Only once a year
You’ll only learn things that will be crucial and most relevant in the following year. We run the training only once a year, never with the same content.
The All-New Advanced Windows Security Course
By Paula Januszkiewicz, CQURE Academy & Sami Laiho (!)
Stand out from the crowd with this strictly limited 6-week online certified course for intermediate and advanced professionals.
Admissions are now closedNOTIFY ME FOR THE UPCOMING COURSES
Be One of the Elite in 2019
Are you committed to levelling up in Windows Security? Good, so are we.
What excites us the most is turning professionals into key experts. We like to think that our experience is YOUR shortcut.
You see, according to the industry’s statistics, by 2019 the market will be short of over 1 million (!) security experts with skills needed to effectively protect the system.
We want to change it. That’s why we created a certification program “Advanced Windows Security Course 2019”.
Everything you need to know to prepare against the threats heading our way in 2019 has been trimmed down into 12 intensive modules which are taught over a six-week period by Paula and by special guest instructor world-renowned Windows OS expert Sami Laiho.
This course happens ONLY once a year, is never the same and is limited to 200 students who have to apply to take part.
How is this training different from others?
You’ll only learn things that will be crucial and most relevant in the following year. We run the training only once a year, never with the same content.
You’ll skip the fluff and go straight to the advanced stuff. The pace is quite intense, so expect a smoke coming out of your ears.
The training is pretty hands-on, because it has been designed by passionate practitioners and obsessive researchers from CQURE Team.
We’ll bring a bunch of experts on board, but it’s Paula Januszkiewicz along with Sami Laiho who will be your main teachers and the hosts of the program.
You’ll join our 2-hour long live classes on a special interactive platform – happening twice a week at 7PM CET (10AM PST / 1PM EST).
You’ll go through 12 modules in 6 weeks. We’re not fluffing around, you’ve been warned.
We organise this course only once a year, in its last quarter. Every next edition is updated with new tools and challenges.
After every class you’ll be able to ask questions.
We’ve prepared for you slides, extra materials and homework for each session.
You’ll get a full year of online access to all the recordings (counted from the first class).
During the course you’ll have access to a special training platform where you can safely test your hacks.
You’ll become a member of a closed Facebook group, where you can not only share your challenges and geeky jokes… but also network.
You’ll receive an official CQURE certificate “Windows Security Master 2019″ after passing the final exam. Yes, there will be a final exam.
~ November 29, 2018 (7PM CET / 10AM PST / 1PM EST) ~
In this module, we will show you how the real attacks on IT infrastructure are performed nowadays. We will explain which tools and methods are used by the attackers and how social engineering is used to make employees perform activities that are dangerous to the company’s IT infrastructure. The training is based on real-world scenarios.
~ December 4, 2018 (7PM CET / 10AM PST / 1PM EST) ~
Windows authentication is complex solution allowing us to use multiple methods and protocols to prove who we are. You probably know Kerberos or NTLM but have you ever wondered how those and other protocols really work? What makes it strong and what are the weaknesses? Join us in an adventure to see internals of Windows authentication mechanism to fully understand what everyone is taking for granted. This module will be really hard so brace yourself!
~ December 6, 2018 (7PM CET / 10AM PST / 1PM EST) ~
Active Directory (AD) is used by most of businesses around the world for identity management therefore it is a main target for attackers and when successfully exploited gives keys to the kingdom. An attacker with access to AD may reconfigure GPO, create hidden backdoors or access sensitive systems. Common attacks include: Pass the Hash or Pass the Ticket but how about others more sophisticated ways of compromising AD. In this module we will show advanced attacks against Active Directory and how to detect and mitigate those threats.
~ December 11, 2018 (7PM CET / 10AM PST / 1PM EST) ~
Learn how Virtual Secure Mode, Isolated User Mode and Secure Kernel work in Windows 10 and how they protect against threats like Pass-The-Hash.
~ December 13, 2018 (7PM CET / 10AM PST / 1PM EST) ~
Ransomware attacks are constantly on the rise adapting and bypassing modern antivirus solutions. In this module we will analyze how modern ransomware operates. Then we will explore Windows internal technologies that you can use to protect your organization against this attack: AppLocker, Device Guard, Windows Defender Exploit Guard. Buckle up this is demo intense and hardcore session to show you how to stop malware in your organization.
~ December 18, 2018 (7PM CET / 10AM PST / 1PM EST) ~
Process Explorer – Everyone who interacts with the Windows operating system needs to know the most downloaded tool of the Sysinternals toolkit called Process Explorer. It is a tool that can help you analyze and troubleshoot almost any error or bad behavior in the operating system.
Learning to use this tool will help you to catch bad behaving applications and drivers, not to forget catching hiding malware that the anti-malware doesn’t find. You do understand that Task Manager can never know what’s wrong with Windows? It is conceptually impossible – Not a joke! Process Monitor – There is an age old saying in Windows: “If something breaks in Windows, run Process Monitor”.
This is absolutely true, and Process Monitor is one of the best tools to use in troubleshooting. In this course, Troubleshooting Processes and Registry with Sysinternals Process Monitor, you’ll learn how to utilize Process Monitor for troubleshooting. First, you’ll explore how to find settings in the Registry and learn how to resolve bottlenecks in performance. Next, you’ll cover how to fix broken applications.
Finally, you’ll learn how to analyze slow boot sequences. By the end this course, you’ll know how to effectively use one of the most important troubleshooting tools available.
~ January 8, 2019 (7PM CET / 10AM PST / 1PM EST) ~
We will go over some of the most interesting web attacks and present how multiple misconfigurations can result in full website compromise. We will be talking about:
~ January 10, 2019 (7PM CET / 10AM PST / 1PM EST) ~
GDPR is a new regulation in EU law on data protection and privacy that affects organizations all over the word. Huge fines for non-compliance or violation pushes companies to adopt to new standards. Join us and explore advanced security features which Office 365 offers. Understand how you can get even more out of your existing subscription in this demo intense module. Everything with an importance of GDPR in the background. In this module we will focus on:
~ January 15, 2019 (7PM CET / 10AM PST / 1PM EST) ~
Isolation of administrative systems is a fundamental principle of Enhanced Security Administrative Environment (ESAE) architecture. The first and core step to create this separation comes through implementation of Privileged Access Workstations (PAWs). There are many myths about this non trivial concept. Join and learn how to properly separate contexts and prevent user-targeted attacks, how to secure privileged accounts and mitigate privilege identity theft with hardened PAW configuration.
~ January 17, 2019 (7PM CET / 10AM PST / 1PM EST) ~
With “ESAE: Red Forest” Microsoft has responded to the repeated success of attackers pursuing horizontal kill chains via pass-the-hash and related attacks. Work with us to understand how to securely implement this difficult reference architecture and other best practices that seek to isolate privileged credentials. Even single mistake during implementation phase may ruin the whole effort making your enterprise vulnerable. In this module we will show how to build most secure environment and what are common pitfalls you need watch out for.
~ January 22, 2019 (7PM CET / 10AM PST / 1PM EST) ~
It is a well-known fact that the proper reaction for incidents is the key to keeping your environment secure. But wait – how can you properly react if you do not properly monitor events within your infrastructure? It is high time to design it in the right way. Starting from your workstations, through mobile devices, servers, network appliances up to the cloud level. During the module we will show you how to plan your monitoring on enterprise level and how to implement it in a way giving you all the information you need.
~ January 24, 2019 (7PM CET / 10AM PST / 1PM EST) ~
Windows Server 2019 brings in a lot of new awesome features which increase productivity and security of your infrastructure. Windows 2019 has built-in sensors for WD ATP, which leverages cloud and machine learning for threat intelligence which greatly increase security and visibility of threats on your network. It also includes System Insights, which is a new feature that brings local predictive analytics capabilities natively to Windows Server 2019.
These predictive capabilities – each based on a machine-learning model – analyze Windows Server system data, such as performance counters and events, providing insight into the state of your environment and helping you reduce the operational expenses associated with monitoring your Windows Server instances. System Insights introduces a set of capabilities focused on capacity forecasting, predicting future usage for computing, networking, and storage which brings your enterprise scale management to totally new level.
Click here to browse the modules:
PLEASE NOTE: There will be an online final exam covering all 12 modules. To receive an official CQURE certificate “Windows Security Master 2019” you have to get at least 70% of the answers right. We highly recommend that you don’t leave the revision until the last minute. 😉
Paula is a Microsoft Security Trusted Advisor, IT Security Auditor and Penetration Tester. On top of that, she’s an Enterprise Security MVP and trainer (MCT). She shares her expertise on Windows Security through online writing and speaking at conferences (she already checked off TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime — to name but a few). She proudly holds the role of the Security Architect in IDesign and manages her own company CQURE.
Sami Laiho is one of the world’s leading professionals in the Windows OS. Sami has been working with and teaching OS troubleshooting, management and security for more than 15 years. Sami’s session was evaluated as the best session in TechEd North America 2014, TechEd Europe 2014 and TechEd Australia 2013. Sami’s session at Ignite 2015 was evaluated as #2 out of 1000+ sessions and all of his four sessions were in the top 15 sessions on the Windows track.
Michael designs and implements solutions for Databases, Network & Management area, mainly for Microsoft platform. As for day-to-day work, he works as Solution Architect, designing and planning database related solutions and software, mainly based on Microsoft and Oracle servers. He also designs and administers IT Infrastructure based on Microsoft systems and network solution from CISCO.
Krystian is a professional Infrastructure and Database Consultant with over 15 years of extensive experience in designing IT solutions. His practice spans from teaching Oracle Courses in OAI at University, to providing services for big public and consulting companies serving Clients from four continents.
Michael is an expert on Windows Security and PowerShell and holds a master’s degree in Software Engineering. He is the author of the open-source Directory Services Internals (DSInternals) PowerShell module and Thycotic Weak Password Finder, tools used by security auditors and penetration testers worldwide.
CQURE’s Specialist with over 10 years of experience gained in many industries, mainly in telecommunication, banking and insurance sector. He has excellent skills in the area of infrastructure, web and mobile application penetration testing.
Who Is It For
This program is for you, if you want to level up and become key expert in your company (or even in your field). We promise to challenge your ways of thinking and executing.
Attendee needs to have general fluency in Windows environment (including security skills, penetration testing etc.) Active Directory related knowledge is required. Take the quiz to see where are you at.
If you are a newbie you can still apply, but the program WILL NOT cover the basics — so it might be really challenging for you to get in or to keep up with the group.
If you’re not sure where are you at, you can quickly test yourself by taking Paula’s Security Quiz >>> (If you score 13 points and above — this training is for you)
What CQURE Academy Students say
IT Security Specialist
AWSC18 helped me to better understand what are the security risks, how to identify them and how to protect against them primary in Microsoft on premise and cloud environments. I earned valuable knowledge and also it helped me to develop our security department in my team. I am looking forward for another courses from CQURE Academy.
Security Principal Consultant | Presidio
All of their classes are based on their real world experience with the products, not just the typical Official Curriculum style classes that teach you things for an exam, but that you will never use. You’ll find that all of the material you’ll learn in the class will be used, at some point, in your security career.
CTO | IT.innovation.4U GmbH
Totally professional, total great stuff, in-depth knowledge and a perfect Learning Atmosphere! I like it! Thanks so much for sharing your experience and knowledge!
SQL Server DBA | AT&T
All of their classes are based on their real world experience with the products, not just the typical Official Curriculum style classes that teach you things for an exam, but that you will never use. You’ll find that all of the material you’ll learn in the on-premise will be used, at some point, in your security career.
Azure Security Infrastructure Consultant | Microsoft
During AWSC course I have learned about various attack techniques against credentials, secrets and Windows OS. I also obtained knowledge on mitigation possibilities. The course help me to have more confidence in my cyber security skills and have more meaningful discussion about the threats with my customers.
Information Security Advisor | Norwegian Police
As it also happened before, Paula Januszkiewicz knows how to blow your mind. As great athletes make their discipline look easy when you watch them perform, so Paula makes Windows purr like a little kitten. Even though I am fully aware of how much I still don’t know, after a course such as this Windows is not mysterious anymore. This is a great feeling.
IT Expert | ING Bank Śląski
I’ve recently attended a training held by CQURE. It was PACKED with knowledge and tools. Of course another course not everything was discussed in details (lack of time)on-premise but CQURE team delivered a great value within just a few hours. I was a student not so long ago and I wish that our universities were teaching as efficiently as CQURE does.
Senior Professional System Engineer | CSC Norway
We have learned a lot about IIS, hacking and much much more. Our motivation has increased during this course and of course great interest in your work Paula. Impressed with your enthusiastic energic way of presenting.
We’ll be taking on board 200 students only. Admission is selective. We prioritize: your skills and professional achievements, but also your attitude and how you can contribute to the group — so that we all can learn from each other. Good luck!
Frequently Asked Questions
This course is for geeks who want to become advanced Windows security experts. If you want to set yourself (and your company) apart from your competition, this is the course for you. You must already be fluent in the Windows environment (including security skills, penetration testing etc.). Active Directory related knowledge is required. We already have a great group of approved applicants from the Microsoft Ignite Conference where we did a soft launch of this course. Including:
In order to qualify for the course, you need to complete the application form here. The application is FREE 🙂 In the first days of November, we will review the applications. If you qualify, we will email you straight after we approve your application. If you do not qualify, we will also inform you by email. If we need more information from you, we may ask you to schedule a short interview with a member of our team. After we approve your application, you will have some time to submit your payment. You can pay online (recommended) or contact us to pay via your company payables department.
Well.. not exactly. You must pass the final exam to receive a certification (it is a part of the course so no additional payment is required). To pass the exam, you must answer 70% of the questions correctly. When you pass the exam, you will receive a CQURE Academy Certificate – “Windows Security Master 2019.”
Once your application is approved and you pay your tuition, this is what you will get access to:
CQURE Academy design CQURE Labs are a great battlefield! You will learn how to hack and secure in a safe environment. Virtual lab can be accessed from anywhere where there is an Internet connection. After login, you will have full access to preconfigured virtual machines (with great performance) where you will be able to attack different targets, search for misconfigurations, search for the evidence and other interesting and very practical activities. During the training you will be given certain tasks to do at home and because CQURE Lab can be accessed anytime, during the day and night – you plan your activities by yourself, depending on your availability and mood! Technically CQURE Lab is a set of virtual machines available through RDP connection. You will obtain your own username, password and connection parameters and you can connect to the lab from any RDP client.
You get full access to all Live Session video recordings. We highly encourage you to participate in the live sessions so you can interact with us and the other students live online. You will learn best when we help you work through your questions. Keep up with the course flow we have designed will help you hold yourself accountable to complete the course in a timely manner. That being said, we understand life and work happen. That is why you will have access to all of the material for 12 months.
We are not just a training company. All of our experts spend 60% of their time working as consultants on client cases around the world. We split the rest of our time evenly between research and teaching. This allows us to stay up to date on cutting edge security knowledge, skills and tools that other training institutes lack. This rare. Every year’s course will be completely rebuilt to keep up with emerging security trends. Finally, we believe the best way to make you learn is to keep the course fun, social, an interactive. We are cool geeks 🙂 Paula is widely recognized as the best speaker and trainer at international security conferences. At the Microsoft Ignite 2015, unofficial polling marked her as the best speaker (no, we did not ‘hack’ the results!).