The All-New Advanced Windows Security Course

By Paula Januszkiewicz, CQURE Academy Experts

& Sami Laiho

Stand out from the crowd with this strictly limited 6-week online certified course for intermediate and advanced professionals.

Admissions are now CLOSED



Find yourself in the elite in 2020

Are you committed to leveling up in Windows Security? Good, so are we.

What excites us the most is turning professionals into key experts. We like to think that our experience is YOUR shortcut.

Last year’s ISC2 report finds that the cybersecurity workforce gap has increased to almost 3 million globally.
We are already short of over 3 million security professionals all around the world with the skills needed to effectively protect the system.

We want to change it. That’s why we created a certification program “Advanced Windows Security Course 2020”.

Everything you need to know to prepare against the threats heading our way in 2020 has been trimmed down into 12 intensive modules which are taught over a six-week period by Paula and her team of CQURE’s cybersecurity experts, and by special guest instructor world-renowned Windows OS expert Sami Laiho.

This course happens ONLY once a year, is never the same and is limited to 200 students who have to apply to take part.


How is this training different from others?

Only once a year

You’ll only learn things that will be crucial and most relevant in the following year. We run the training only once a year, always with the newest content. .

Only advanced stuff

You’ll skip the fluff and go straight to the advanced stuff. The pace is quite intense, so expect a smoke coming out of your ears.

Only NEW tools and techniques

The training is pretty hands-on, because it has been designed by passionate practitioners and obsessive researchers from CQURE Team.

Only cool presenters!

We’ll bring a bunch of experts on board with Paula Januszkiewicz and Sami Laiho among teachers and the hosts of the program.

Course Formula

LIVE Trainings

You’ll join our 2-hour long live classes on a special interactive platform – happening twice a week at 7PM CET (10AM PST / 1PM EST).

Action packed

You’ll go through 12 modules in 6 weeks. We’re not fluffing around, you’ve been warned.

Once a Year Only

We organise this course only once a year, in its last quarter. Every next edition is updated with new tools and challenges.

Interactive classroom

After every class you’ll be able to ask questions.

Extra materials

We’ve prepared for you slides, extra materials and homework for each session.

12-month Access

You’ll get a full year of online access to all the recordings (counted from the first class).

The Training Lab

During the course you’ll have access to a special training platform where you can safely test your hacks.

Social & Network

You’ll become a member of a closed Facebook group, where you can not only share your challenges and geeky jokes… but also network.

CQURE Certificate - "Windows Security Master 2020"

You’ll receive an official CQURE certificate “Windows Security Master 2020″ after passing the final exam. Yes, there will be a final exam. And 24hrs counting towards your CPE’s.

Course Syllabus

Module 1

Analysis of the Points of Entry to Your Infrastructure Level Hard

~ December 10, 2019 (7PM CET / 10AM PST / 1PM EST) ~

Did you watch the webinar? If so, you are ready for the next step into security! This warm-up module will prepare you for the training. But… be prepared for the level hard! The lesson contains powerful insights on auditing your environment and understanding the security mechanisms used by Windows. Let’s start with the deep dive into security and go through:

  • OSInt
  • Phishing
  • Remote Code Execution
  • Vulnerability scanning
  • C&C servers

Module 2

Extracting Forensic Information from Windows Operating System

~ December 12, 2019 (7PM CET / 10AM PST / 1PM EST) ~

After this module you will learn how to establish informative monitoring that can alarm you if something goes wrong in your environment. You will be brought to the advanced level of monitoring Windows Operating System so that next time when something happens in their infrastructure you will be able to collect data traces correctly. This module will help administrators to be more aware of what happens whenever somebody does something within the system, including the exact steps on what hacker did. This module teaches the various types of digital forensic techniques and evidence gathering methods available currently in Windows: from disk analysis to memory dumps and memory analysis.

Module 3

Auditing Active Directory Credentials and Authentication Methods

~ December 17, 2019 (7PM CET / 10AM PST / 1PM EST) ~

Get hands-on experience with extracting and auditing passwords from Active Directory (AD) databases and with offline modification of security information in AD! After this module, you will be able to:

  • Compare AD passwords against databases of banned/leaked passwords 
  • Audit account-mapped credentials, including certificates, NGC keys, and FIDO2 token
  • Extract roamed certificates, including private keys 
  • Audit the usage of insecure authentication methods

Module 4

Passwordless Authentication in Active Directory

~ December 19, 2019 (7PM CET / 10AM PST / 1PM EST) ~

Learn how to deploy passwordless authentication in on-prem, hybrid and cloud-only environments. After all, you will be able to understand correctly Windows Hello for Business and FIDO2 implementation in Windows 10. Get insight into alternate credentials lifecycle management and much more!

Module 5

Auditing Cloud Security and Reporting with Powershell

~ January 9, 2020 (7PM CET / 10AM PST / 1PM EST) ~

Learn how to quickly identify common misconfigurations in IaaS environments. That is not the end – we will show you how to process security-related events using PowerShell and how to create reports and export data for further analysis.

Module 6

Cheating on Windows, Fuzzing and Buffer Overflow: Attack Scenarios and Protection Method

~ January 14, 2020 (7PM CET / 10AM PST / 1PM EST) ~

Learn how to use exploit development toolkit, such as debugger and fuzzer, in order to identify vulnerabilities in Windows applications. You will learn how to control stack content, registers, and program flow in order to exploit remote code execution vulnerability. We will also cover various modern mitigations for vulnerabilities and some methods on bypassing them.

Module 7

Your Ultimate Modern Toolkit to Malware Analysis

~ January 16, 2020 (7PM CET / 10AM PST / 1PM EST) ~

In this AWSC module you will learn how many AntiViruses work and how malicious programs are able to hide from them. We will examine some characteristics of suspicious software, learn how to monitor its activities and what techniques are used by the malware.

Module 8

Deep Dive into Penetration Testing on Azure and Other Cloud Technologies

~ January 21, 2020 (7PM CET / 10AM PST / 1PM EST) ~

Cloud computing allows saving substantial capital costs through reduction in spending on equipment, infrastructure, and software. Cloud providers are partly responsible for the security of the maintained systems, but is this enough? In this module, we will show you how to perform penetration tests in the Cloud environment and we will explain how typical misconfigurations may allow the attacker to gain access to your cloud resources. During our session the following topics will be taken into consideration:

  • Formal preparation to perform penetration test 
  • Analyzing access methods
  • Reconnaissance 
  • Analyzing storage
  • Attacking virtual machines
  • Analyzing network security

Module 9

Monitoring System Activity with Sysinternals and other Power Tools

~ January 23, 2020 (7PM CET / 10AM PST / 1PM EST) ~

In this module, you will learn you how to use monitoring tools to analyse what the operating system is doing. You will learn how to detect different activity and analyse the system for malware or general troubleshooting.

  • Using Process Monitor for continuous monitoring 
  • Using ProcDump to dump memory content
  • Using LiveKD for live monitoring the Kernel 
  • Using Performance Toolkit to detect Boot/Logon-time activity
  • Using other Sysinternals tools to investigate the system

Module 10

Windows Internals – Process Management and Scheduling in Windows

~ January 28, 2020 (7PM CET / 10AM PST / 1PM EST) ~

In this module, you will learn you how the Windows OS runs and schedules code. You will learn how to analyse what’s causing bottlenecks, how to detect malware and how code gets priority in Windows.

  • Processes and Threads in Windows 
  • Thread Scheduling in Windows
  • IRQ-Levels and prioritization 
  • Concept of Time in Windows OS

Module 11

Data Protection Techniques: All you need to know about implementing data protection

~ January 30, 2020 (7PM CET / 10AM PST / 1PM EST) ~

Join our Expert and become familiar with EFS and other encryption technologies and rights management systems. After this AWSC Module, you will be prepared for Data Leak Prevention and Azure Information Protection as well.

Module 12

Effective Implementation of the Application Whitelisting

~ February 4, 2019 (7PM CET / 10AM PST / 1PM EST) ~

Application whitelisting is not a new topic but on the other hand it’s difficult to implement it effectively in bigger and dynamic organizations. Small mistakes allow for full bypass of this solutions. So in this module we will focus on AppLocker and WDAC implementation which can be done on large scale. How to do it properly? How not to make simple mistakes? How not to forget about crucial dependencies? This will be demo intense session with lots of PowerShell to automate tasks.


Click here to browse the modules:

PLEASE NOTE: There will be an online final exam covering all 12 modules. To receive an official CQURE certificate “Windows Security Master 2020” you have to get at least 70% of the answers right. We highly recommend that you don’t leave the revision until the last minute. 😉

Your teachers

Paula Januszkiewicz


Paula Januszkiewicz, MVP, MCT and Microsoft Reginal Director has 15 years of experience in the cybersecurity field, performing penetration tests, architecture consulting, trainings and seminars. She has performed hundreds of security projects, including those for governmental organizations and big enterprises, at the same time being a top speaker and a keynote speaker at many well-known conferences, including Microsoft Ignite (rated No 1 Speaker among 1100 speakers at a conference with 26000 attendees), RSA (in 2017 in San Francisco her session was one of the 5 hottest sessions), Black Hat, CyberCrime etc., where she is often rated as No 1 speaker. Her presentations gather thousands of people. In 2019, Paula’s presentation was voted best of Black Hat Asia 2019 Briefings!

Sami Laiho


Sami Laiho is one of the world’s leading professionals in the Windows OS. Sami has been working
with and teaching OS troubleshooting, management and security for more than 15 years. Sami’s
session was evaluated as the best session in TechEd North America 2014, TechEd Europe 2014 and
TechEd Australia 2013. Sami’s session at Ignite 2015 was evaluated as #2 out of 1000+ sessions
and all of his four sessions were in the top 15 sessions on the Windows track.

Michał Jankowski-Lorek


Mike Jankowski-Lorek, PhD, is a Cloud Solutions & Machine Learning Expert at CQURE. He is data scientist, solution architect, developer and consultant. Mike designs and implements solutions for Databases, data analysis and natural language processing. He is interested in Big data, High Availability and real-time analytics especially when combined with machine learning and artificial intelligence or NLP. Mike has recently defended his PhD thesis in which he combined academic knowledge, professional experience and strong technical skills! Holder of many IT certificates such as MCT, MCP and MCDBA.

Krystian Zieja


Krystian Zieja is a professional Infrastructure and Database Consultant at CQURE with almost 20 years of extensive experience in designing IT solutions. His practice spans from teaching Oracle Courses in OAI at University, to providing services for big public and consulting companies serving clients from four continents. Being a holder of numerous IT certificates such as OCP, MCSE, MCDBA and CISP, he is highly skilled in management as well as in programming SQL and NOSQL databases.

Michael Grafnetter


Michael is an expert on Active Directory security who works as a cybersecurity consultant, trainer, and researcher. He is best known as the author of the open-source Directory Services Internals (DSInternals) PowerShell module and Thycotic Weak Password Finder, tools used by security auditors and penetration testers worldwide. He holds a master’s degree in Software Engineering and is a former Microsoft MVP.

Artur Wojtkowski

Cybersecurity Specialist

Artur Wojtkowski is CQURE Expert with over 10 years of experience gained in many industries, mainly in telecommunication, banking and insurance sector. He has excellent skills in the area of infrastructure, web and mobile application penetration testing. He received the OSCE certification recently! During his career his tasks also included: performing social engineering tests, security code review, performance testing, security management in telecommunication companies, ISO 27001 implementation, administration of SIEM and PKI systems. Member of (ISC)2 and (ISC)2 Poland.

Adrian Denkiewicz


Adrian Denkiewicz is CQURE Expert with over 8 years of experience as Penetration Tester, Cybersecurity Specialist and Software Developer. He has worked for financial, ecommerce, and semiconductor industry. Adrian performed dozens of penetration tests and security reviews cooperating with teams from all over. Adrian recently received the OSCP and OSWP certification; however – his ambitions are wider so he is working hard to develop his special skills even more!

Matus Puskar


Matus Puskar is CQURE’s Expert with many years of experience as Tester and Technical Analyst in financial technology, with special focus on smartPOS devices. Before his cybersecurity journey, he has worked for Financial industry and gained wide knowledge about various standards and their implementation in Financial institutions (PCI, EMV, CUP, EFTPOS…).

Matus has delivered many penetration tests scoped from Web Applications to Infrastructure and Mobile Applications. He has hands on experience with Burp Suite Pro, Kali Linux and practical knowledge of ITIL set of practices.

Miłosz Piasecki


Miłosz Piasecki is CQURE’s prodigy Cybersecurity Specialist and aspiring team leader with his main focus being programming, networking and most of all Windows security. Miłosz is an enthusiastic, hard-working individual with an interest in social engineering, penetration testing, cryptography and virtualization-based technologies. At CQURE his is also responsible for demos design and creation, building virtual labs and developing scripts. Privately Miłosz is interested in social influence mechanisms, enjoys travelling, skiing, motorcycling and archery.

Who Is It For

Intermediate to Advanced
Windows Security Professionals

This program is for you, if you want to level up and become key expert in your company (or even in your field). We promise to challenge your ways of thinking and executing.

Ethical Hackers
(who are familiar with…)

Attendee needs to have general fluency in Windows environment (including security skills, penetration testing etc.) Active Directory related knowledge is required. Take the quiz to see where are you at.

Brave Newbies

If you are a newbie you can still apply, but the program WILL NOT cover the basics — so it might be really challenging for you to get in or to keep up with the group.

If you’re not sure where are you at, you can quickly test yourself by taking Paula’s Security Quiz >>> (If you score 13 points and above — this training is for you)

What CQURE Academy Students say

Milan Racko

IT Security Specialist

AWSC18 helped me to better understand what are the security risks, how to identify them and how to protect against them primary in Microsoft on premise and cloud environments. I earned valuable knowledge and also it helped me to develop our security department in my team. I am looking forward for another courses from CQURE Academy.

Jack Perry

Security Principal Consultant | Presidio

All of their classes are based on their real world experience with the products, not just the typical Official Curriculum style classes that teach you things for an exam, but that you will never use. You’ll find that all of the material you’ll learn in the class will be used, at some point, in your security career.

Martin Weber

CTO | IT.innovation.4U GmbH

Totally professional, total great stuff, in-depth knowledge and a perfect Learning Atmosphere! I like it! Thanks so much for sharing your experience and knowledge!

Marek Chmel

SQL Server DBA | AT&T

All of their classes are based on their real world experience with the products, not just the typical Official Curriculum style classes that teach you things for an exam, but that you will never use. You’ll find that all of the material you’ll learn in the on-premise will be used, at some point, in your security career.

Paweł Partyka

Azure Security Infrastructure Consultant | Microsoft

During AWSC course I have learned about various attack techniques against credentials, secrets and Windows OS. I also obtained knowledge on mitigation possibilities. The course help me to have more confidence in my cyber security skills and have more meaningful discussion about the threats with my customers.

Doru-Catalin Togea

Information Security Advisor | Norwegian Police

As it also happened before, Paula Januszkiewicz knows how to blow your mind. As great athletes make their discipline look easy when you watch them perform, so Paula makes Windows purr like a little kitten. Even though I am fully aware of how much I still don’t know, after a course such as this Windows is not mysterious anymore. This is a great feeling.

Kamil Więcek

IT Expert | ING Bank Śląski

I’ve recently attended a training held by CQURE. It was PACKED with knowledge and tools. Of course another course not everything was discussed in details (lack of time)on-premise but CQURE team delivered a great value within just a few hours. I was a student not so long ago and I wish that our universities were teaching as efficiently as CQURE does.

Styrk Finne

Senior Professional System Engineer | CSC Norway

We have learned a lot about IIS, hacking and much much more. Our motivation has increased during this course and of course great interest in your work Paula. Impressed with your enthusiastic energic way of presenting.


  • You’ll participate in a live, online certification program, divided into 12 modules spread over 6 weeks.
  • Live, online sessions happening twice a week, 2 hours each (at 7PM CET / 10AM PST / 1PM EST).
  • The syllabus covers 12 modules: Attacking & Securing Windows Network, Handling Ransomware, Forensics Techniques, Incident Response… and much more.
  • The program has an interactive, hands-on formula — and after every class, you’ll be able to ask questions.
  • During the 6 week program you’ll also get free access to the CQURE Training Lab and closed Facebook group where you can share your challenges and upgrade your network.
  • Official CQURE certificate “Windows Security Master 2020” after passing the final exam.
  • All the video recordings and extra materials are yours to keep for 12 months from the start of the program.


We’ll be taking on board 200 students only. Admission is selective. We prioritize: your skills and professional achievements, but also your attitude and how you can contribute to the group — so that we all can learn from each other. Good luck!

Frequently Asked Questions