Break into a high-growth career in cybersecurity. Learn how to perform security assessment and penetration testing to safeguard against cyber threats.
Why Is Cybersecurity Relevant?
While Accenture estimates cybercrime will cost organizations $5.2 trillion over the next five years, cybersecurity skillsets are becoming one of the fastest growing and most in-demand in today’s job market.
In this learning path, you will receive a high-level overview of the cybersecurity landscape and gain a solid technical foundation on security assessment, penetration testing and security hardening to protect yourself and your organisation’s security systems.
Our graduates from this bootcamp include individuals from Cybersecurity Agency of Singapore (CSA), Association of Information Security Professionals (AISP), Singtel, and more.
Why Should You Learn Cybersecurity?
Highly in Demand
Singapore’s Smart Nation initiative means that there is an increasing need for cybersecurity analysts.
High Demand = High Pay
A cybersecurity analyst in Singapore can fetch between S$120,000 and S$200,000 in salary.
Flexible Job Paths
Cybersecurity is crucial in any sector due to the heavy reliance of data by many businesses.
Vertical Institute’s Cybersecurity Bootcamp is designed by industry practitioners to equip individuals with the most in-demand skills and best-practices in cybersecurity. This bootcamp will provide an overview of what cybersecurity is and the various IT security measures that are currently engaged to protect various IT assets and resources. Participants will have a baseline understanding of common cybersecurity threats, vulnerabilities, and risks. Participants will also learn how to perform security assessment, penetration testing and security hardening to safeguard against cyber threats. This course is hands-on in nature with practical applications including operating Kali Linux and running vulnerability scans.
What to expect?
- Learn new concepts and tools through expert-led lectures, discussions, assignments and project work
- Make use of our e-learning portal to access course materials, assignments and submit work
- Apply what you’ve learned to create a capstone project: executing a penetration test on a system to obtain vulnerabilities
- Participate in hands-on exercises with real world data sets to apply newly learned tools and concepts
- Receive individualised feedback and support from your instructional team
- Be part of the VI community where members can leverage connections with alumni, instructors and experts
As a VI student, you will be given access to online learning materials in our e-learning portal.
To get you ready for learning, this essential pre-work will familiarize you with the basics of the key concepts and tools we will be using throughout the course.
Although you will learn these topics remotely before you arrive in class, you won’t be far away from the resources of the VI community. Make use of our Telegram channel to leverage connections with students, alumni, instructors and experts. At the end of your pre-work, you’ll be ready for the fast pace on campus!
After the course, you can choose to participate in follow-up sessions with your instructor, either in a group and/or individually, included as part of the course fee.
Module 1: Introduction to Cybersecurity & Hacker's Tools
- Introduction to Cybersecurity
- Confidentiality, Integrity, Availability
- Security assessment
- Penetration testing
- Cyber-Attack Chain
- Command and Control
- Actions on Objective
- Oracle VirtualBox
- Install VirtualBox onto computer
- Kali Linux
- Install Kali Linux onto VirtualBox
- Run Kali Linux
- Metasploitable 2
- Install Metasploitable 2 onto VirtualBox
- Run Metasploitable 2
- Assignment 1
- Research on the cyber-attack chain and map out the potential threats to your organization in a table format with the columns specifying the potential activities that hackers can conduct to your organization
Module 2: Framework & Reconnaissance
- MITRE ATT&CK Framework
- Understand how hackers devise their strategy to hack into enterprises
- Common Vulnerability Exposure (CVE) Database
- Publicly known cybersecurity vulnerabilities
- Active & Passive Scanning
- Search engine scanners
- Internet scanners
- Nmap scanner
- Recon-ng scanner
- Document scan results into report
Module 3: Security Standards, Regulation & Exploitation
- Center for Internet Security (CIS) Introduction
- Hardening guidelines for systems
- Personal Data and Protection Act (PDPA)
- Regulatory compliance for all enterprises
- Data protection enforcement cases
- Metasploit Framework for Hacking
- Search for CVE vulnerabilities with scan results
- Exploit system with available modules
- Document results into report
- Assignment 2
- Read up on Center for Internet Security (CIS) and write up a security guideline for your enterprise based on CIS hardening checklist. Provide 10 recommendations to your enterprise to comply with CIS
Module 4: Security Hardening and Configuration
- Risk Management Framework for Information Systems and Organizations from National Institute of Standards and Technology (NIST)
- A system life cycle approach for security and privacy, NIST 800-37
- Mapping Security Assessment into NIST Framework
- Microsoft Baseline Security Analyzer (MBSA) for Windows Security Check
- CHKRootKit for Linux Security Check
- Lynis for Linux Security Check
- Document security lapses into report
Module 5: Social Engineering
Vulnerability scan and recommendation on your enterprise’s system(s) with approval.
- Dark Web with Tor
- Hacker groups and forums
- Wireless Security Assessment with WiFi PineApple
- Wireless vulnerabilities
- Phishing Campaign with Social Engineering Toolkit (SET)
- Direct attack into endpoints
- Document security lapses into report
Module 6: Web, Application and Database Vulnerabilities
- Open Web Application Security Project (OWASP)
- Broken authentication
- Sensitive data exposure
- XML external entities
- Broken access control
- Security misconfiguration
- Cross-Site scripting
- Insecure deserialization
- Using components with known vulnerabilities
- Insufficient logging and monitoring
- Scanning Web Servers with OWASP ZAP
- SQLMAP for Database Hacking and Ex-filtration
- BurpSuite for Manual Injection
- Loading the payloads into BurpSuite to demostrate how hackers deploy attacks on systems
- Document security lapses into report
Module 7: Weaponization of Payload
Project Presentation on Security Assessment of your Enterprise’s system(s). Project Report Submission.
- Payloads Package on Injection
- Injection payloads created by hackers to be utilized to inject into systems
- Presentation of Security Assessment and Recommendations
The Capstone Project
Our capstone project will require you to perform a vulnerability scan and recommendation on your enterprise’s system(s) with approval.
On the last lesson, students culminate their learning by applying the new tools and concepts learnt to create a stakeholder presentation that includes:
• Execution of vulnerabvility scans using the assessment tools and tests
• Documentation of the results of these scans according to guidelines
• Identification of security lapses in the systems
• Recommendations to remediate
Liang Yang is a Cybersecurity Specialist at IBM.
He is a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker and CompTIA Security+ cybersecurity consultant. Loi advises large enterprises including multiple fortune 500 companies on security strategy to protect against advanced threats.
Passionate about imparting his cybersecurity knowledge, Liang Yang also has a YouTube channel with a community of 200k+ avid subscribers.
The bootcamp is 21 hours long and conducted on weekends or weekday evenings.
Due to COVID-19 measures, classes will be conducted 100% online, done face-to-face with our Instructor via Zoom. You will have intimate access to our instructional team that’s ready to answer your questions and a strong peer community; all immediately available through messaging and web chat.
The next intake dates are to be confirmed. Kindly email us to indicate your interest.
There are no government subsidies for this programme.
Price: $2,500 SGD
Frequently Asked Questions
Q. Why are cybersecurity skills relevant today?
By 2028, 20% of Singapore’s full-time equivalent workforce will have their jobs displaced by technology. With digital disruption comes the need for workers with corresponding digital skills, and cybersecurity is at the forefront of this change. The ability to safeguard systems and processes across all industries and professions is key to staying relevant in our increasingly precarious digital landscape.
Furthermore with the unprecedented Covid-19 pandemic, many organisations have expedited their digitalisation plans and shifted their business units and processes online. With core systems and confidential data moving to the virtual realm, organizations have made cybersecurity a top business priority.
The relevance of cybersecurity skills is also evident in its employer demand. The Cybersecurity Agency of Singapore has estimated that the city-state had to faced a talent shortage of up to 3,400 cybersecurity professionals in 2020. At the same time, LinkedIn has ranked the Cybersecurity Specialist as one of the top 10 most sought after jobs in 2020. Furthermore, cybersecurity specialists have seen 30% annual growth in demand in the past five years.
In this course, you will gain an in-demand and marketable skill set that can be applied to virtually any industry or profession.
Q. How long is this course?
This introductory bootcamp consists of 7 modules to be completed. Our course schedule can either be in a bootcamp (3 full days) or a part-time (7 three-hour lessons) format. The course is rigorous in nature with class practices, assignments, and capstone project work.
Q. Who are the instructors?
VI courses are created and led by industry practitioners from tech giants such as Apple, Amazon and Alibaba. They combine in-depth experience as practitioners with a passion for nurturing the next generation of tech talent.
Q. How are VI’s courses conducted?
All our courses are held on weekends or weekday evenings to minimize disruption to regular business hours.
Our students will have access to our e-learning portal where they can access course materials and submit assignments before class.
Q. How much time do I need to dedicate to a course outside the classroom?
It varies by course and by person, but, as a part-time student, be prepared to work hard and dedicate some time outside of the classroom each week to review course material and complete homework assignments. Our courses are designed to be rigorous and intensive, but, most importantly, incredibly rewarding!
Q. Is there a certificate granted at the end of the course?
Upon successful completion of the course, participants will be awarded a digital certificate by Vertical Institute. VI alumni use their course certificate to demonstrate skills to employers and their LinkedIn network.
Our cybersecurity course is well-regarded by top companies, who contribute to our curriculum and use our courses to train their own teams.
Instructors & Students from