Your
Cybersecurity
Career Starts Here

Join us for an in-person experience in Chicago
Apply Now 
Hero banner

As Seen On

Bootcamp

IN-PERSON (Chicago)

Join us for 20-weeks of immersive and hands-on cybersecurity training. Students are expected to spend a total of 20 hours per week on Cybersecurity Bootcamp studies, including in-class and individual work. The learning experience involves watching pre-recorded lectures and lab tutorials outside of class, which allows more time in class for discussion and hands-on labs, resulting in a deeper and more practical understanding of cybersecurity. Live-online sessions meet Monday - Thursday from 7:00pm to9:00pm CT, and every other Saturday from 10:00am to 3:00pm CT.

Phase 1: First 4-weeks are live-online.
Phase 2: Last 16-weeks are in-person in Chicago, ILat Evolve Security Headquarters.

Check out
Frequently Asked Questions for more information about financing, scholarships, requirements and prep exercises.

Info Session

A Day in the Life

20-Weeks

4-week (live-online)
16-weeks (in-person)

Part-Time

M, T, W, Th (6-9pm CST)
Saturdays (10am-3pm CST)

CPEs

290 hours

Tuition

$14,500

Level

Beginner

In-Person

Lab Heavy
Video Testimonial

Montessori School Teacher to
Information Security Analyst

What is the

IN-PERSON Bootcamp Experience?

Lab Simulations /
Tools

We deliver hands-on, technical labs that delve into essential security concepts and real-world scenarios while incorporating best of bread open source and commercial tools including CarbonBlack, Splunk, Burp Suite, Nessus, Mandiant Redline, Metasploit, and more!

Gain Real Work
Experience

Students perform live security assessment work on non-profit organizations under instructor supervision, giving students the real work experience that employers demand.

Job
Preparation

We are committed to helping our students enter the cybersecurity industry. Through job preparation training, career coaching, and employer partners, students secure jobs that launch their career in cybersecurity.

Holistic
Approach

A well-rounded cybersecurity professional can see the bigger picture and will thrive in the industry. If you are going to defend, it is important to understand the mindset of a hacker, and vice versa.

Evolve Security Academy Certified

The real world isn’t a day full of multiple-choice questions so why is this the way individuals are currently certified? Evolve Security Certified Professionals (ESCP) successfully pass the bootcamp’s final written exam and a 24-hour hands-on ESCP lab exam, demonstrating their clear and practical understanding of cybersecurity.

Student
Teamwork

We believe the most effective way to learn is with a live instructor and the support of your peers. The IN-PERSON Bootcamp takes place in an intimate classroom setting where you will learn as much from your peers as you will from the instructor.

1-on-1 Competency
Assessments

The only way to become an expert is by learning, then doing, then teaching. Modeled after actual work environments – students have 1-on-1 competency assessments with the instructor to ensure all concepts are truly grasped.

Adjunct
Instructors

Subject matter experts instruct throughout the program, exposing students to the most relevant industry best practices. Students also benefit by expanding their professional network with industry leaders.

Security+ Voucher

CompTIA Security+ is a respected technical certification. The certification, coupled with hands-on work experience gained from the bootcamp, is well-received during the job search process. All students receive a voucher to pursue this certification after the bootcamp at no cost.
Ready to get started?

We are here to help.

view All Reviews 
upcoming

IN-PERSON Cohorts

Join us for 20-weeks of immersive and hands-on cybersecurity training. Students are expected to spend a total of 20 hours per week on Cybersecurity Bootcamp studies, including in-class and individual work. The learning experience involves watching pre-recorded lectures and lab tutorials outside of class, which allows more time in class for discussion and hands-on labs, resulting in a deeper and more practical understanding of cybersecurity.

The cohort meets Monday - Thursday from 6:00pm to 9:00pm CT, and every other Saturday from 10:00am to 3:00pm CT. The first 4-weeks are live-online and the remaining 16-weeks are in-person in Chicago.

IN-PERSON | (TBD)
Chicago
Upcoming cohorts dates are pending given COVID-19.
Apply Now  
In-PERSON & REMOTE

Curriculum

Introduction to
Cybersecurity

This module introduces core principles that are essential to forming a security mindset, which include the CIA Triad (Confidentiality / Integrity / Availability); Defense-in-Depth; Authentication, Authorization and Accounting; and Open Web Application Security Project (OWASP). Also, security is a mile wide and a mile deep and this module provides an overview of the various different domains within security, which include Application Security; Network Security; Hardware Security; Physical Security; Mobile Security; Operational Security (SecOps/OpsSec); Incident Response; Identity and Access Management; Governance, Risk & Compliance (GRC); and Disaster Recovery / Business Continuity.

TOPICS: Key Elements, CIA Triad, Defense-In-Depth, Domain Landscape, AAA Services, OWASPTOOLS: NIST 800, OWASP
Security
Program

This module focuses on how to understand, implement and manage a security program within an enterprise. Security professionals must have strong knowledge of how a company operates in order to implement effective security policies and procedure. You must understand who the company’s employees, customers, suppliers and competitors are and how digital information is created, accessed, and shared. Students will learn about the various compliance standards and security frameworks that are most commonly used in the industry.

TOPICS: Governance, Risk (Rating methodologies)
Strategies: Accept / Transfer / Mitigate), Compliance (Legal / Regulatory / HIPAA / PCI - DSS), Frameworks (NIST Cyber Security Framework / ISO 27001:02), Administration (Policies / Procedures / Standards / Guidelines), Privacy, Data Classification & Handling (Identification / Ownership / Data at rest / Data at motion / Scoping)
Threat
Landscape

An enterprise cannot properly defend their information unless they understand who they are defending against. This module discusses the current threat landscape and dives into where threats are coming from and what is motivating the threat actors.

TOPICS: Threat Sources & Events; Adversarial (Fraud / Theft , Insider Threat, Malicious Hackers, Malicious Code, Malware, Ransomware, Espionage); Non-adversarial (Errors and Omissions, Physical Infrastructure, Privacy and Data Sharing); Threat Motivations (Monetary, Hacktivism, IP Theft, Espionage)

TOOLS: Verizon Data Breach Reports
Networking

If you want to be 99% secure, just lock the door, unplug your Ethernet and turn off your WiFi. This module lays the foundation for computer networking and covers the basic network protocols that are used to run the Internet. Networking is the process of how connections are made and how computers / systems communicate with each other, which lays the foundation for cybersecurity.

TOPICS: LAN / WAN, OSI Model, TCP / IP Model, Network Protocols, IP v4 & IP v6, TCP, UDP, ICMP, Ports and Services, Routing & Switching, NAT / PAT, DNS, Network segmentation, Subnetting, VLANS

TOOLS: Kali Linux, Wireshark, TCPDUMP, Netcat, Netstat, Nmap, Dig, Nslookup, Whois
Scripting for
Security

This module focuses on how clients, systems, servers and databases all connect and communicate with one another. Students will work with Apache servers, Linux, SQL databases, virtual environments, Python, Git and AWS.

TOPICS: Client Server Model, App and Web Servers, Application Architecture, Databases (Relational / Non-relational), SQL basics RBAC (Role based access control), Command Line Basics, Programming w/ Python, Version Control Basics, Virtual Environments, Cloud Security (IaaS / PaaS / Saa / Shared Responsibility / SLAs)

TOOLS: NGNIXii, Apache, MySQL, PostgreSQL, Python, Git, PIP, VirtualENV, Django, AWS
Security Operations
Architecture

At the epicenter of defending against cyber-crime is the ability to initially prevent and then detect cyber-attacks as they occur in real time. This module teaches students on network architecture / design, firewall configuration, security monitoring, intrusion detection and prevention, and crisis management. It includes topics such as access control, signature configuration, log management, traffic analysis, data loss prevention, and troubleshooting components.

TOPICS: Firewalls (Access Control Lists / Filters / Rules / White List / Black List), Proxies, Remote Access, VPN, Network Access Control, Architecture / Design, Detect / Defend, Traffic Analysis, Logging / Log Management, Security Information Event Management (SIEM), Intrusion Detection System (IDS), Intrusion Prevention System (IPS), Data Loss Prevention (DLP)

TOOLS: Splunk, IPtables, Elastic Stack*, Palo Alto*, OpenVPN*, Docker*, LogRhythm*, QRadar*
Security Operations
Threat Modeling

It is much more difficult and expensive to address security after a system has been deployed and is being implemented or is in production. Security should be considered from the beginning of a systems development lifecycle in order to maximize security and minimize costs. In this module, students will learn best practices on hardening network devices (switches, routers, firewalls, IDPS), operating systems (Linux, Windows), software (web servers, application servers, database servers), and application code (APIs, portals, OWASP).

TOPICS: Secure Design Principals, Built-In vs. Bolt-On, Hardening (Operating Systems: Linux & Windows, Servers, Web Applications, Mobile), OWASP Top 10, Patching, Secure Software Development Lifecycle (SSDLC)

TOOLS: Snort, File ACLs, WebGoat, CentOS, Debian / Ubuntu
Cryptography

A cyber-criminal cannot do much damage to an enterprise if they are unable to read the data they steal. This module first focuses on the core concepts of encryption (Boolean Logic, Modulus Arithmetic, hashing) and how it is used within secure protocols (SSL, TLS, SSH). Then focus shifts on how to implement and manage encryption policies within an enterprise (signatures, key management, PKI) as well as understanding the vulnerabilities and misconfigurations that most commonly go wrong during implementation. Finally, we have the students put up their black hoody and hunker down in their basement where they get to use brute force, rainbow tables and various other hacker tools to crack passwords from hashed data.

TOPICS: Boolean Logic, Modulus Arithmetic, Symmetric / Asymmetric, Hashing, TLS / SSL, Disk encryption, Key Derivation Functions, Digital Signatures, Key Management: Public Key Infrastructure, Password Cracking: Rainbow Tables

TOOLS: OpenSSL, Hashcat, MD5 / SHA, VeraCrypt, Bcrypt, Hydra
OSINT & Social
Engineering

Physical security has been important for thousands of years and will most likely be just as important for thousands of more years. It doesn’t matter how complex your encryption algorithm is or how robust your firewall is if you leave the door to the server room unlocked. Also, people will always be involved in the process of accessing information and thus will continue to be vulnerable to attacks. People may not be fooled by the Tanzanian prince needing a US bank account to transfer his $20 million, but it will still be a while before they can resist the temptation to click on the link to a funny cat video. In this module, students will learn to pick locks, will socially engineer themselves through a help desk and will run actual email phishing campaigns.

TOPICS: Physical Access Controls, Deterrents and Monitoring, Security Awareness, Social Engineering (Email / Phishing / In-Person / Telephony

TOOLS: Lock picking
AppSec & Offensive
Security

How do we know if all the policies, procedures, firewalls, ACLs, or intrusion detection and prevention systems are working unless we test them? This module focuses on how to review security programs and perform various security vulnerability assessments throughout an enterprise. This is when students get to embody the mindset up a hacker and perform penetration tests where they mimic real-world attacks in an attempt to identify ways to circumvent the security features of an application, system or network. A successful pen tester has in-depth knowledge of how networks, systems, and applications are defended so this is where students get to really test everything they have learned to date. This module ends with the cohort splitting into teams for a red team / blue team exercise that has been known to get obnoxiously competitive.

TOPICS: Assessment Approach, Testing Viewpoints (Internal / External, Overt / Covert, White box / Gray Box / Black Box), Mitigation and Remediation, Vulnerability Scanning, Penetration Testing, Bug Bounty, DevSecOps, Red Team / Blue Team

TOOLS: Carbon Black, Metasploit, Nikto, Nessus, Burp Suite, Veracode, Shodan, Discover scripts, Terraform*, Qualys*
Threat Hunting &
Incident Response

The new mindset in security is that there are two types of companies: companies that know that they have been breached and companies that don’t know that they have been breached. One-third of U.S. business were breached last year and nearly 75% were unaware of how the incident occurred. In this module, students learn that it is vital that companies properly respond after a breach and have a process to perform forensics to best learn how the breach occurred and understand how it affects the company.

TOPICS: CSIRT, NIST: IR Methodology (Preparation / Detection & Analysis / Containment, Eradication & Recovery / Post-Incident Activity), NIST: Forensics Process (Data Collection / Examination / Analysis / Reporting), Threat Intelligence (Cyber Kill Chain / Diamond Model)

TOOLS: FireEye Redline (Mandiant), Volatility
Job
Preparation

Companies hire people – not pieces of paper – you've invested great time and energy into this training but you only have about an hour to show a potential employer that you are the one for the job. Through job preparation training, career coaching, and employer partners, students secure jobs that launch their career in cybersecurity. Additionally, IN-PERSON Bootcamp students take advantage of local Meetup events as a cohort where they have the opportunity to meet industry professionals and expand their network. We know what it takes to get a job in cybersecurity and continuously support our students through their job search process.

TOPICS: Networking, LinkedIn Profile, Resume Prep, Interview Prep, Job Search Strategy, Continuing Education, CompTIA Security+

Bootcamps