: Verizon Data Breach Reports
This module focuses on how clients, systems, servers and databases all connect and communicate with one another. Students will work with Apache servers, Linux, SQL databases, virtual environments, Python, Git and AWS.
TOOLS: NGNIXii, Apache, MySQL, PostgreSQL, Python, Git, PIP, VirtualENV, Django, AWS
At the epicenter of defending against cyber-crime is the ability to initially prevent and then detect cyber-attacks as they occur in real time. This module teaches students on network architecture / design, firewall configuration, security monitoring, intrusion detection and prevention, and crisis management. It includes topics such as access control, signature configuration, log management, traffic analysis, data loss prevention, and troubleshooting components.
TOOLS: Splunk, IPtables, Elastic Stack*, Palo Alto*, OpenVPN*, Docker*, LogRhythm*, QRadar*
It is much more difficult and expensive to address security after a system has been deployed and is being implemented or is in production. Security should be considered from the beginning of a systems development lifecycle in order to maximize security and minimize costs. In this module, students will learn best practices on hardening network devices (switches, routers, firewalls, IDPS), operating systems (Linux, Windows), software (web servers, application servers, database servers), and application code (APIs, portals, OWASP).
TOOLS: Snort, File ACLs, WebGoat, CentOS, Debian / Ubuntu
A cyber-criminal cannot do much damage to an enterprise if they are unable to read the data they steal. This module first focuses on the core concepts of encryption (Boolean Logic, Modulus Arithmetic, hashing) and how it is used within secure protocols (SSL, TLS, SSH). Then focus shifts on how to implement and manage encryption policies within an enterprise (signatures, key management, PKI) as well as understanding the vulnerabilities and misconfigurations that most commonly go wrong during implementation. Finally, we have the students put up their black hoody and hunker down in their basement where they get to use brute force, rainbow tables and various other hacker tools to crack passwords from hashed data.
TOOLS: OpenSSL, Hashcat, MD5 / SHA, VeraCrypt, Bcrypt, Hydra
AppSec & Offensive
How do we know if all the policies, procedures, firewalls, ACLs, or intrusion detection and prevention systems are working unless we test them? This module focuses on how to review security programs and perform various security vulnerability assessments throughout an enterprise. This is when students get to embody the mindset up a hacker and perform penetration tests where they mimic real-world attacks in an attempt to identify ways to circumvent the security features of an application, system or network. A successful pen tester has in-depth knowledge of how networks, systems, and applications are defended so this is where students get to really test everything they have learned to date. This module ends with the cohort splitting into teams for a red team / blue team exercise that has been known to get obnoxiously competitive.
TOOLS: Carbon Black, Metasploit, Nikto, Nessus, Burp Suite, Veracode, Shodan, Discover scripts, Terraform*, Qualys*
Threat Hunting &
The new mindset in security is that there are two types of companies: companies that know that they have been breached and companies that don’t know that they have been breached. One-third of U.S. business were breached last year and nearly 75% were unaware of how the incident occurred. In this module, students learn that it is vital that companies properly respond after a breach and have a process to perform forensics to best learn how the breach occurred and understand how it affects the company.
TOOLS: FireEye Redline (Mandiant), Volatility
During the final portion of the bootcamp, students apply what they have learned to a real-work environment by serving as a security apprentice to complete a security assessment for a non-profit organization. Students will work with their small group to conduct a vulnerability assessment, analyze the results, recommend appropriate remediation measures and develop a report for the executive management, thereby gaining valuable experience that will aid them in their job search. Students will follow the Evolve Security services methodology, used by our cybersecurity engineers, to conduct the assessment and learn what it is like to work directly with a client.
Companies hire people – not pieces of paper – you've invested great time and energy into this training but you only have about an hour to show a potential employer that you are the one for the job. Through job preparation training, career coaching, and employer partners, students secure jobs that launch their career in cybersecurity. Additionally, IN-PERSON Bootcamp students take advantage of local Meetup events as a cohort where they have the opportunity to meet industry professionals and expand their network. We know what it takes to get a job in cybersecurity and continuously support our students through their job search process.
IN-PERSON & REMOTE Cohorts
The Cybersecurity Bootcamp is 20-weeks of immersive and hands-on cybersecurity training. Students are expected to spend a total of 20 hours per week on Cybersecurity Bootcamp studies, including in-class and individual work. The learning experience involves watching pre-recorded lectures and lab tutorials outside of class, which allows more time in class for discussion and hands-on labs, resulting in a deeper and more practical understanding of cybersecurity. At the conclusion of each module, students complete verbal competency assessments to ensure they fully grasp the concepts and are prepared to communicate their skills in a job interview.
The first 4 weeks are remote through live-online instruction and the remaining 16 weeks meet in-person in Chicago at Evolve Security headquarters.
For additional support, office hours are available from 6:00pm-7:00pm CT on Mondays and Wednesdays and from 9:00pm-10:00pm CT on Tuesdays and Thursdays.