Top of Page
 

Professional Development

Stay relevant and on top of the latest trends. Leverage our online courses to gain interactive, engaging and timely learning experiences throughout your career. Each course is designed with input from leading industry experts and based on proven learning techniques to maximize your time and content retention.

The self-paced learning format delivers modular content combined with interactive activities involving videos, labs, case studies, quizzes, etc. Learn at your own pace on your own time and earn valuable Continuing Professionals Education (CPE) credits towards your (ISC)2 certifications.

Pricing, CPE's and access varies by course. Please see course description for details.

If you are purchasing this course outside of North America please contact your regional office directly for pricing and purchasing information.

For Europe/Middle East/Africa, contact the EMEA Office. Email: info-emea@isc2.org or call Phone: +44 (0) 203.960.7800

For Asia-Pacific, contact the APAC Office. Email: isc2asia@isc2.org or call Phone: +852.2850.6951

* Members can access courses that are denoted as 'Free for Members' by logging in above and clicking the 'My Courses' menu item.

  Certification
GDPR for Security Professionals: A Framework for Success
*Free for (ISC)² Members/Associates by logging in above and clicking "My Courses". Online self-paced course designed to help security professionals contribute to the strategy, direction and implementation of the European Union’s Global Data Protection Regulation (GDPR). Leveraging the thought leadership from the (ISC)² EMEA GDPR Advisory Council and other industry experts as well as lessons learned from (ISC)²’s own GDPR implementation this interactive immersive training experience provides the tools, knowledge and resources needed to maintain organizational compliance with GDPR mandates.
Securing Containers at the Speed of DevOps
Containers allow for the creation of fast, repeatable, and secure deployment cycles for applications, making them an excellent fit for DevOps. This Express Learning course offers learners an overview of important security features and best practices to protect containerized services. Learn to describe containers and its main characteristics, then it delves into the most prominent security threats and countermeasures, and finally describing how to use automation and orchestration to do deploy containers in an automated and secure manner. 
Introduction to the NIST Cybersecurity Framework
As an agency of the U.S. Department of Commerce, the National Institute of Standards and Technology (NIST) is responsible for measurement science, standards, and technology in a way that promotes safety and collaboration for industry and government alike. NIST has a significant influence on worldwide standards and provides a framework cybersecurity professionals can use to analyze and strengthen their ability to identify, detect, and respond to cyber-attacks. In this Express Learning course, explore the NIST Cybersecurity Framework (CSF) as you learn to apply it to your organization, large and small, using a matrix that incorporates all of the popular technical standards.
Live Forensics Using GRR
Lab content within this course take place within a Windows 10 64bit virtual machine. Before each lab topic, you will be asked to watch an instructional video that will guide you through the content and review the necessary background information to complete the lab assignment. There is no time restriction, but this lab will take approximately two hours to complete. The exercises are intended to be completed in sequential order, and all elements within the lab are required to complete the course.
Introduction to Memory Analysis with Volatility
Analyzing a suspect system "live", before disconnecting it and imaging the disks, often yields valuable forensic evidence. Further, it can help determine whether a crime has been committed at all, or whether a system contains evidence at all, thereby avoiding time-consuming examination of irrelevant machines. The Volatility® framework is the dominant open-source memory analysis framework, examining RAM snapshots from a large variety of operating systems in multiple formats. This Hand-On Lab course will introduce you to the process of capturing a live RAM image and analyzing it using Volatility. You will learn about several Volatility plugins for analyzing a Windows memory image, then analyze actual RAM images, including one with active malware, and view the results.
Introduction to Memory Analysis with Rekall
Analyzing a suspect system "live", before disconnecting it and imaging the disks, often yields valuable forensic evidence. Further, it can help you determine whether a crime has been committed at all, or whether the system contains evidence at all, thereby avoiding time-consuming examination of irrelevant machines. Rekall is an advanced, open-source memory capture and analysis framework that has expanded to include a variety of live incident response tools. This Hands-On Lab course will introduce you to the Rekall framework, both for extracting evidence from memory images and for analyzing the current live state of the system. You will learn about several Rekall tools, both on the command line and via the interactive console, for analyzing memory images. You will then analyze several images of Windows systems with in-memory malware.
A Security Professional's Guide to AI
Artificial intelligence (AI) continues to become prevalent in the security professionals’ personal and work life, including many familiar and highly visible applications and others that are behind-the-scenes and not so obvious. This Express Learning course introduces the security professional to the details of data science in AI, its frameworks and languages and the challenges that security professionals face when working with AI development teams. It is designed to give you a primer of the concepts, frameworks and languages currently used in the development on AI and the security issues that you may face.
Techniques for Malware Analysis
The ability to find and analyze malware has become a necessary skill for anyone performing incident response. This Express Learning course will introduce the various types and categories of malware and their characteristics. The course will also introduce broad categories of malware analysis and show you how to collect information about malware by examining its characteristics. Finally, you will learn how to execute malware and watch how it interacts with your system.
Strengthening Presentation Skills
Today’s security practitioners have the need to communicate clearly, persuasively, and inspirationally to diverse audiences. Whether presenting to a board of five people or onstage in front of a larger audience, this course gives you guidance on how to prepare, design, and deliver an effective presentation. In this Express Learning course, you will have an opportunity to reflect on your personal experience and gain practical tips to tackle your next presentation.
Purple Team Playbook
A traditional cybersecurity operation center consists of a red (offensive) team and blue (defensive) team, but in recent years the rise of the purple team has helped to successfully blend the skills of these teams into a cross-functional security department. In this Express Learning course, discover strategies for staffing and building your cybersecurity teams. Learn to create the policies, processes, and charters that ensures cohesive purple team collaboration as you establish your own purple team playbook.
Introductory File Systems Forensics
This Hands-On Lab course will introduce you to the process of imaging and forensically analyzing disks, including finding artifacts such as deleted files. While the techniques here, traditionally apply to law enforcement forensics cases, they are equally useful for the discovery of potential wrongdoing, internal enterprise compliance checks, recovery of accidentally deleted data, and digital archive preservation. By the end of this course, you will possess a deeper understanding of how to extract evidence from a hard drive.
Incident Management: Preparation and Response
By bringing together key definitions of incident management and demonstrating through real-world examples you will learn how to determine that an event has become an incident, quickly and effectively respond to incidents to eliminate the immediate threat, and develop strategies and solutions to ensure that similar incidents do not continue to plague your organization in the future.
Creating a High-Performing Cybersecurity Team
*Free for (ISC)² Members/Associates by logging in above and clicking "My Courses". With over 1 million cybersecurity jobs open this year, the challenges facing hiring managers in the field are daunting. This self-paced immersive course will help learners gain the foundational skills and understanding of building a high- performing cybersecurity team within their organization. It will help them apply current leadership experience to the unique and diverse cybersecurity field in order to defend their businesses with the necessary and appropriate talent.
Cloud Basics
*Free for (ISC)² Members/Associates by logging in above and clicking "My Courses". Cloud computing continues to transform the way we conduct business. As organizations are rethinking IT strategies, cybersecurity professionals need to first understand the cloud before they can help their organizations transition to the cloud. This self-paced immersive course is the first in a series of courses on the cloud, designed to provide a solid understanding of cloud computing including key drivers and rationale for moving to the cloud, cloud architecture and computing concepts and characteristics, cloud service and deployment models, and cloud brokers.
Web Application Penetration Testing
*Free for (ISC)² Members/Associates by logging in above and clicking "My Courses". In this Express Learning self-paced course, you will be introduced to the discipline of web application penetration testing and gain a hands-on perspective of how a penetration tester (pentester) applies methodology with practice to test web applications for security flaws. We will review several basic web application penetration testing techniques and gain hands-on experience as a penetration tester using a popular open source (FOSS) tool, Burp Suite. You will also learn to examine injection attacks such as cross-site scripting and SQL injection attacks and learn how to perform automated attacks with Intruder, as well as analyze responses with Repeater and Comparer.
Introduction to Artificial Intelligence (AI)
*Free for (ISC)² Members/Associates by logging in above and clicking "My Courses". Artificial intelligence (AI) has already become prevalent in the info sec professionals’ personal and work life, including many familiar and highly visible applications and others that are behind-the-scenes and not so obvious. As an introduction to AI’s cybersecurity issues, including threats, vulnerabilities, defenses, pen testing and systems development, this Express Learning course is designed to arm practitioners with basic knowledge about AI and related technologies so that they can capably participate in discussions about its use in potential and actual implementations. Participants will learn terminology related to the spectrum of AI technology and review use cases, data management issues, typical architecture and a what experts predict as the future of AI.
Communicating with the C-Suite
*Free for (ISC)² Members/Associates by logging in above and clicking "My Courses". The role of a security professional and team leader often includes communicating technology needs or business updates with the executive board or C-Suite. This Express Learning course outlines common business governance structures and identifies the types of information and techniques for delivering reports and presentations that will facilitate confident and effective communication with the C-Suite or leadership committees.
Gaining Support for Your Security Program
*Free for (ISC)² Members/Associates by logging in above and clicking "My Courses". Engaging stakeholders and creating buy-in across an organization can be critical to the success of a new tool roll out or technology initiative. This Express Learning course covers steps and strategies for confidently communicating with both peers and the executive management team while presenting information and making decisions based on risk management. After successful completion of this course, participants will feel confident when engaging stakeholders in conversations surrounding implementing a security program within their institution.
Assessing Application Security
*Free for (ISC)² Members/Associates by logging in above and clicking "My Courses". In today’s app-enabled world it is more important than ever for security practitioners to work with their organization to ensure digital assets are adequately protected against attacks. In most cases, internet-facing applications are the primary targets for attackers. This hands-on practical lab will explore the foundations of how to assess an application's security.
Creating Your Path to CISO
*Free for (ISC)² Members/Associates by logging in above and clicking "My Courses". This interactive, immersive course guides you through a process of self-assessment, skill development, brand building and interview preparation to give you the tools you need to advance your security career.