Introduction to Cyber Warfare
An introductory workshop into cyber-warfare, exploring the basic concepts, threat maps, and security solutions.
40 hours
Management and Awarenesss
40 hours
Management and Awarenesss


Once exclusive to the most powerful intelligence agencies, advanced cyber-attack knowledge has gradually trickled down to small groups and individuals offering their services to anyone willing to pay. Zero-day attacks on browsers and operating systems happen on an almost daily basis with security personnel lacking the tools and knowledge to deal with this new offensive.  
This course provides the basic knowledge required to understand the contemporary cyber threat landscape and the structure of the “cyber kill chain”. It covers the main techniques users by attackers in recent years and investigates the damage caused to company information systems. During the second half of the course, students are introduced to current commonly accepted defense techniques and review their effectiveness and cost. They also learn how to “stitch” protection suits (the identities of new professionals tackling these threats). By the end of the course, students will understand that cyber defense and attack differ only in terms of operational objectives.

The course covers the following topics:


It’s important to improve the accordion’s behaviour

Hello Cyber
  • What is cyber and what happened to information security?
  • Welcome to the battlefield: The digital universe
  • Buzzword reality check: Cloud, IoT, big data, Blockchain, ML, and AI
  • The state of enterprise (in)security
Server-Side Attacks
  • Exploiting vulnerable software
  • Injecting code
  • Breaking authentication and session
  • Exposing sensitive data
  • Hacking server-side parsers and deserializers
  • Abusing misconfiguration
Defense 101: Minimizing Exposure
  • Application whitelisting
  • Patching OS and applications
  • Hardening user applications, services, and operating systems
  • Restricting administrative privileges
  • Using multifactor authentication
What is next (or are we doomed?)
  • What is cybersecurity anyway?
  • The economics of cybersecurity
  • Security as an evolving process
  • Reactive vs. proactive approaches
  • Secure by design
  • It is always about the people
The Cyber Attack Lifecycle (aka the Cyber Kill Chain or MITRE ATT&CK)
  • Preparation: Passive and Active reconnaissance
  • Breach: Initial access and execution
  • Post-breach: Persistence, privilege escalation, defense evasion, and credential access
  • Pivot: Discovery, Lateral Movement, and collection
  • Exfiltration, command and control, and cleanup
Client-Side Attacks
  • Social engineering and spear phishing
  • Payload carriers: URLs, executables, archives, documents
  • XSS, CSRF, and browser exploitation
  • Exploiting native software and OS components
  • The art of credential (and token) access
  • Evading endpoint security
Defense 201: The devil is the details
  • Network segmentation, segregation, and separation
  • Protecting authentication credentials and monitoring usage
  • Incident detection and response (SIEM/SOC)
  • Dynamic analysis of executables and documents
  • Email and Web content filtering
Don't touch this tab

SOTERIA Global is a global leader in cyber-security training solutions and services.

The cyber world is now a part of our everyday life. New technology emerges daily, and as opportunities increase, so do cyber risks. Threats constantly evolve, and we must protect our valuable assets.

A successful cyber defense has many factors, but they all have one thing in common: dedicated, skilled individuals.

SOTERIA Global experts develop our solutions and rely on the best technological assets in the market. Our impressive global presence expands over four continents, giving us access to the best cybersecurity professionals.

Our solutions range from customized training programs to developing cyber-oriented facilities, ensuring that individuals and organizations are ready to face real-world threats. Over the years, we have worked with various organizations across many sectors, giving us the skillset to shape and adapt our solutions to meet our client’s needs.

    • Executives
    • IT specialists
    • Software developers
    • Product managers
    • Project managers
    • Anyone with no prior knowledge
    • User-level computer knowledge
    • Advanced English is advantageous
    • Prior knowledge of data communication, operation systems, internet technology, and programming is advantageous
    • Understanding attack vectors
    • Understanding basic defense techniques
    • Good background for those who wants to go into the Cyber-Security world