Download Brochure

This module builds a strong foundation in networking concepts and protocols, covering OSI/TCP-IP models, IP addressing, routing, switching, and core network services. Learners explore essential network security threats and controls, including VPNs, wireless security, and secure network design. The course also introduces firewalls, IDS/IPS, SIEM, and monitoring tools, along with infrastructure hardening using industry benchmarks for on-prem, cloud, and hybrid environments.

Toolkits: Wireshark, Nmap, Cisco Packet Tracer, pfSense Firewall

This module explores the fundamental principles and practices for securing operating systems and web applications against modern threats. It focuses on hardening Linux and Windows systems, securing processes, access controls, and file systems, along with identifying vulnerabilities in web technologies such as HTTP, HTML, JavaScript, and server-side components. Learners will gain hands-on experience with common web attacks like SQL injection, XSS, CSRF, and techniques for secure coding and application hardening. The course integrates tools like OWASP ZAP, Burp Suite, and system-level security configurations to build defensive skills across endpoints and applications.

Toolkits: Burp Suite, OWASP ZAP, Kali Linux, Metasploit, Docker

This course equips learners with practical knowledge and hands-on skills in identifying, assessing, and mitigating vulnerabilities and threats in IT environments. Structured around the EC-Council’s CEH certification domains, it focuses on ethical hacking techniques, vulnerability analysis, enumeration, system hacking, malware threats, sniffing, social engineering, DoS attacks, session hijacking, and web server/application exploits. The course emphasizes ethical standards and industry tools used by security professionals to secure and test networks and systems. At the end of the course, learners  are required to clear the CEH theory certification exam to demonstrate their competence.

Aligned Certification: EC-Council Certified Ethical Hacker (CEH) – Theory Exam Mandatory

Toolkits: Nessus, OpenVAS, Nexpose, Kali Linux toolkit

This course provides a deep dive into advanced penetration testing techniques aligned with the OSCP certification. Learners will develop hands-on skills in performing real-world attacks on various platforms, including Windows and Linux environments. The course covers the full attack lifecycle—information gathering, enumeration, exploitation, privilege escalation, post-exploitation, and reporting. It emphasizes a methodology-driven, adversarial mindset while following ethical hacking principles. Learners will be trained to write professional penetration test reports and work within a legal and responsible framework.

Aligned Certification: Offensive Security Certified Professional (OSCP) – Theory and Lab-Based Preparation (Exam is internally conducted)

Toolkits: Metasploit, Hydra, John the Ripper, ExploitDB, Pwntools

This course equips learners with the methodologies and tools to identify, model, and manage cyber threats and risks across systems, applications, and enterprises. It covers threat modeling frameworks like STRIDE and MITRE ATT&CK, risk analysis methods including quantitative and qualitative approaches, and risk mitigation strategies mapped to governance and compliance standards. learners will learn to design threat models for real-world systems and conduct risk assessments aligned to organizational and regulatory requirements, enabling proactive defense and decision-making.

Aligned Frameworks: STRIDE, DREAD, MITRE ATT&CK, NIST Risk Management Framework (RMF), ISO/IEC 27005

Toolkits: Microsoft Threat Modeling Tool, STRIDE, DREAD, RiskLens

This course equips the learners with the skills required to detect, investigate, respond to, and remediate threats using Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Cloud Apps, and Microsoft Sentinel. It covers the practical use of Microsoft’s extended detection and response (XDR) and SIEM solutions, focusing on real-time threat detection, automation, and incident response. The course prepares learners for the Microsoft SC-200 certification exam by emphasizing hands-on labs and case-based threat analysis.

Aligned with Microsoft SC-200 – Mandatory Exam

Toolkits: Azure Sentinel, Splunk, Elastic SIEM, QRadar

This course focuses on developing capabilities to collect, analyze, and operationalize cyber threat intelligence (CTI), and perform proactive threat hunting within enterprise environments. Students will learn to identify adversary behaviors using frameworks like MITRE ATT&CK and Diamond Model, use IOC and TTP-based intelligence, and conduct hunts across endpoints, networks, and cloud systems. The course includes threat attribution, use of threat intelligence platforms, hypothesis-based hunting, and integration of CTI into SOC workflows. Learners will use real-world tools and threat feeds to gain actionable insights and defend against advanced persistent threats (APTs).

Toolkits: MISP, AlienVault OTX, TheHive, YARA, Zeek (Bro)

AI in cybersecurity refers to the use of intelligent systems and machine-learning algorithms to automatically detect, analyze, predict, and respond to cyber threats by continuously monitoring data, identifying suspicious patterns, learning from past attacks, and adapting security defenses in real time to protect networks, systems, and digital assets from evolving threats.

Toolkits: Python (Scikit-learn, TensorFlow, PyTorch), Jupyter, AWS, Azure

The Cybersecurity capstone project focuses on identifying a real-world, industry-relevant problem and designing a practical security solution. Learners analyze the problem, architect and implement a working demo or proof-of-concept, and document the approach as a detailed case study. The project strengthens hands-on execution, problem-solving, and cybersecurity consulting skills.

This course, through Cyber range, establishes its foundation on a Purple Theme to allow participants to learn both red and blue skills, thus preparing them to build a resilient defence architecture while anticipating every move of a hacker. They will be able to detect threats that were not blocked, understand patterns in the security data. With a variety of attacks and other scenarios, the organisations can test the resistance of their defence team by pushing it to its maximum capabilities. They can do early detection of a potential attack and understand the sequence patterns.

Secure Coding: Focuses on developing secure, resilient software by preventing common vulnerabilities such as injection, authentication flaws, and insecure data handling. Learners apply industry secure coding standards across modern languages and frameworks.

DevSecOps: Emphasizes integrating security into DevOps pipelines through automation, CI/CD security controls, and infrastructure as code. Learners implement shift-left security practices across cloud-native and containerized environments.

Threat Modeling: Covers structured methods to identify, analyze, and mitigate security threats during system and application design. Learners use proven frameworks to proactively reduce risk before deployment.

API Security: Addresses securing APIs against modern threats including broken authentication, excessive data exposure, and abuse. Learners implement authentication, authorization, rate limiting, and API testing best practices.

Toolkits: SonarQube, Checkmarx, GitHub Security, Burp Suite, OWASP Threat Dragon

SIEM & SOAR: Focuses on centralized security monitoring, alert correlation, and automated incident response using SIEM and SOAR platforms. Learners design detection use cases and response workflows for enterprise SOC environments.

Digital Forensics: Covers techniques for evidence acquisition, analysis, and reporting across endpoints, servers, and networks. Learners develop skills to support investigations, legal processes, and incident response.

Cyber Range: Provides hands-on, simulated attack and defense environments to practice real-world cybersecurity scenarios. Learners build operational readiness through controlled, high-impact simulations.

Red Teaming: Focuses on adversary-driven security testing to evaluate an organization’s detection and response capabilities. Learners simulate real-world attack techniques to identify gaps and improve defensive posture.

Toolkits: Splunk Phantom (SOAR), ELK Stack, Autopsy, FTK Imager, Cuckoo Sandbox

Privacy & Data Protection: Explores principles of data privacy, protection laws, and compliance requirements. Learners understand how to design systems that safeguard personal and sensitive data.

Business Continuity & Disaster Recovery (BCP/DR): Covers planning and implementation of continuity and recovery strategies to ensure business resilience. Learners design and test recovery plans aligned with organizational risk appetite.

Cloud & AI Governance: Focuses on governing security, risk, and compliance in cloud platforms and AI systems. Learners address policy design, accountability, and regulatory considerations for emerging digital environments.

Toolkits: Archer GRC, OneTrust

Post-Quantum Cryptography: Introduces cryptographic risks posed by quantum computing and next-generation encryption approaches. Learners evaluate quantum-resistant algorithms and transition strategies.

Blockchain Security: Covers security risks and controls in blockchain platforms, smart contracts, and decentralized applications. Learners assess vulnerabilities and apply secure design principles.

Identity & Access Management (IAM): Focuses on managing digital identities, authentication, authorization, and access controls across enterprise systems. Learners design IAM solutions supporting zero-trust architectures.

Toolkits: Ghidra, IDA Free, Hyperledger Fabric, Truffle, HashiCorp Vault, Post-Quantum Crypto Libraries

The second year culminates in a major, industry-scale capstone project addressing an end-to-end cybersecurity challenge. Learners identify a complex, real-world problem, design and implement a comprehensive solution, and demonstrate a working system with clear industry relevance—significantly broader in scope than the first-year project. With structured mentoring and report-writing support from the program office, the project concludes with a viva-voce evaluation conducted by an expert industry panel over a focused two-month duration.

Toolkits: GitHub, JIRA, Docker/Kubernetes, Cloud Platforms (AWS/Azure/GCP)

This module guides learners through converting their capstone project into a publishable research paper suitable for Scopus-indexed journals. Participants are mentored on research structuring, methodology articulation, results analysis, plagiarism compliance, and journal selection. The module strengthens academic writing, peer-review readiness, and research dissemination skills, enabling learners to achieve a credible international publication aligned with industry-driven cybersecurity research.