Courses
Mobile Security Fundamentals
In Mobile Security Fundamentals, Ken Underhill discusses IOS security architecture and goes into depth about code signing, sandbox, and exploit mitigations. In addition to recognizing & scanning vulnerabilities, secure boot chain is explained through tools such as Wondershare & Kingo.
Introduction to the OWASP API Security Top 10
Application Programming Interfaces (APIs) enable access to software functions and data and have become a prime target for attackers. Learn why API security is so vital as you explore the top 10 security threats for APIs as identified by the Open Web Application Security Project (OWASP) in this Introduction to the OWASP API Security Top 10 course.
SQL Injection
SQL injections are one of the most common types of attacks an adversary will use to target your database. Learn SQL injection and master the art of using this technique to interfere with the queries a target system makes to its database so you can emulate or defend against this type of assault.
Web Defense Fundamentals
If you’re on the offensive security path and want to enhance your skills in web application security against critical vulnerabilities, then this is the course for you. This web application security training course offers insights on the Open Web Application Security Project OWASP Top 10 and how they approach key vulnerabilities found in web apps.
CIS Top 20 Critical Security Controls
CIS Controls are a prioritized set of actions that protect your organization and data from known cyber-attack vectors. Our CIS Top 20 Critical Security Controls Course aligns to CIS v7.1. Learn about each control, why it’s important to your organization, and how you can help your team implement these best practices.
HIPAA Training
This online HIPAA Training is designed to introduce students to the Health Insurance Portability and Accountability Act (HIPAA). HIPAA is a U.S. healthcare law that was first passed in 1996. In this course, we will cover what HIPAA is, why it is important, and the key takeaways your organization needs to know.
Business Continuity & Disaster Recovery Planning
Learn how to help your organization prepare for a crisis! Our Business Continuity and Disaster Recovery training explains the different purposes and scopes of business continuity and disaster recovery plans, the thought process needed to perform a business impact analysis, and the five layers of risk to consider when performing a risk assessment.
Privileged Access Management Fundamentals
Privileged Access Management (PAM) is a mechanism that protects and monitors a company’s privileged access accounts, the ones most often targeted in criminal attacks. Master the knowledge and skills you need to protect your organization in this hands-on Privileged Access Management fundamentals course.
Sumo Logic Cloud-Native Machine Data Analytics Service Fundamentals
Sumo Logic is a cloud-native machine data analytics service that allows you to quickly identify and remediate security threats and compliance issues in the cloud and hybrid environments. Learn how to leverage Sumo Logic to protect your organization by taking this Sumo Logic Cloud-Native Machine Data Analytics Service Fundamentals course.
Session Hijacking
Are you preparing for an ethical hacking course or certification? Take professional cybersecurity instructor Ken Underhill’s Session Hijacking course. Learn about how an attacker takes over a session between a user and host. Explore hands-on virtual lab activities to strengthen your session hijacking skills.
Cross-Site Scripting
This course will cover an introduction to Cross-Site Scripting (XSS)- a popular cybersecurity attack. This XSS training will explain several forms of cross-site scripting attacks.
Footprinting and Reconnaissance
If you are just starting to learn about ethical hacking, this footprinting and reconnaissance tutorial will give you foundational knowledge about this first step in the ethical hacking methodology. Ken Underhill walks you through how to use the tools for this information-gathering step and provides a hands-on opportunity to try it yourself.
I'm a cybersecurity professional who has worked primarily in healthcare and as an adjunct professor of digital forensics. I have been instructing online for several years, primarily in business and health-related areas. I hold both the CEH (Certified Ethical Hacker)and CHFI (Computer Hacking Forensic Investigator) certifications from EC-Council and am a content reviewer/writer for both exams (no, I can’t give you the answer key lol). I began helping other professionals pass the CHFI exam after struggling in my first exam attempt. To date, I have helped tens of thousands of people around the world pass the CEH and CHFI exams.