Cybersecurity

Industry

Advances and Hiring Trends

 Market Size Impacted Sectors

Cybersecurity market was valued

Financial Services and Banking
at USD $156.24 billion in 2020.

It is expected to register a CAGR of Information Technology Sector

14.5% during 2021-2026.
E Commerce Sector

GLOBAL CYBERSECURITY SPENDING

Pandemic Impact $ 1.75 TRILLION CUMULATIVELY 2021 TO 2025

600% Cybercrime Up by 600% as a result of Covid 19

714 M
714 Million attempted ransomware attacks by
the close of 2021, 134% more than previous year

Google saw 18 million COVID-related daily malware &

18 M phishing emails & 240 million daily spam messages
 Job Snapshot Top Skills
Listed below are the most in-demand cybersecurity skills that you
can learn to advance your career in cybersecurity industry

Cryptography Enterprise Defence Risk Management

Strategies

Threat Modelling Cloud Security OWASP 10

Cybersecurity jobs pays Cybersecurity Industry Number of cybersecurity For each cybersecurity Identity and Malware Analysis Zero Trust Model
16% more than other IT has a 0% job postings has grown opening, there was a pool access
Jobs (Source: IBM) unemployment rate 94% in just six years of only 2.3 employed management
(Source: Cybersecurity (Source: Burning Glass) cybersecurity workers.
Ventures) (Source: Burning Glass) Risk Assessment Ransomware Threat Penetration
Prevention Testing

Social Engineering Vulnerability Honeypots

Management

3.1 Metasploit Wireshark NMap

million
unfilled
cybersecurity 3-6 months Malware
obfuscation
Scanning and
Enumeration
Web Application
Hacking
jobs worldwide average time it takes to fill
in 2021 a cybersecurity position, Data Privacy Password Hacking Incident
according to ISACA Response
 Advanced Executive Program in Cybersecurity
Program Partners Program Overview

• Concepts: Defensive cybersecurity, application security, malware analysis, ethical

University hacking and vulnerability analysis.
Partner • Integrated Labs: 30+ demos and Assisted Practices
• Certificate:
• Program completion Certificate (Hardcopy from IIIT Bangalore(sole Signatory))
Ranked #1 Technical University of India by India Today, 2021 • Virtual Internship Certificate
• Module completion certificate
IIIT Bangalore Advantage:
Key Skills you will acquire
• Masterclasses from the top IIIT Bangalore faculty ( 1 masterclass every month)
• IIIT Bangalore Program Completion Certificate
• Program Transcript
▪ Cryptography ▪ Penetration Testing ▪ Malware Analysis

▪ Cloud Security ▪ Enterprise Defence ▪ Risk Management

▪ Social Engineering ▪ Vulnerability ▪ Identity and access

Industry Management management
Partner
Eligible roles after program completion
National Payments Corporation of India (NPCI), is an umbrella organization for operating
retail payments and settlement systems and creating a robust Payment & Settlement • Security Analyst • Security Infrastructure Specialist
Infrastructure in India.
Their product portfolio include
• Cybersecurity Expert • Network Security Consultant

• Security Consultant • Malware Analyst

• Penetration Tester • Cybersecurity Software Developer

Integrated Labs

In the labs you will get 4 VM (Virtual Machines)

Windows OS Kali Linux OS Ubuntu OS Webgoat

The below mentioned are malwares that a learner is not willing to install on his personal computer but with our labs VM he can easily access those without harming his computer.

MODULE 1 MODULE 3
1.1 Angry IP Scanner 3.1 PEStudio
Angry IP Scanner (ipscan) is an open-source and cross-platform network IP and port scanner.
It is used to spot artifacts of executable files to ease and accelerate Malware Initial
1.2 OpenJDK Assessment. Tool is used by Computer Emergency Response Teams (CERT), Security
OpenJDK is a free and open-source implementation of the Java Platform, Standard Edition. Operations Centers (SOC), and Digital-Forensic Labs worldwide.
1.3 Traceroute
3.2 Exeinfo PE
The traceroute command, or tracert in Windows is a command-line program that assists you
in troubleshooting network connectivity issues. Exeinfo PE is a program that lets you verify .exe files and check out all their properties.
1.4 MTR 3.3 CFF Explorer
MTR is a dynamic network performance diagnostic tool which combines the functionality of
ping and traceroute. CFF Explorer was designed to make PE editing as easy as possible but without losing sight of
the portable executable's internal structure.

MODULE 2 3.4 Noriben

2.1 HashCalc Noriben is a Python-based script that works in conjunction with Sysinternals Procmon to
HashCalc calculates multiple hashes, checksums, and HMACs for files, text, and hex strings. automatically collect, analyze, and report on runtime indicators of malware.
2.2 OWASP ZAP 3.5 RanSim
OWASP ZAP (Zed Attack Proxy) is an open-source DAST tool to find security vulnerabilities in
RanSim is a tool that simulates the behaviour of ransomware to check if a workstation is well-
web applications.
protected with endpoint security software which would be able to detect and prevent real
2.3 WebGoat ransomware attacks.
WebGoat is a deliberately insecure application maintained by OWASP.
3.6 VirusTotal
2.4 OWASP Threat Dragon
OWASP Threat Dragon is a threat modeling tool used to create threat model diagrams as It helps in malicious file upload for scanning, search database using hash, URL, domain, or IP
part of a secure SDLC. address.
Integrated Labs (continue)

MODULE 4
4.1 DIRB

DIRB is a Web Content Scanner. It looks for existing (and/or hidden) web objects. It works by launching a dictionary-based attack against a web server and analyzing the response.

4.2 NIKTO

Nikto is an open-source (GPL) and free-to-use scanner that performs vulnerability scanning against web servers for multiple items, including dangerous files and programs, and it checks for
outdated versions of software.

4.3 Nessus

The Nessus tool is a proprietary open-source network vulnerability scanner that employs the architecture of common vulnerabilities and exposures. Nessus assessment can cover a wide
range of technologies, which include: Operating systems, Network devices , Hypervisors, Web and database servers

4.4 Nmap

Nmap is an open-source network scanner that performs vulnerability scanning and network discovery, and it provides features like port scanning and service detection.

4.5 Crunch

Crunch can create a wordlist based on the criteria you specify. The output from crunch can be sent to the screen, file, or to another program. That wordlist can also be used for a brute force
attack.

4.6 SQLmap

SQL Map is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over database servers. It has broad range of
switches like database fingerprinting, data fetching from the database, accessing the underlying file system, executing commands on the operating system via out-of-band connections.

4.7 ZENMAP

ZENMAP is a free-to-use scanner which performs various kinds of security scanning with the help of a Graphical User Interface (GUI).

4.8 SHODAN

SHODAN gathers information about servers. It will also fingerprint the device or any related vulnerabilities. The devices include routers, switches, and IoT devices.
Assisted Practices (35 assisted practice to be covered in Live Classes) Projects and Assessments
• Basic Linux Commands LESSON END PROJECTS (11)
• CVSS Calculator
• Angry IP Scanner • Configure SSO (Single Sign on) between Auth0 and Zendesk
• Identify Local Network Configuration
• Query DNS Using Host • Use Wireshark to perform simple packet captures and analyze the data to troubleshoot the
• Query DNS Using NSLookup
• Query DNS Using DIG network
• Troubleshoot Network Connectivity Issues Using Traceroute
• Troubleshoot Network Connectivity Issues Using MTR • Use JS Obfuscator to obfuscate the JavaScript code
• Nmap
• Multi-Factor Authentication • SQL injection attack on a vulnerable website
• Application Security Policy
• SQLi • Develop a ransomware playbook to handle a ransomware attack
• XSS
• Webgoat • Develop and implement a security architecture blueprint
• OWASP
• Fuzzing • Web application vulnerability assessment using OWASP Zed Attack Proxy (ZAP)
• Symmetric Cryptography
• Asymmetric Cryptography • Information gathering using the Nikto tool
• Hash Algorithms
• Threat Modelling • Directory/file fuzzing using the DIRB tool
• Determining File Type
• Fingerprinting a Malware
• Multiple Anti-Virus Scanning COURSE END PROJECTS (2)
• Static Malware Analysis
• Dynamic Malware Analysis • Test web applications for any vulnerabilities and perform SQL Injection attack.
• Ransomware Simulators
• Perform a security vulnerability assessment and penetration testing on the two identified
• Vulnerability Scanning using Nessus Tool
• Information Gathering Using ZENMAP Tool systems (windows and Debian Linux)
• Information Gathering Using SHODAN Tool
• Information Gathering using Nmap COURSE END ASSESSMENTS (2)
• Information Gathering Using OSINT Tool
• SQL Injection Attack Using SQLmap • At the end of module 1 and 3 you will get course end assessment to test the knowledge you
• Wordlist Generation using Crunch gained while completing the module
• Evasion MAC Address Spoofing
 Virtual Internship
• As a part of Virtual Internship a learner will be replicating work of below mentioned roles by
completing 4 virtual internship projects.

• These projects are intended to provide insight into the life of a cybersecurity professional and provide
an understanding of what the work it encompasses.

• After completing of this module a learner will get virtual internship certificate from NPCI (our Industry
Partner)

❖Project 1: A day in life of a Security Analyst

You are working as a security analyst for El Banco Bank, where your primary responsibility is to implement
best practices to secure the organization’s assets, reviewing the password policy and making sure it
complies with PCI DSS.
❖Project 2: A day in life of a Malware Analyst
You are working as a malware analyst for El Banco Bank, where your primary responsibility is to secure the
bank's assets by examining, identifying, and understanding malware, such as viruses, worms, bots, rootkit,
ransomware, and Trojan horse.

❖Project 3: A day in life of a Network Consultant

You are working as a network security consultant for El Banco Bank. Your primary responsibility is to
secure the bank's assets by designing, integrating, and implementing complex network architecture
solutions after reviewing the network security. You should be able to troubleshoot very complex network
issues spanning various types of technologies.
Virtual Internship Certificate
❖Project 4: A day in life of a Penetration Tester
You are working as a Penetration Tester for El Banco Bank. You are running a gray-box penetration test to
probe for vulnerabilities that hackers with nefarious intent might be able to exploit to gather secure data
and intelligence. You must gather more information about the target's environment and network-related
information using the tools at your disposal.