Security Integration Engineering Professional Certification

Cyber-threats to your organization are increasing at an exponential rate.

Are you countering those threats by employing an incremental response by hiring outsiders to try and keep up? Or are you increasing the bench-strength of your most trusted, invested employees to act against threats for the long haul?
What if there was someone who you could send your best to a security integration engineering boot camp to certify your team is at the bleeding edge of security integration engineering?

What do you think about a curriculum like this? Please let me know your thoughts!

 

Security Integration Engineering Professional

Software System Engineering/Architecture

  • Total-picture Engineering
    • Buying and Building
    • Skill Planning and Management
    • IT Cooperation
    • Management Commitment
  • Componentization
  • Source Control and Issue Tracking
  • Canonical Data Formatting
  • API Paradigm
  • Role of the Integrator
  • Avoiding sole reliance vendor driven solutions

Computer Programming

  • Python
  • Java
  • C/C++
  • Web Languages

Cross Language Programming

  • Built-in Cross-Language Support (Python-C, JNI, etc.)
  • Sockets
  • CLIs
  • OS-Data Synchronization
  • Web Services

Cybersecurity Overview

  • Threat Actors and Campaigns
  • Threats and Vulnerabilities
  • Cybersecurity realities in an Enterprise
  • Cybersecurity Governance
  • Security Operations and Incident Response
  • Security Engineering vs. IT Security
  • Cybersecurity Intelligence
    • Analysis
    • Reporting
    • Sharing
    • STIX and TAXII

Cybersecurity Automation

  • Supercharging Analysts
  • Consolidated Reporting
  • Automating Intelligence
  • Tool Integration
  • Centralized Reporting

Soltra

  • Cybersecurity Intelligence Sharing
  • Intelligence Sharing Partnerships and Communities
  • Soltra Product Fundamentals
  • Soltra Connectors for Integration
  • Use of Community Repositories
  • Bi-directional Intelligence Systems

STIX/TAXII

  • The Written Standards
  • Indicators and CybOX
  • Conventions
    • Standards within the standard
    • Developing for broader consumption
  • Pitfalls and Best-Practices
  • Advancing the Standards
  • Industry Adoption

Centralized Reporting Platforms

  • Standards in Reporting
    • SCAP standards
    • CCE, CVE and CPE
    • OVAL
  • Uniform Reporting Model
    • Vulnerabilities
    • Event Monitoring
    • Compliance
    • Reconciliation
  • Consumer-aware Reporting
    • Historical
    • Current
    • Actionable Details
  • Reporting Platform Considerations
    • Accessibility
    • Report Data Sensitivity
    • Ease of Maintenance
  • Security Concerns
    • Handling Classified Information
    • Passwords in Code
    • Hack-proofing interfaces
    • Strong Asset Management