Starting 2024 strong – The largest launch of security training from OffSec

Mar 14, 2024

OffSec

OffSec

Content Team

Strong cybersecurity relies on an understanding of the importance of security throughout the entire organization. OffSec is committed to delivering security training to offensive, defensive, development and IT teams that can best protect organizations.

In the first 10 weeks of 2024, we’ve released new learning paths to support more security training across the organization. No matter your role or area of expertise, this training will help develop a security mindset for more folks within your organization.

• Incident responders
• Secure software development
• AI
• MITRE ATT&CK
• Cloud Security

We’ve put together a 20-minute highlight video explaining all the cool stuff that we’ve released and what’s coming in the next 10 weeks. 

Incident Response

Effective incident response requires a proactive mindset focused on readiness. The key is having defined plans, skilled personnel, and tested processes in place before an event occurs. This enables organizations to swiftly detect incidents, understand the impact, contain threats, eliminate footholds, and restore operations. 

We’ve developed the Incident Responder Essentials learning path for anyone responsible for incident response, teams within organizations seeking to enhance their cybersecurity capabilities, and educational institutions aiming to provide comprehensive, real-world cyber defense training.

Our newly released Incident Response learning path is essential for individuals and teams aiming to excel in cybersecurity incident management. 

It’s tailored to deliver:

1. A deep understanding of real-world cyber incident scenarios.
2. Hands-on experience with cutting-edge incident response tools and techniques.
3. Skills in formulating effective communication and reporting strategies.
4. Preparation for more advanced roles in cybersecurity.

This learning path can serve individual professionals looking to specialize in incident response, teams within organizations seeking to enhance their cybersecurity capabilities, and educational institutions aiming to provide comprehensive, real-world cyber defense training.

Secure software development

Our four new Secure Software Development Learning Paths arm developers with the knowledge to integrate security into their software’s DNA. We’re not just teaching them to counter cyber threats; we’re enabling them to construct software fortresses from the ground up, using offense-informed tactics for an unbreakable code foundation.

Great for: 

• Onboarding new developers to security best practices.
• Upskilling teams on the latest security threats and defenses.
• Continuous learning to maintain compliance with security standards.
• Reduce vulnerabilities and enhance product reliability.

AI

Though AI can be used as a tool to enhance security, it can also become a vulnerable target for misuse and exploitation. We discuss AI’s potential for malicious use, its defensive applications, and its emergence as an increasingly critical attack surface.

We’ve begun to build our AI content and we’ll continue to add more AI modules every quarter. To get access to these learning modules, subscribe to Learn Enterprise.

MITRE ATT&CK

As we continue to meet our mission to empower individuals and organizations to fight cyber threats with indispensable cybersecurity skills and resources, we’ve developed 12 learning paths that are aligned with the MITRE ATT&CK framework. OffSec training and content cover nearly 70% of the skills required to match the entire attack framework. 

With these new learning paths, team leaders can:

• Identify skill gaps based on current training achievements
• Develop training plans for new and existing employees
• Achieve compliance goals by identifying skills proficiencies

Cloud Security

Two new cloud security learning paths provide a comprehensive journey from foundational knowledge to advanced offensive techniques. Learners gain a security-minded understanding of containers, Kubernetes, and AWS (Cloud Essentials) while mastering cloud reconnaissance, post-compromise tactics, CI/CD attacks, and container escapes (Offensive Cloud). These paths empower cybersecurity professionals to proactively identify and mitigate cloud-specific vulnerabilities.

What’s coming from OffSec

Over the next 10 weeks, we’ll be developing learning paths for

• Red teaming
• IOT
• GitOps
• DevSecOps
• Threat hunters
• And MITRE D3FEND

In addition, we’re doubling down on Cyber Ranges, to provide hands-on training in simulated environments.

We’ve put together a 20-minute video that explains the value of these new learning paths. Check it out and let us know what other topics interest you.