Cyber Range Courses

{
    "courseID": "CADMUS-CR-01",
    "courseTitle": "Basics of Security Hardening of Networking Devices",
    "authorOwner": "AU",
    "contactPerson": [
        "Karlo Josić"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Basic",
    "eqfLevel": "4-5",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "12-24",
    "courseAvailability": "2026-06-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Apply auditing tools and techniques",
        "Assess and enhance an organisation’s cybersecurity posture - Basic Audit with integrity, being impartial and independent",
        "Coordinate the integration of security solutions",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Identify and solve cybersecurity-related issues",
        "Implement cybersecurity recommendations and best practices",
        "Manage and analyse log files",
        "Work on operating systems, servers, clouds and relevant infrastructures"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer"
    ],
    "targetAudience": [
        "SMEs",
        "public and education sector"
    ],
    "prerequisitesEntryReq": [
        "Basic understanding of TCP/IP networking concepts.",
        "Familiarity with network devices (switches, routers, firewalls) desirable but not required."
    ],
    "learningObjectives": [
        "Analyse basic network segmentation principles and their role in reducing attack surface.",
        "Configure VLANs and implement Layer 2 security controls within enterprise switching environments.",
        "Apply spanning tree configurations to prevent switching loops and ensure network stability.",
        "Implement and validate basic routing protocols (RIP, OSPF) in controlled environments.",
        "Configure standard and extended Access Control Lists (ACLs) to enforce traffic filtering policies.",
        "Secure network device management interfaces using authentication and password protection mechanisms.",
        "Evaluate the impact of segmentation and filtering mechanisms on overall network resilience."
    ],
    "suggestedLearningObjLOS": [
        "3"
    ],
    "learningOutcomes": [
        "Implement VLAN-based network segmentation and verify traffic isolation.",
        "Configure and validate STP parameters to maintain loop-free Layer 2 topologies.",
        "Deploy and test dynamic routing protocols (RIP and OSPF) in small-scale network environments.",
        "Create and apply standard and extended ACLs to restrict unauthorised network traffic.",
        "Secure router and switch management access through credential and access control configuration.",
        "Verify network functionality and security posture through connectivity testing and configuration inspection.",
        "Produce structured configuration documentation reflecting implemented security controls."
    ],
    "courseDesc": "Course introduces the fundamental concepts of network switching, routing, and security at Layers 2 and 3. Participants will learn how switching operates within network infrastructure and explore its security implications. Through hands-on practice, they will configure VLANs, trunk links, and inter-switch connections, apply port security, and implement Spanning Tree Protocol to maintain network stability. The course also covers essential hardening techniques, such as securing management interfaces, isolating unused ports and VLANs, and enabling SSH for secure remote access with password encryption. On the routing side, learners will configure static and dynamic routing protocols and apply standard and extended Access Control Lists (ACLs) to control traffic and enhance security.",
    "detailedContentOutlineTopic": [
        "Foundations of Network Hardening [LMS-N1a] Introduction [LMS- N1b] Common Layer 2 attacks (MAC flooding, VLAN hopping) [LMS-N1c] Control plane vs data plane [LMS-N1d] Threat modelling for switches and routers",
        "Secure VLAN and Layer 2 Configuration [LMS-N1e] VLAN Design and Segmentation [CR-1a] Configure VLAN and trunk ports [LMS-N1f] Port security [CR-1b] Port security [LMS-N1g] Spanning Tree Protocol (STP) [CR-1c] Configure and observe STP",
        "Management Plane Hardening [LMS-N2] Securing Management Interfaces, Enable secret vs enable password [CR-2a] Secure console and VTY lines, Login banners [LMS-N2] SSH Configuration [CR-2b] Enable SSH on VTY line [LMS-N2] Remote access",
        "Secure Routing Configuration [LMS-N3] Static Routing [CR-3a] Configure static route [LMS-N3] Dynamic Routing Protocols [LMS-N3] RIP protocol [CR-3b] Configure RIP [LMS-N3] OSPF protocol [CR-3c] Configure OSPF [LMS-N3] OSPF authentication [CR-3d] Configure OSPF authentication",
        "Access Control Lists (ACLs) [LMS-N4] Standard ACL [CR-4a] Deploy Standard ACL [LMS-N4] Extended ACL [CR-4b] Deploy Extended ACL [LMS-N4] ACL for Management Protection [LMS-N4] Placement and optimization of ACLs",
        "Recap and Quiz"
    ],
    "reqPlatformsInfra": [
        "4 × Cisco IOSvL2 virtual switches (Layer 2 configuration) (GNS3)",
        "4 × Cisco IOSvL3 virtual router (Layer 3 configuration) (GNS3)",
        "2 × Ubuntu VMs (as endpoint simulation)"
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 100% (completion and verification of configurations)"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "LMS",
        "Instruction CIS Cisco Switch IOSvL2S and Cisco Router IOSvL3",
        "CIS Cisco Switch IOSvL2S and Cisco Router IOSvL3"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "Maybe check for usage of comunity version https://blog.cloudmylab.com/eve-ng-community-vs-eve-ng-professional",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-02",
    "courseTitle": "Advanced Layer 2 Switching and Security Strategies",
    "authorOwner": "AU",
    "contactPerson": [
        "Damir Regvart"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Basic-Intermediate",
    "eqfLevel": "5-6",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2026-06-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Assess the security and performance of solutions",
        "Configure solutions according to the organisation’s security policy",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Identify and exploit vulnerabilities",
        "Identify, analyse and correlate cybersecurity events",
        "Implement cybersecurity recommendations and best practices",
        "Integrate cybersecurity solutions to the organisation’s infrastructure",
        "Practice all technical, functional and operational aspects of cybersecurity incident handling and response",
        "Work on operating systems, servers, clouds and relevant infrastructures"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Penetration Tester",
        "Cyber Incident Responder",
        "Cybersecurity Auditor",
        "Cybersecurity Architect"
    ],
    "targetAudience": [
        "SMEs",
        "public and education sector"
    ],
    "prerequisitesEntryReq": [
        "Completion of \"Basics of Security Hardening of Networking Devices\"",
        "Or prior exposure to network security and switching concepts"
    ],
    "learningObjectives": [
        "Apply port security, DHCP snooping, Storm control and Dynamic ARP Inspection (DAI) to prevent network abuse.",
        "Implement Spanning Tree Protocol protections (BPDU Guard, Root Guard, Loop Guard).",
        "Harden management interfaces and isolate unused ports and VLANs."
    ],
    "suggestedLearningObjLOS": [
        "3",
        "13"
    ],
    "learningOutcomes": [
        "Configure VLAN segmentation and secure trunking to prevent VLAN hopping.",
        "Implement STP protection mechanisms to prevent topology manipulation.",
        "Enable port-level security features (BPDU Guard, Root Guard, Port Security).",
        "Apply DHCP snooping, IP Source Guard, and ARP Inspection to prevent spoofing.",
        "Disable unnecessary services and secure management VLANs."
    ],
    "courseDesc": "This Cyber Range course provides an introduction to secure network switching through guided, hands-on configuration of Cisco IOS-based switches. Participants learn to design, implement, and secure Layer 2 environments following CIS and DISA STIG recommendations.\nThe exercises combine networking fundamentals with applied cybersecurity controls to ensure network resilience. Learners simulate common network attacks (e.g., rogue DHCP, MAC spoofing) and deploy corresponding countermeasures.",
    "detailedContentOutlineTopic": [
        "N1 Advanced VLAN Segmentation & Trunk Security [LMS-N1a] VLAN segmentation introduction [LMS-N1a] Management VLAN isolation [LMS-N1a] Native VLAN security risks [LMS-N1a] VLAN hopping attack vectors [LMS-N1a] Trunk security principles [LMS-N1a] DTP negotiation [LMS-N1a] Verify trunk hardening [CR-1a] Design VLAN segmentation plan [CR-1b] Configure secure trunk links [CR-1c] Disable unused VLANs",
        "N1 Advanced VLAN & Topology Design [LMS-N1b] Redundant link design [LMS-N1b] Root bridge placement strategy [LMS-N1b] Availability vs security trade-offs [LMS-N1b] CR-1e Configure structured VLAN architecture [LMS-N1b] CR-1f Topology convergence",
        "N2 STP Protection & Topology Security Mechanisms [LMS-N2] Rogue switch threat [LMS-N2] Layer 2 denial-of-service attacks [LMS-N2] Protection mechanisms overview: BPDU guard, Root guard, Loop guard [CR-2a] Configure BPDU Guard on edge ports [CR-2b] Configure Root Guard on designated trunk ports [CR-2c] Configure Loop Guard",
        "N3 Layer 2 Threat Mitigation & VLAN Isolation [LMS-N3a] DHCP spoofing attacks [LMS-N3a] Rogue DHCP servers [LMS-N3a] ARP spoofing / ARP poisoning [LMS-N3a] IP/MAC spoofing [LMS-N3a] CAM table flooding [LMS-N3a] Broadcast storm [CR-3a] DHCP Snooping configuration [CR-3b] Trusted vs untrusted ports, IP Source Guard [CR-3c] Dynamic ARP Inspection (DAI) [CR-3d] Configure Storm Control thresholds",
        "N3 Integrated Layer 2 Defense [LMS-N3b] Architecture Integration [LMS-N3b] Interaction between: VLAN segmentation (N1), STP protection (N2), DHCP/ARP protections (N3) [LMS-N3b] Operational trade-offs and secure topology best practices [CR-3d] Scenario: Configure and validate STP protections, Apply BPDU, Root Guard, Loop Guard, DHCP Snooping, IP Source Guard, DAI and Storm control thresholds."
    ],
    "reqPlatformsInfra": [
        "3 × Cisco IOSvL2 virtual switches (Layer 2 configuration) (GNS3)",
        "2 × Ubuntu VMs (as endpoint simulation)",
        "1 × Kali Linux VM (attack simulation)"
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 100% (completion and verification of configurations)"
    ],
    "certOffered": [
        "Certificate of Completion - “Network Switching and Security Fundamentals (Cyber Range)” (minimum 70% pass score)"
    ],
    "supportingMaterial": [
        "LMS",
        "Instruction",
        "CIS Cisco IOS Switch L2S",
        "CIS Cisco IOS Switch L2S"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "Maybe check for usage of comunity version https://blog.cloudmylab.com/eve-ng-community-vs-eve-ng-professional",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-03",
    "courseTitle": "Advanced Layer 3 Security Hardening and Traffic Control",
    "authorOwner": "AU",
    "contactPerson": [
        "Damir Regvart"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Basic-Intermediate",
    "eqfLevel": "5-6",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2027-03-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Assess the security and performance of solutions",
        "Configure solutions according to the organisation’s security policy",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Identify and exploit vulnerabilities",
        "Identify, analyse and correlate cybersecurity events",
        "Implement cybersecurity recommendations and best practices",
        "Integrate cybersecurity solutions to the organisation’s infrastructure",
        "Practice all technical, functional and operational aspects of cybersecurity incident handling and response",
        "Work on operating systems, servers, clouds and relevant infrastructures"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer"
    ],
    "targetAudience": [
        "SMEs",
        "public and education sector"
    ],
    "prerequisitesEntryReq": [
        "Foundational networking knowledge (TCP/IP, subnets, routing basics).",
        "Completion of “Advanced Layer 2 Switching and Security Strategies” module recommended."
    ],
    "learningObjectives": [
        "Understand routing principles and the role of Layer 3 security in network defence.",
        "Implement routing protocol security (BGP, OSPF) using authentication and key rotation.",
        "Configure segmentation using VRFs and ACLs.",
        "Apply DoS protections for control and management planes.",
        "Harden router configurations according to CIS  Level 1 and 2 recommendations."
    ],
    "suggestedLearningObjLOS": [
        "3",
        "13"
    ],
    "learningOutcomes": [
        "Apply based configurations for Cisco routers.",
        "Secure OSPF, BGP, and static routes with authentication (HMAC-SHA256).",
        "Configure loopback-based router identification and TTL security mechanisms.",
        "Prevent route leaks and prefix flooding through prefix lists and route maps.",
        "Implement Control Plane Policing (CoPP) and logging of dropped traffic."
    ],
    "courseDesc": "This Cyber Range course provides practical training in secure routing and network segmentation based on the CIS Cisco ACI Router STIG Benchmark v1.0.0. Participants will learn to harden router configurations, secure control planes, implement routing protocol authentication, and design segmented networks using VRFs and ACLs. The session combines theoretical grounding with hands-on exercises in a simulated enterprise environment, replicating best practices for BGP, OSPF, and inter-domain routing security.",
    "detailedContentOutlineTopic": [
        "Routing and Security Fundamentals",
        "Overview of routing principles (static, dynamic, hybrid).",
        "Common vulnerabilities in routing protocols.",
        "Introduction to STIG profiles (CAT I-III).",
        "BGP and OSPF Security Configuration",
        "BGP peer authentication with encrypted keys (HMAC-SHA256).",
        "TTL Security (GTSM) and prevention of session hijacking.",
        "Limiting prefix advertisements and preventing route leaks.",
        "OSPF authentication and key-chain configuration with 180-day key rotation.",
        "Network Segmentation and VRF Implementation",
        "Creating logical segmentation via VRFs and route filtering.",
        "Separation of management and production routing domains.",
        "Configuring loopback interfaces for routing stability.",
        "Access Control and Information Flow Control",
        "Implementing ACLs for management and routing plane isolation.",
        "Enforcing traffic contracts and flow-control policies between subnets.",
        "Control Plane and Management Plane Protection",
        "Configuring Control Plane Policing (CoPP) for DoS mitigation.",
        "Rate-limiting PIM and MSDP control messages.",
        "Logging dropped packets and auditing routing policy enforcement.",
        "IPv6 and Multicast Hardening",
        "Disabling site-local IPv6 addresses and enforcing hop limits.",
        "Limiting multicast join and register messages.",
        "Using access lists for IGMP/MLD filtering."
    ],
    "reqPlatformsInfra": [
        "3 × Cisco IOSvL3 virtual router (Layer 3 configuration) (GNS3)",
        "2 × Ubuntu VMs (as endpoint simulation)",
        "1 × Kali Linux VM (attack simulation)"
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 100% (completion and verification of configurations)"
    ],
    "certOffered": [
        "Certificate of Completion - “Router Security and Network Segmentation (Cyber Range)” (minimum 70% pass score)."
    ],
    "supportingMaterial": [
        "LMS",
        "Instruction",
        "CIS  Cisco Router IOSvL3 Benchmark"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "Maybe check for usage of comunity version https://blog.cloudmylab.com/eve-ng-community-vs-eve-ng-professional",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-04",
    "courseTitle": "Firewall Configuration and Security Management",
    "authorOwner": "AU",
    "contactPerson": [
        "Karlo Josić"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "5-6",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2027-04-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Configure solutions according to the organization’s security policy",
        "Implement cybersecurity recommendations and best practices",
        "Select appropriate specifications, procedures and controls",
        "Manage and analyze log files",
        "Integrate cybersecurity solutions to the organization’s infrastructure",
        "Decompose and analyze systems to develop security & privacy requirements",
        "Identify and solve cybersecurity-related issues",
        "Practice all aspects of cybersecurity incident handling & response"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Cybersecurity Auditor",
        "Cyber Incident Responder",
        "Cybersecurity Architect",
        "Cybersecurity Researcher"
    ],
    "targetAudience": [
        "SMEs",
        "public and education sector"
    ],
    "prerequisitesEntryReq": [
        "Solid understanding of TCP/IP networking and routing concepts.",
        "Prior exposure to network security and switching concepts (recommended)."
    ],
    "learningObjectives": [
        "Apply and validate CIS Level 1 firewall configuration guidelines.",
        "Secure pfSense administrative interfaces and management sessions (HTTPS, password, and lockout).",
        "Implement granular firewall rules with least-privilege and logging principles.",
        "Configure SNMP, NTP, and DNS services securely.",
        "Integrate firewall logs with centralized SIEM or syslog systems."
    ],
    "suggestedLearningObjLOS": [
        "3",
        "13"
    ],
    "learningOutcomes": [
        "Apply and validate CIS Level 1 firewall configuration guidelines.",
        "Secure pfSense administrative interfaces and management sessions (HTTPS, password, and lockout).",
        "Implement granular firewall rules with least-privilege and logging principles.",
        "Configure SNMP, NTP, and DNS services securely.",
        "Integrate firewall logs with centralized SIEM or syslog systems."
    ],
    "courseDesc": "This Cyber Range course provides hands-on training in configuring and securing firewalls following the CIS pfSense Firewall Benchmark v1.1.0 (2023). Participants will harden firewall configurations, implement traffic control policies, and enforce security mechanisms such as VPN encryption, logging, and intrusion mitigation. Through realistic network scenarios, trainees will create, test, and verify firewall policies that ensure confidentiality, integrity, and availability in both enterprise and small-office networks.",
    "detailedContentOutlineTopic": [
        "Introduction to Firewall Security Concepts",
        "Firewall types, functions, and placement in network architectures.",
        "Overview of CIS pfSense Benchmark and Levels 1-2 compliance.",
        "Secure System Configuration and Access Control",
        "Setting hostnames, DNS, NTP, and disabling unused services (IPv6, local accounts).",
        "Securing web management (HTTPS only) and SSH access.",
        "Applying strong password and lockout policies.",
        "Firewall Policy Design and Implementation",
        "Creating and organizing firewall rules.",
        "Removing “Allow Any” rules (Source, Destination, Services).",
        "Enabling per-rule logging and validating traffic flow.",
        "Secure ICMP, block private/bogon networks, and default deny policy.",
        "User Management and Authentication Integration",
        "Implementing LDAP or RADIUS for central authentication.",
        "Enforcing session timeouts and console protection.",
        "Managing default admin and service accounts securely.",
        "Network Services and VPN Hardening",
        "Configuring DNSSEC, NTP synchronization, and SNMP monitoring.",
        "Securing VPN access using RADIUS/LDAP, trusted CA certificates, and TLS encryption.",
        "Ensuring strong ciphers and hashing algorithms for OpenVPN."
    ],
    "reqPlatformsInfra": [
        "2 × pfSense virtual firewalls (primary and standby/HA pair).",
        "1 × Ubuntu Server VM (syslog/SIEM destination).",
        "2 × Windows 11/Ubuntu client VMs (LAN/WAN test devices).",
        "1 × Kali Linux VM (for attack simulation and testing)."
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 100% (completion and verification of configurations)"
    ],
    "certOffered": [
        "Certificate of Completion - “Firewall Configuration and Security Management (Cyber Range)” (minimum 70% pass score)."
    ],
    "supportingMaterial": [
        "LMS",
        "Instruction",
        "CIS pfSense Firewall Benchmark compliance checklist."
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-05",
    "courseTitle": "Linux OS Security Hardening and Compliance Validation",
    "authorOwner": "AU",
    "contactPerson": [
        "Zlatan Morić"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Basic-Intermediate",
    "eqfLevel": "6",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "12-24",
    "courseAvailability": "2026-06-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Implement cybersecurity recommendations and best practices",
        "Analyse and implement cybersecurity policies, certifications, standards and frameworks",
        "Assess and enhance an organisation’s cybersecurity posture",
        "Manage and analyse log files",
        "Work on operating systems, servers and infrastructures",
        "Identify and solve cybersecurity-related issues",
        "Decompose and analyse systems to identify weaknesses",
        "Apply auditing tools and techniques",
        "Configure solutions according to the organisation’s security policy"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Cybersecurity Architect",
        "Cybersecurity Auditor"
    ],
    "targetAudience": [
        "Linux system administrators",
        "Infrastructure security engineers",
        "Technical security professionals responsible for secure configuration and hardening of enterprise Linux environments"
    ],
    "prerequisitesEntryReq": [
        "Practical experience working with Linux operating systems (installation, configuration and basic administration).",
        "Ability to use the Linux command line effectively, including file system navigation, permission management and service control.",
        "Foundational understanding of user account management, process management and network configuration in Linux environments.",
        "Basic knowledge of cybersecurity principles, including authentication, access control and logging concepts.",
        "Familiarity with system configuration files and editing tools (e.g., nano, vim).",
        "Understanding of basic networking concepts (TCP/IP, SSH, firewall principles)."
    ],
    "learningObjectives": [
        "Apply structured Linux hardening techniques aligned with CIS Benchmark recommendations.",
        "Configure authentication, access control and privilege management mechanisms securely.",
        "Implement secure SSH configuration and network service restrictions.",
        "Configure and validate logging, auditing and monitoring mechanisms (e.g., auditd).",
        "Identify and remediate insecure system configurations.",
        "Perform compliance validation using automated assessment tools (e.g., CIS-CAT or equivalent).",
        "Document implemented hardening measures and justify remediation decisions."
    ],
    "suggestedLearningObjLOS": [
        "LOS 3 - Secure System Configuration and Hardening"
    ],
    "learningOutcomes": [
        "Harden a Linux system according to CIS Benchmark Level 1 and selected Level 2 controls.",
        "Securely configure user accounts, password policies and privilege escalation mechanisms (e.g., sudo, PAM).",
        "Implement and validate secure SSH and firewall configurations.",
        "Configure and interpret audit logs and system monitoring outputs.",
        "Detect configuration weaknesses through manual inspection and automated scanning tools.",
        "Improve compliance posture by addressing identified misconfigurations.",
        "Produce a structured remediation summary documenting applied security controls."
    ],
    "courseDesc": "This practical Cyber Range training emphasised Linux system hardening in accordance with CIS Benchmark guidelines. The course offers systematic instruction on protecting Linux environments by configuring authentication techniques, access controls, privilege management, network services, and system logging. Participants operate within a simulated infrastructure environment where deliberately misconfigured systems must be examined, fortified, and certified. The training focuses on the safe configuration of SSH services, password policies, PAM settings, firewall regulations, and auditing techniques (e.g., auditd). Participants utilise automated compliance validation tools and manual hardening procedures to evaluate system posture against established security baselines. The course combines defensive configuration techniques with compliance-focused validation, guaranteeing that established controls are quantifiable and justifiable. Upon completion, participants can fortify Linux systems in accordance with CIS Level 1 and certain Level 2 regulations, detect configuration vulnerabilities, and generate organised remedial documentation appropriate for operational and compliance purposes.",
    "detailedContentOutlineTopic": [
        "Linux Security Baseline & Threat Context: Common Linux misconfiguration risks and attack vectors, Security baseline concepts and CIS Benchmark structure, Difference between Level 1 and Level 2 controls, Understanding compliance scoring methodologies, [CR] Initial baseline assessment of a misconfigured Linux system, [CR] Identification of insecure default configurations, [CR] Documentation of initial security posture findings",
        "User & Authentication Hardening: Secure user account lifecycle management, Password policies and aging configuration, PAM configuration principles, Privilege delegation and root access restrictions, [CR] Implementation of password and authentication policies, [CR] PAM configuration hardening, [CR] Secure sudo configuration and root login restrictions",
        "Access Control & System Permissions: File system permission model review, SUID/SGID risk identification, World-writable file risks, Ownership and integrity validation, [CR] Identification and remediation of insecure file permissions, [CR] Removal or mitigation of unsafe SUID/SGID configurations, [CR] Secure configuration of home directories and system paths",
        "Network & SSH Hardening: Secure SSH configuration principles, Service exposure and attack surface reduction, Firewall configuration fundamentals, [CR] Secure SSH daemon configuration (protocol, ciphers, root access), [CR] Identification and disabling of unnecessary network services, [CR] Firewall rule implementation and validation, [CR] Verification of listening ports and service bindings",
        "Logging, Auditing & Monitoring: Logging architecture and log integrity concepts, auditd configuration and rule design, Monitoring authentication and privilege escalation events, [CR] Configuration of system logging parameters, [CR] Implementation of auditd rules aligned with CIS requirements, [CR] Validation of log generation and monitoring effectiveness",
        "Kernel & System Parameter Hardening: Secure kernel parameter configuration (sysctl), Network stack hardening, Kernel module control principles, [CR] Implementation of sysctl hardening parameters, [CR] Disabling insecure kernel modules, [CR] Verification of parameter enforcement and persistence",
        "Compliance Validation & Scanning: Compliance validation methodologies, Automated security baseline assessment tools, Interpretation of compliance scoring results, [CR] Execution of compliance scan (e.g., CIS-CAT or equivalent), [CR] Analysis of compliance report findings, [CR] Identification of residual non-compliant configurations",
        "Remediation & Documentation: Structured remediation workflow, Risk-based prioritisation of misconfigurations, Compliance documentation best practices, [CR] Remediation of identified non-compliant controls, [CR] Re-validation through automated compliance scanning, [CR] Preparation of structured remediation summary report",
        "Final Cyber Range Verification: Secure configuration verification principles, Post-hardening security posture evaluation, [CR] Final system validation against predefined security checkpoints, [CR] Confirmation of CIS Level 1 compliance targets, [CR] Submission of hardened system configuration for automated evaluation"
    ],
    "reqPlatformsInfra": [
        "2 × Ubuntu 24.04 LTS (workstations)",
        "2 × Red Hat Enterprise Linux 9 (servers)"
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 100% (completion and verification of configurations)"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "CIS Benchmark reference documentation (Level 1 and selected Level 2 controls)",
        "Linux hardening configuration guides and best practice checklists",
        "Secure SSH and PAM configuration reference materials",
        "File permission and privilege escalation mitigation guidelines",
        "Logging and audit configuration reference guide (auditd rule examples and best practices)",
        "Kernel parameter hardening reference (sysctl configuration templates)",
        "Firewall configuration reference examples and validation checklists",
        "Compliance validation tool documentation (e.g., CIS-CAT or equivalent scanner usage guide)",
        "Baseline assessment and compliance scoring worksheets",
        "Cyber Range environment documentation, including lab instructions and validation checkpoints"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This Cyber Range course is structured as a practical defensive security exercise emphasising Linux system hardening and compliance validation, rather than offensive exploitation methods. The training focuses on the systematic application of CIS Benchmark controls, quantifiable configuration enhancement, and automated compliance validation within a regulated simulation environment. Participants must operate autonomously within the Cyber Range infrastructure, implementing secure configuration protocols and verifying their efficacy through established assessment checkpoints. The program enhances operational discipline, configuration precision, and documentation quality, guaranteeing that hardening measures can be substantiated in both technical and compliance settings. The simulation environment is deliberately set up with authentic misconfigurations to mimic prevalent vulnerabilities in enterprise Linux systems, allowing participants to enhance their practical defensive engineering abilities under structured oversight and automatic validation limitations.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-06",
    "courseTitle": "Windows OS Security Hardening and Active Directory Defence",
    "authorOwner": "AU",
    "contactPerson": [
        "Zlatan Morić"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "6",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "12-24",
    "courseAvailability": "2026-09-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Implement cybersecurity recommendations and best practices",
        "Configure solutions according to the organisation’s security policy",
        "Work on operating systems, servers, clouds and relevant infrastructures",
        "Manage and analyse log files",
        "Decompose and analyse systems to identify weaknesses and ineffective controls"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Cybersecurity Architect",
        "Cybersecurity Auditor"
    ],
    "targetAudience": [
        "Windows system administrators",
        "Active Directory administrators",
        "Infrastructure security engineers",
        "Technical security professionals responsible for secure configuration and hardening of enterprise Windows environments"
    ],
    "prerequisitesEntryReq": [
        "Practical experience with Windows Server administration and Active Directory environments.",
        "Ability to create, modify and apply Group Policy Objects (GPOs) in domain-based infrastructures.",
        "Foundational understanding of Windows authentication mechanisms (Kerberos, NTLM) and account management concepts.",
        "Basic proficiency in PowerShell for administrative configuration tasks.",
        "Familiarity with system logging concepts and use of Event Viewer for security event analysis."
    ],
    "learningObjectives": [
        "Explain the security architecture of Windows 11 and Windows Server 2025 in relation to enterprise hardening principles.",
        "Interpret and apply CIS Benchmark controls to Windows workstations and server environments.",
        "Design and implement structured hardening baselines using Group Policy Objects and local security policies.",
        "Configure secure identity, authentication, and privilege management mechanisms within Active Directory.",
        "Implement network security and firewall configurations aligned with defence-in-depth principles.",
        "Configure advanced audit policies and validate applied security controls through structured log analysis.",
        "Assess configuration compliance and document deviations against defined security baselines."
    ],
    "suggestedLearningObjLOS": [
        "3"
    ],
    "learningOutcomes": [
        "Implement and verify CIS Level 1 and Level 2 controls on Windows 11 and Windows Server 2025 systems.",
        "Configure domain-based security policies including password policies, account lockout mechanisms, user rights assignments, and delegation restrictions.",
        "Harden Active Directory environments by securing service accounts, enforcing LDAP signing, and protecting privileged accounts.",
        "Apply and validate firewall configurations and secure network access controls within enterprise Windows environments.",
        "Configure and interpret advanced audit policy settings and analyse security event logs for validation of hardening measures.",
        "Produce structured compliance validation evidence demonstrating alignment with defined CIS security baselines."
    ],
    "courseDesc": "This course offers a systematic and practical methodology for safeguarding enterprise Windows environments via applied system hardening and configuration verification. The module emphasises the implementation of robust security baselines for Windows 11 workstations and Windows Server 2025 systems, particularly focusing on the protection of Active Directory and policy-driven configuration management.\nParticipants analyse and implement CIS Benchmark rules to create secure configuration baselines for workstation and server settings. The course addresses the systematic enforcement of account policies, privilege allocations, firewall setups, and domain-wide security settings through Group Policy Objects and local security policies. Particular emphasis is placed on fortifying domain controllers, safeguarding service accounts, and implementing authentication and delegation restrictions inside Active Directory.\nThe program comprises a 12-hour module, which includes 6 hours of theoretical instruction via LMS and 6 hours of supervised execution in the Cyber Range. The theoretical component establishes structured hardening principles, control interpretation methodologies, and compliance validation frameworks. The Cyber Range component allows users to execute, validate, and record implemented security measures within a regulated enterprise simulation setting.\nThe module highlights defensive configuration, baseline enforcement, and systematic validation of applied measures. It excludes adversarial simulation, penetration testing, and incident response tasks. Upon completion, participants may implement, validate, and document secure configuration baselines for enterprise Windows and Active Directory infrastructures.",
    "detailedContentOutlineTopic": [
        "Foundations of Windows Security Hardening (LMS): Security architecture of Windows 11 and Windows Server 2025, Defence-in-depth principles in enterprise Windows environments, Structure and interpretation of CIS Benchmarks, Hardening levels (Level 1 vs Level 2) and applicability criteria, Baseline configuration strategy and policy-driven enforcement",
        "Windows 11 Workstation Hardening: Account policies: password length, complexity, lockout configuration, User rights assignments and privilege separation, Local security policies and secure configuration of system services, [CR] Implementation of CIS Level 1 and Level 2 controls on Windows 11, [CR] Configuration of Windows Defender Firewall profiles and logging, [CR] Validation of applied controls against CIS requirements",
        "Windows Server 2025 Hardening: Secure server role configuration principles, Administrative account protection and service exposure management, Secure network access configuration and remote service hardening, [CR] Implementation of server hardening controls using Group Policy, [CR] Configuration of advanced firewall rule sets, [CR] Verification and compliance validation of applied server controls",
        "Active Directory Security and Domain Controller Hardening: Active Directory security model and trust boundaries, Group Policy design and structured domain-wide enforcement, Privileged account management and delegation principles, [CR] Domain controller hardening and LDAP signing enforcement, [CR] Service account protection and delegation restriction configuration, [CR] Enforcement of password, lockout and privilege assignment policies",
        "Audit Policy Configuration and Security Validation: Advanced Audit Policy Configuration principles, Authentication, object access and privilege-use auditing concepts, Logging traceability and validation methodology, [CR] Configuration of advanced audit policies at local and domain level, [CR] Analysis of Event Viewer and Sysmon outputs for validation of hardening measures, [CR] Structured verification of implemented controls through log review",
        "Compliance Verification and Configuration Assessment: Mapping implemented controls to CIS Benchmark requirements, Documentation methodology for configuration baselines, [CR] Automated validation checkpoints within the Cyber Range environment, [CR] Identification and remediation of misconfigurations, [CR] Structured documentation of compliance status and deviations"
    ],
    "reqPlatformsInfra": [
        "2 × Windows 11 Enterprise (workstations)",
        "2 × Windows Server 2025 (one configured as AD domain controller, one as member server)"
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 100% (completion and verification of configurations)"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "LMS instructional modules covering Windows security architecture, CIS Benchmark interpretation, Active Directory security principles, and audit configuration methodology",
        "CIS Benchmarks for Windows 11 Enterprise and Windows Server 2025 (Level 1 and Level 2)",
        "Hardening baseline configuration checklists aligned with CIS controls",
        "Group Policy configuration reference templates",
        "Cyber Range lab guides",
        "Pre-configured virtual machine images (Windows 11 Enterprise and Windows Server 2025 with AD domain environment)",
        "Compliance validation worksheets for documenting implemented controls and deviations"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This course comprises a 12-hour applied training module, featuring 6 hours of theoretical instruction via a Learning Management System and 6 hours of supervised practical execution in a Cyber Range environment. The theoretical component delineates structured concepts for system hardening and compliance validation methodology, whereas the Cyber Range component facilitates practical setup, enforcement, and verification of implemented security baselines. The module largely implements LOS 3 (Secure System Configuration and Hardening) through the systematic application of CIS-aligned policies for Windows 11, Windows Server 2025, and Active Directory settings. The training concentrates solely on defensive configuration, baseline enforcement, and compliance validation. It excludes adversarial simulation, penetration testing, and incident response tasks. Scenario settings and configuration baselines can be modified to align with small and medium enterprises, corporate entities, or regulated organisational contexts. All practical actions in the Cyber Range are validated through systematic configuration checkpoints and compliance verification procedures to ensure a quantitative and objective evaluation of imposed controls.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-07",
    "courseTitle": "Android Device Security and Hardening",
    "authorOwner": "AU",
    "contactPerson": [
        "Jasmin Redžepagić"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "5-6",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2027-03-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Configure solutions according to the organisation’s security policy",
        "Implement cybersecurity recommendations and best practices",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Assess the security and performance of solutions",
        "Manage and analyse log files",
        "Identify, analyse and correlate cybersecurity events",
        "Practice all technical, functional and operational aspects of cybersecurity incident handling and response",
        "Work on operating systems, servers, clouds and relevant infrastructures"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Cyber Incident Responder",
        "Cybersecurity Architect"
    ],
    "targetAudience": [
        "Mobile Device Management (MDM/EMM) administrators responsible for Android Enterprise configuration",
        "Endpoint security engineers managing corporate mobile devices",
        "IT administrators responsible for mobile device onboarding, policy enforcement and compliance monitoring",
        "Security engineers implementing hardening baselines for mobile operating systems",
        "SOC analysts or incident responders handling mobile-related security events",
        "Technical staff in SMEs, public sector and education environments managing managed Android fleets"
    ],
    "prerequisitesEntryReq": [
        "Fundamental understanding of mobile operating system concepts (Android architecture, application model, permissions model)",
        "Basic knowledge of enterprise device management (MDM/EMM concepts, device enrollment, policy enforcement)",
        "Familiarity with common cybersecurity principles (authentication, access control, encryption, secure configuration)",
        "Basic understanding of network connectivity and secure communication (Wi-Fi security, VPN basics, certificate-based authentication)",
        "Ability to navigate command-line or device management interfaces",
        "Foundational troubleshooting skills for endpoint configuration issues"
    ],
    "learningObjectives": [
        "Analyse Android Enterprise device configurations to identify misconfigurations and policy deviations.",
        "Implement secure configuration baselines aligned with organisational security requirements.",
        "Apply enterprise mobility management (EMM/MDM) policies to enforce hardening controls.",
        "Evaluate device compliance posture using logging and monitoring mechanisms.",
        "Detect and remediate insecure device configurations within a controlled Cyber Range environment.",
        "Integrate mobile device hardening controls into organisational security operations workflows."
    ],
    "suggestedLearningObjLOS": [
        "1",
        "3"
    ],
    "learningOutcomes": [
        "Configure and enforce Android Enterprise security policies for managed devices.",
        "Identify configuration gaps between compliant (“Golden”) and non-compliant (“Rogue”) device states.",
        "Analyse device logs and management console outputs to detect security deviations.",
        "Implement remediation actions to restore policy compliance.",
        "Validate secure configuration baselines against defined organisational requirements.",
        "Demonstrate structured incident handling for mobile device security misconfigurations within a Cyber Range scenario."
    ],
    "courseDesc": "This course provides a structured Cyber Range-based learning experience focused on Android Enterprise hardening based on CIS Benchmark. Through guided hands-on tasks, trainees configure, audit, and harden Android environments, focusing on authentication, application control, network access, and privacy. Participants will simulate both user-level and administrator-level activities, including detecting policy deviations, adjusting configurations, and validating compliance with organizational security policies. The exercise concludes with compliance validation and policy reporting using device analysis tools and MDM frameworks.",
    "detailedContentOutlineTopic": [
        "Android Enterprise Security Architecture: Android OS security architecture (kernel, sandboxing, SELinux, verified boot), Application model, permissions and isolation mechanisms, Enterprise device enrollment models (Fully Managed, Work Profile, COPE), Threat landscape for managed mobile environments, Security baseline principles for enterprise Android deployments",
        "Enterprise Mobility Management (EMM/MDM) Policy Framework: Device enrollment lifecycle and provisioning workflows, Security policy categories (password, encryption, network, application control), Certificate-based authentication and device trust establishment, Secure Wi-Fi, VPN and managed network configuration, Policy enforcement logic and compliance states",
        "Secure Configuration Baselines & Hardening Controls: Defining compliant (“Golden”) device state, Identifying insecure (“Rogue”) configuration deviations, Application control and managed Play restrictions, Restricting debugging, developer options and sideloading, Encryption enforcement and device integrity validation",
        "Monitoring, Logging and Compliance Validation: Device compliance reporting mechanisms, Log collection and event visibility in management console, Identifying anomalous behaviour and policy violations, Correlating configuration changes with security posture degradation, Remediation workflow and enforcement escalation",
        "[CR] Baseline Hardening Implementation: Enrollment of managed Android devices, Application of security policies via EMM/MDM platform, Configuration of password, encryption and network restrictions, Secure management interface configuration, Validation of baseline configuration state",
        "[CR] Configuration Deviation Detection (Golden vs Rogue Model): Comparison of compliant and non-compliant device states, Identification of disabled controls and policy violations, Log analysis for configuration tampering indicators, Detection of insecure network and application settings",
        "[CR] Remediation and Policy Enforcement: Re-enforcement of security policies, Remote remediation actions, Policy re-synchronisation and device quarantine procedures, Validation of restored compliance state",
        "[CR] Integrated Mobile Security Incident Scenario: Simulated policy bypass attempt, Detection of unauthorised configuration changes, Correlation of events and log analysis, Execution of structured remediation process, Final compliance validation and documentation"
    ],
    "reqPlatformsInfra": [
        "2 × Android Virtual Devices (AVD).",
        "1 × Linux-based management VM for ADB access, logging, and configuration analysis."
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 100% (completion and verification of configurations)"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "LMS",
        "Instruction",
        "CIS Benchmarks Android"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-08",
    "courseTitle": "Business Continuity Planning and Resilience Simulation",
    "authorOwner": "AU",
    "contactPerson": [
        "Vedran Dakić"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2026-09-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Analyse business processes, assess and review software or hardware security, as well as technical and organisational controls",
        "Build resilience against points of failure across the architecture",
        "Analyse and consolidate organisation’s quality and risk management practices",
        "Assess the security and performance of solutions",
        "Communicate, coordinate and cooperate with internal and external stakeholders",
        "Identify non-cyber events with implications on cyber-related activities",
        "Work on operating systems, servers, clouds and relevant infrastructures",
        "Practice all technical, functional and operational aspects of cybersecurity incident handling and response",
        "Enable business assets owners, executives and other stakeholders to make risk-informed decisions to manage and mitigate risks"
    ],
    "ecsfRoles": [
        "Cybersecurity Risk Manager",
        "Cybersecurity Architect",
        "Cybersecurity Implementer"
    ],
    "targetAudience": [
        "SMEs",
        "public and education sector"
    ],
    "prerequisitesEntryReq": [
        "Basic understanding of IT systems and cybersecurity fundamentals."
    ],
    "learningObjectives": [
        "Analyse business-critical processes and define resilience priorities using structured Business Impact Analysis (BIA).",
        "Determine and justify Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO) based on operational and risk considerations.",
        "Design resilience strategies integrating redundancy, failover and monitoring mechanisms.",
        "Implement and validate high availability configurations within a simulated infrastructure environment.",
        "Evaluate system behaviour during controlled service disruptions.",
        "Assess recovery performance against predefined resilience metrics.",
        "Activate and execute a Business Continuity Plan (BCP) under simulated crisis conditions.",
        "Document resilience gaps and propose risk-informed improvement measures."
    ],
    "suggestedLearningObjLOS": [
        "1",
        "5",
        "7",
        "20"
    ],
    "learningOutcomes": [
        "Conduct a structured Business Impact Analysis and prioritise critical services based on measurable impact criteria.",
        "Define and validate RTO/RPO values aligned with business and regulatory requirements.",
        "Implement and verify failover mechanisms and redundancy configurations within enterprise-like infrastructure environments.",
        "Measure actual recovery time and compare it against predefined resilience targets.",
        "Interpret monitoring data and system logs to assess continuity performance.",
        "Identify weaknesses in continuity strategy and propose structured remediation actions.",
        "Execute continuity activation procedures under time-constrained simulation scenarios.",
        "Produce a structured resilience validation report suitable for governance and management review."
    ],
    "courseDesc": "This Cyber Range course emphasises the empirical validation of business continuity and technical resilience measures within enterprise infrastructure environments. The training integrates governance-driven Business Impact Analysis (BIA), risk-based prioritisation and the technical implementation of high availability and failover mechanisms. Participants analyse critical business services, define Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO), and design resilience strategies aligned with operational and regulatory requirements. Within a simulated hybrid infrastructure environment, they implement redundancy, monitoring and failover configurations and evaluate system behaviour under controlled disruption scenarios. The course includes structured service outage simulations, real-time monitoring analysis and validation of recovery performance against predefined resilience targets. Upon completion, participants are able to assess organisational resilience posture, validate continuity controls through technical testing and produce structured resilience validation reports suitable for governance and management review.",
    "detailedContentOutlineTopic": [
        "Foundations of Business Continuity & Resilience: Core principles of Business Continuity Management (BCM), Relationship between incident response, resilience and availability, Critical service identification and dependency mapping, Governance and accountability in continuity planning, Integration of cybersecurity controls within continuity frameworks",
        "Business Impact Analysis (BIA) & Risk Assessment: Identification of critical business processes, Asset dependency analysis (applications, servers, network components), Determination of Recovery Time Objective (RTO) and Recovery Point Objective (RPO), Impact assessment of service disruption scenarios, Risk prioritisation based on operational and business impact",
        "Resilience Strategy Design: High availability (HA) concepts and failover strategies, Redundancy models (active-active, active-passive), Backup and replication strategies, Monitoring and observability integration, Alignment of resilience design with defined RTO/RPO targets",
        "Implementation of Resilience Controls [CR]: [CR] Configuration of high availability services, [CR] Deployment of failover mechanisms, [CR] Backup and restore configuration validation, [CR] Service health monitoring configuration, [CR] Validation of redundancy pathways",
        "Controlled Service Disruption Simulation [CR]: [CR] Injected service outage scenarios, [CR] Validation of failover response time, [CR] Measurement of actual recovery time against defined RTO, [CR] Monitoring system behaviour during disruption, [CR] Validation of service continuity for critical workloads",
        "Monitoring & Observability Analysis [CR]: [CR] Analysis of monitoring dashboards and alert triggers, [CR] Correlation of service availability metrics, [CR] Validation of recovery processes through system logs, [CR] Identification of monitoring gaps, [CR] Assessment of detection effectiveness",
        "Compliance & Continuity Validation: Mapping resilience controls to regulatory and governance requirements, SLA and uptime metric evaluation, Documentation of resilience testing results, Gap identification between planned and actual recovery performance, Remediation prioritization",
        "Crisis Activation & Continuity Drill [CR]: [CR] Activation of Business Continuity Plan under simulated crisis, [CR] Coordination of technical and managerial response, [CR] Decision-making under time constraints, [CR] Communication flow validation, [CR] Executive-level continuity review",
        "Post-Incident Review & Improvement: Structured after-action review, Root cause analysis of recovery delays, Evaluation of resilience KPIs, Improvement planning and resilience optimization, Documentation for governance reporting"
    ],
    "reqPlatformsInfra": [
        "2 × Windows Server 2025 (WSFC nodes)",
        "1 × iSCSI Storage VM (TrueNAS or Linux iSCSI target)",
        "2 × Linux servers (Pacemaker/Corosync cluster)",
        "1 × HAProxy Load Balancer VM",
        "1 × Linux Web Server (backend)",
        "2 × Windows 11/Ubuntu clients"
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 60% (completion and verification of configurations)",
        "LMS quiz: 40%"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "LMS",
        "Instruction",
        "BIA and BCP templates"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This Cyber Range training is designed as an integrated resilience validation exercise combining governance-level Business Continuity Management with technical high availability implementation and recovery testing. The simulation environment intentionally introduces controlled service disruptions to evaluate the effectiveness of predefined RTO/RPO targets and resilience strategies under realistic operational constraints. Participants are expected to operate within a structured decision-making framework, balancing technical recovery actions with business impact considerations and risk prioritisation. The exercise emphasises measurable recovery performance, structured documentation of continuity validation results and alignment between resilience planning and actual system behaviour. The module serves as an applied resilience assessment component within the CADMUS portfolio, reinforcing the integration of risk management, operational continuity and technical infrastructure engineering.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-09",
    "courseTitle": "Disaster Recovery Operations and Technical Restoration",
    "authorOwner": "AU",
    "contactPerson": [
        "Vedran Dakić"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2026-09-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Build resilience against points of failure across the architecture",
        "Practice all technical, functional and operational aspects of cybersecurity incident handling and response",
        "Analyse business processes, assess and review software or hardware security, as well as technical and organisational controls",
        "Assess the security and performance of solutions",
        "Collect information while preserving its integrity",
        "Work on operating systems, servers, clouds and relevant infrastructures",
        "Identify and solve cybersecurity-related issues",
        "Communicate, present and report to relevant stakeholders",
        "Understand, practice and adhere to ethical requirements and standards"
    ],
    "ecsfRoles": [
        "Cyber Incident Responder",
        "Cybersecurity Risk Manager",
        "Chief Information Security Officer (CISO)"
    ],
    "targetAudience": [
        "Cyber Incident Responders responsible for operational recovery activities",
        "IT infrastructure engineers managing backup and replication systems",
        "System administrators involved in disaster recovery implementation and testing",
        "Cybersecurity implementers responsible for resilience validation",
        "Technical personnel in SMEs, public sector and critical infrastructure environments tasked with maintaining service continuity",
        "Professionals preparing for roles in disaster recovery and operational resilience management"
    ],
    "prerequisitesEntryReq": [
        "Solid understanding of IT infrastructure components (servers, virtual machines, storage systems and networking)",
        "Basic knowledge of backup and replication concepts",
        "Familiarity with virtualisation platforms and system administration tasks",
        "Foundational understanding of cybersecurity principles, including ransomware impact and data integrity",
        "Ability to use management consoles and command-line interfaces for system configuration",
        "Basic troubleshooting skills for infrastructure and service availability issues"
    ],
    "learningObjectives": [
        "Analyse disaster recovery architectures and differentiate between backup, replication and snapshot strategies.",
        "Evaluate the impact of ransomware and service disruption scenarios on replicated environments.",
        "Design recovery workflows aligned with predefined Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO).",
        "Execute controlled restoration procedures using backup and replication technologies.",
        "Validate system integrity and data consistency following restoration activities.",
        "Assess disaster recovery effectiveness through structured recovery testing and performance measurement.",
        "Document recovery procedures and propose optimisation measures based on identified recovery gaps."
    ],
    "suggestedLearningObjLOS": [
        "1",
        "5",
        "20"
    ],
    "learningOutcomes": [
        "Compare and justify the selection of backup, snapshot and replication mechanisms in different disaster scenarios.",
        "Identify risks associated with compromised replicas and evaluate appropriate recovery strategies.",
        "Perform granular file-level and full virtual machine restoration procedures in a controlled environment.",
        "Execute instant recovery operations and measure actual recovery time against defined RTO targets.",
        "Validate restored systems through integrity checks and operational testing.",
        "Analyse ransomware propagation effects on backup and replica infrastructure.",
        "Produce structured disaster recovery reports documenting recovery actions, validation results and improvement recommendations."
    ],
    "courseDesc": "This Cyber Range module provides hands-on experience in disaster recovery operations using a fully virtualized environment. Participants practice backup configuration, VM snapshotting, replication, restoration, and failover orchestration. A simulated outage scenario requires execution of full DR activation procedures, including service restoration, data verification, and failback to the production environment. The workflow integrates real procedures aligned with ISO 22301, NIST SP 800-34, and industry DR best practices.",
    "detailedContentOutlineTopic": [
        "Foundations of Disaster Recovery Architecture: Principles of disaster recovery and operational resilience, Recovery Time Objective (RTO) and Recovery Point Objective (RPO) concepts, Comparison of backup, snapshot and replication strategies, Storage redundancy models and availability design, Common failure and ransomware impact scenarios",
        "Backup and Snapshot Technologies: Full, incremental and differential backup strategies, Snapshot mechanisms and their operational limitations, Data consistency and application-aware backups, Validation of backup integrity and recovery readiness, Risks associated with compromised backup chains",
        "Replication and High Availability Mechanisms: Synchronous vs asynchronous replication, Replica propagation risks during ransomware events, Failover and failback procedures, Monitoring replication health and lag, Validation of replica integrity before activation",
        "Disaster Scenario Analysis and Risk Evaluation: Impact of ransomware on production and replica environments, Identifying safe recovery points, Evaluating contamination risks in replicated systems, Decision-making criteria for selecting recovery strategy, Aligning recovery strategy with RTO/RPO targets",
        "Controlled Restoration Procedures [CR]: [CR] Performing granular file-level restoration, [CR] Executing full virtual machine recovery, [CR] Instant VM recovery and rapid service restoration, [CR] Verification of restored services and application functionality, [CR] Integrity validation using checksum and consistency checks",
        "Ransomware Propagation Simulation and Recovery [CR]: [CR] Simulated ransomware execution and service disruption, [CR] Analysis of infection spread across replicated systems, [CR] Selection of appropriate restore points, [CR] Restoration of clean infrastructure state, [CR] Measurement of actual recovery time against defined RTO",
        "Recovery Validation and Performance Measurement: Comparing planned vs actual recovery performance, Identification of bottlenecks in restoration workflow, Validation of service availability after recovery, Documentation of recovery testing results",
        "Post-Recovery Review and Optimisation: Root cause analysis of recovery delays, Improvement of backup and replication configuration, Hardening backup storage against ransomware impact, Structured disaster recovery reporting"
    ],
    "reqPlatformsInfra": [
        "2 × Windows Server 2025 - Backup server (Veeam)",
        "2 × Windows Server 2025 Hypervisor (Production + DR Site)",
        "1 x Windows Server 2025 - Domain Controller",
        "1 x Debian based nested VM",
        "Exported backup of a Linux web server VM"
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 60% (completion and verification of configurations)",
        "LMS quiz: 40%"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "LMS",
        "Instruction",
        "Backup and DR templates"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-10",
    "courseTitle": "CISO Governance, Compliance and Security Oversight",
    "authorOwner": "AU",
    "contactPerson": [
        "Zlatan Morić"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "4-12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2026-06-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Analyse and consolidate organisation’s quality and risk management practices",
        "Assess and enhance an organisation’s cybersecurity posture",
        "Define and apply maturity models for cybersecurity management",
        "Communicate, present and report to relevant stakeholders",
        "Collect, evaluate, maintain and protect auditing information"
    ],
    "ecsfRoles": [
        "Chief Information Security Officer (CISO)",
        "Cybersecurity Risk Manager",
        "Cybersecurity Auditor",
        "Cyber Legal, Policy & Compliance Officer"
    ],
    "targetAudience": [
        "Basic understanding of cybersecurity fundamentals (risk, controls, compliance, governance concepts)",
        "Familiarity with recognised security frameworks such as ISO 27001 or NIST CSF is recommended",
        "No advanced technical configuration or engineering expertise required"
    ],
    "prerequisitesEntryReq": [
        "Understanding of cybersecurity fundamentals",
        "Familiarity with ISO 27001 / NIST CSF recommended",
        "Basic knowledge of risk management"
    ],
    "learningObjectives": [
        "Explain the governance responsibilities of a Chief Information Security Officer within a structured organisational environment.",
        "Configure and apply recognised security frameworks (e.g. ISO 27001, NIST CSF) within the CISO Assistant platform.",
        "Assess organisational compliance maturity and identify governance gaps.",
        "Develop and manage a structured risk register including risk scoring and treatment planning.",
        "Organise and link audit evidence to compliance controls and framework requirements.",
        "Prepare governance reports and structured executive briefings that support risk-informed decision-making."
    ],
    "suggestedLearningObjLOS": [
        "7",
        "9",
        "14"
    ],
    "learningOutcomes": [
        "Identify governance obligations and regulatory requirements for a simulated organisation.",
        "Configure compliance frameworks and organisational structure within CISO Assistant.",
        "Evaluate compliance maturity, identify gaps, and propose remediation actions.",
        "Produce complete governance and compliance reports for executive review.",
        "Manage audit evidence and map technical/ organisational controls to compliance items.",
        "Present a structured CISO-level briefing that summarises compliance status, risks, and required decisions."
    ],
    "courseDesc": "This Cyber Range programme places participants in the role of a Chief Information Security Officer responsible for governance, compliance and organisational security oversight within a simulated enterprise environment.\nParticipants engage in a structured, self-paced learning experience that integrates academic LMS material with practical Cyber Range activities utilising the CISO Assistant platform. The simulation necessitates the setup of governance frameworks, the mapping of organisational controls, maturity evaluation, evidence management, and the preparation of audit-ready documentation.\nThe training focuses on the actual execution of governance and compliance oversight functions, encompassing risk identification, treatment planning, regulatory alignment, and systematic executive reporting. Participants translate framework requirements into structured control mappings and assess organisational security posture with established standards such as ISO 27001 and NIST CSF.\nThe session emphasises enhancing participants' capacity to manage governance processes, evaluate compliance maturity, and facilitate risk-informed executive decision-making within a formal compliance and audit framework, rather than focusing on technical attack simulation.",
    "detailedContentOutlineTopic": [
        "Exercise Introduction and Governance Structure Setup: [LMS] Overview of the fictional enterprise environment, regulatory exposure and business context, [LMS] Role and accountability of the CISO in governance and oversight, [CR] Creation of organisational structure within CISO Assistant, [CR] Definition of compliance scope and ISMS applicability",
        "Organisational Scoping and Framework Configuration: [LMS] Introduction to ISO 27001, NIST CSF and control structures, [CR] Importing and activating governance frameworks within CISO Assistant, [CR] Mapping business systems and domains to framework scope, [CR] Assigning control ownership and governance domains",
        "Control Mapping and Compliance Alignment: [LMS] Principles of control objectives and compliance alignment, [CR] Mapping organisational controls to selected framework requirements, [CR] Identifying applicable and non-applicable controls, [CR] Documenting control implementation status",
        "Compliance Maturity Assessment and Gap Identification: [LMS] Maturity assessment models and gap analysis methodology, [CR] Assigning maturity levels to selected controls, [CR] Generating compliance gap list, [CR] Prioritising remediation needs within platform",
        "Risk Register Configuration and Treatment Planning: [LMS] Risk identification and likelihood × impact scoring principles, [CR] Creating risk entries linked to compliance gaps, [CR] Applying scoring methodology within risk register, [CR] Defining treatment actions, owners and deadlines",
        "Audit Evidence Structuring and Documentation Management: [LMS] Types of audit evidence and documentation traceability principles, [CR] Uploading or linking evidence artefacts, [CR] Mapping evidence to controls, [CR] Verifying completeness of audit artefact mapping",
        "Governance Reporting and Executive Oversight Simulation: [LMS] Executive reporting principles and governance dashboards, [CR] Generating compliance summary reports, [CR] Extracting risk overview dashboard, [CR] Preparing executive-level governance summary within platform",
        "Post-Exercise Governance Evaluation: [CR] Automated validation of configuration completeness, [CR] Review of compliance maturity and risk coverage, [LMS] Reflection on governance improvement and oversight strategy"
    ],
    "reqPlatformsInfra": [
        "1 × Hosted instance of CISO Assistant (Linux VM with docker and CISO Assistant)",
        "Web-based access for trainees with role-based permissions"
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 60% (completion and verification of configurations)",
        "LMS quiz: 40%"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "LMS instructional modules",
        "CISO Assistant user guide",
        "Governance framework mapping templates",
        "Risk register and treatment plan templates",
        "Compliance checklist references",
        "Example audit documentation package",
        "Executive reporting template"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This Cyber Range module supports LOS 7 - Security Strategy & Governance, LOS 9 - Cybersecurity Risk Management and LOS 14 - Compliance & Regulatory Alignment.\nThe course is delivered through a structured combination of LMS-based theoretical instruction and a linear, task-based Cyber Range lab using the CISO Assistant platform. All practical activities are automatically evaluated based on configuration accuracy, framework mapping completeness, risk register integrity and reporting outputs.\nThe simulation focuses on governance oversight and compliance management rather than technical attack or incident response activities. Scenario parameters, selected frameworks and regulatory requirements can be adapted to reflect SME, enterprise, public or education sector environments.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-11",
    "courseTitle": "Incident Response",
    "authorOwner": "AU",
    "contactPerson": [
        "Zlatan Morić"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range",
        "LMS"
    ],
    "proficiencyLevel": "Advanced",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "12",
    "traineeGroupSize": "12-24",
    "courseAvailability": "2026-09-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Practice all technical, functional and operational aspects of cybersecurity incident handling and response",
        "Identify, analyse and correlate cybersecurity events",
        "Identify threat actors TTPs and campaigns",
        "Collect information while preserving its integrity",
        "Conduct technical analysis and reporting"
    ],
    "ecsfRoles": [
        "Cyber Incident Responder",
        "Digital Forensics Investigator",
        "Cyber Threat Intelligence Specialist"
    ],
    "targetAudience": [
        "SOC Analysts (Tier 1-3)",
        "Blue Team Analysts",
        "CSIRT / Incident Response team members",
        "Digital Forensics Investigators",
        "Threat Hunters",
        "Security Operations Engineers",
        "System administrators transitioning into incident response roles",
        "Security engineers responsible for detection and containment"
    ],
    "prerequisitesEntryReq": [
        "Solid understanding of cybersecurity fundamentals (threats, vulnerabilities, attack vectors, impact)",
        "Basic knowledge of the Incident Response lifecycle and SOC workflows",
        "Familiarity with Windows and Linux operating systems concepts",
        "Ability to read and interpret system, authentication and network logs",
        "Fundamental understanding of networking concepts (TCP/IP, ports, protocols)",
        "Basic awareness of MITRE ATT&CK framework principles",
        "No advanced malware reverse engineering skills required"
    ],
    "learningObjectives": [
        "Analyse security events and alerts within a controlled Cyber Range environment.",
        "Correlate multi-source log data to identify attacker activity and intrusion stages.",
        "Reconstruct attack timelines using structured forensic methodology.",
        "Map identified adversary techniques to the MITRE ATT&CK framework.",
        "Apply containment and eradication strategies based on operational impact assessment.",
        "Document investigation findings in a structured incident response format."
    ],
    "suggestedLearningObjLOS": [
        "1",
        "11",
        "12"
    ],
    "learningOutcomes": [
        "Identify indicators of compromise across endpoint, authentication and network logs.",
        "Correlate technical artefacts to determine attacker initial access, persistence and lateral movement.",
        "Reconstruct a multi-stage attack chain using evidence-based analysis.",
        "Map technical findings to structured ATT&CK tactics and techniques.",
        "Select and justify containment and eradication actions under time constraints.",
        "Produce a structured technical incident report summarising findings and recommended defensive improvements."
    ],
    "courseDesc": "This Cyber Range curriculum engages participants in a systematic, multi-phase incident response scenario emphasising discovery, investigation, containment, and recovery inside a realistic corporate setting. The exercise highlights operational blue-team skills, encompassing log analysis, endpoint artefact validation, network investigation, and systematic incident documenting in accordance with established response frameworks.\nParticipants operate in a controlled but realistic technical environment where they must analyse alerts, correlate indicators across multiple data sources, reconstruct attacker activity and make containment decisions under time pressure. The situation necessitates the methodical implementation of digital forensic principles, adherence to evidence handling protocols, and the alignment of adversarial behaviour with organised analytical frameworks like MITRE ATT&CK.\nThe module emphasises the practical implementation of technical investigation procedures in a replicable and quantifiable setting, rather than focusing on incident response theory. Automated validation methods evaluate analytical precision, investigative thoroughness, and response uniformity, ensuring that participants exhibit operational preparedness in alignment with Incident Responder and SOC analyst roles.",
    "detailedContentOutlineTopic": [
        "Incident Response Foundations and Operational Readiness: Incident Response lifecycle (Preparation → Detection → Containment → Eradication → Recovery → Lessons Learned), SOC, CSIRT and Incident Management coordination structures, Severity classification and escalation thresholds, Evidence handling principles and forensic soundness, [CR] Initial alert triage and log review in controlled environment, [CR] Identification of suspicious indicators across multiple log sources",
        "Detection Engineering and Log Correlation: Log source typology: endpoint, authentication, network, application, Correlation strategies and validation of alerts, Reducing false positives and prioritising high-confidence signals, Structured documentation of investigative steps, [CR] Multi-source log correlation exercise, [CR] Identification of initial access and persistence indicators, [CR] Creation of structured incident ticket",
        "Endpoint and Network Investigation: Windows and Linux forensic artefacts (processes, registry, persistence, logs), Network flow analysis and anomaly detection, Timeline reconstruction and artefact correlation, Containment decision criteria and risk trade-offs, [CR] Endpoint artefact extraction and validation, [CR] Network investigation of lateral movement patterns, [CR] Initial containment decision simulation",
        "Threat Actor Behaviour and MITRE Mapping: Adversary behaviour modelling and TTP analysis, MITRE ATT&CK as structured analytical framework, Mapping technical findings to attack phases, Structured reconstruction of attack chain, [CR] TTP identification based on collected artefacts, [CR] ATT&CK mapping validation exercise",
        "Incident Containment and Eradication Strategy: Containment strategies (isolation, segmentation, credential reset), Eradication planning and persistence removal, Balancing operational impact and security controls, Residual risk evaluation, [CR] Execution of containment actions in simulated environment, [CR] Verification of eradication completeness",
        "Multi-Phase Adversary Campaign Simulation (Advanced Scenario): Dynamic multi-stage attack detection, Investigation of lateral movement and privilege escalation, Identification of data staging and exfiltration indicators, High-pressure operational decision-making, Real-time coordination between detection and response roles",
        "Incident Reporting, Lessons Learned and Defensive Improvement: Structured incident reporting methodology, Attack timeline reconstruction and evidentiary validation, Mapping findings to detection improvement opportunities, Playbook refinement and detection engineering enhancement, Continuous monitoring optimisation strategies"
    ],
    "reqPlatformsInfra": [
        "1 × Windows 11 workstation (analyst)",
        "1 × Linux analysis workstation",
        "1 × Compromised Windows Server (Domain Controller or File Server)",
        "1 × Linux Server (web/app node with attacker artefacts)",
        "1 × SIEM instance (Elastic, Splunk, or equivalent)",
        "1 × IDS/Network visibility source (Suricata or Zeek)",
        "1 × MISP instance (Docker or VM-based)",
        "1 × OpenCTI instance (Docker cluster)",
        "1 × Sandbox malware analysis output (pre-generated reports, PCAPs, memory captures)",
        "1 × Windows endpoint logs (Sysmon, Security, PowerShell, Application, System)",
        "1 × Linux endpoint logs (auth.log, syslog, secure, auditd)",
        "1 × Network data (PCAP files + Suricata alerts + Zeek logs)"
    ],
    "langDeliveryMaterial": "• English (with optional local translation for trainers)",
    "assessmentMethod": [
        "Practical lab performance: 60% (completion and verification of configurations)",
        "LMS quiz: 40%"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "Cyber Range Labs",
        "Centralised log dataset (endpoint, authentication, network and application logs)",
        "MITRE ATT&CK mapping worksheet template",
        "Structured incident ticket and reporting template"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This training operationalises LOS 1 as primary focus and partially covers selected applied elements from LOS 11 and LOS 12 strictly at applied investigation level, not deep reverse engineering level. The exercise is entirely task-oriented and technically concentrated, featuring automated validation of investigative precision, consistency in MITRE ATT&CK mapping, confinement decisions, and the thoroughness of reporting. Scenario parameters (log volume, attacker sophistication, dwell period, and lateral movement complexity) can be dynamically modified to represent small and medium enterprises, large corporations, or critical infrastructure settings. The training is intended to connect effortlessly with Bootcamp-level simulations (e.g., MARE exercises) and can operate as an independent advanced CR module or as a component of a comprehensive Incident Responder career-track pathway.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-12",
    "courseTitle": "Secure Coding C/C++",
    "authorOwner": "AU",
    "contactPerson": [
        "Aleksander Radovan"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "LMS",
        "CR"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2026-08-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Review codes assess their security",
        "Develop code, scripts and programmes",
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Assess the security and performance of solutions",
        "Identify and solve cybersecurity-related issues",
        "Apply auditing tools and techniques",
        "Design systems and architectures based on security and privacy by design and by defaults cybersecurity principles",
        "Manage and analyse log files",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Implement cybersecurity recommendations and best practices"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Secure Coder / Secure Software Developer (proposed addition to ECSF framework)"
    ],
    "targetAudience": [
        "Software developers working in C/C++",
        "Application security engineers involved in secure SDLC implementation",
        "DevOps and DevSecOps engineers responsible for integrating security controls into CI/CD pipelines",
        "Technical leads and software architects seeking to strengthen secure-by-design development practices",
        "Quality assurance and code review professionals involved in secure code validation"
    ],
    "prerequisitesEntryReq": [
        "Practical programming experience in at least one of the supported languages (C/C++).",
        "Working knowledge of software development lifecycle (SDLC) processes and version control systems.",
        "Understanding of fundamental programming concepts, including memory management, input validation, authentication mechanisms and error handling.",
        "Familiarity with common software architectures (e.g., client-server, web-based applications, APIs).",
        "Basic awareness of common application security vulnerabilities (e.g., OWASP Top 10).",
        "Ability to read and interpret source code independently."
    ],
    "learningObjectives": [
        "Explain secure-by-design and secure-by-default principles within modern software development environments.",
        "Analyse common software vulnerability classes and their root causes across different programming paradigms.",
        "Apply structured secure coding methodologies aligned with OWASP and industry best practices.",
        "Perform systematic secure code reviews using vulnerability identification techniques.",
        "Integrate security controls into the software development lifecycle (SDLC).",
        "Select and justify appropriate mitigation strategies for identified application security weaknesses.",
        "Apply language-agnostic defensive programming patterns prior to specialization in a selected CR module."
    ],
    "suggestedLearningObjLOS": [
        "16",
        "21",
        "22"
    ],
    "learningOutcomes": [
        "Identify and classify software vulnerabilities (e.g., injection, memory corruption, authentication flaws, insecure deserialization).",
        "Decompose application components to detect weak input validation, insecure data handling and ineffective access controls.",
        "Conduct structured secure code analysis and document security findings.",
        "Propose and implement secure coding improvements consistent with recognized best practices.",
        "Evaluate the effectiveness of remediation strategies against defined threat models.",
        "Integrate secure development principles into practical coding exercises within the selected CR specialization (C/C++)."
    ],
    "courseDesc": "This course offers instructor-led instruction centered on secure coding principles and defensive programming techniques. Participants acquire skills in designing and authoring secure code, mitigating prevalent vulnerability categories, and methodically detecting deficiencies during code review.\nThe course focuses on secure-by-design principles, root-cause analysis of software vulnerabilities, and practical mitigation solutions in accordance with established industry standards like OWASP. Participants develop the capability to identify insecure patterns, strengthen input validation, enforce appropriate authentication and authorisation controls, and implement robust error handling mechanisms. The course encompasses fundamental secure coding principles and presents supplementary ideas pertaining to secure component integration and DevSecOps workflows. These parts offer contextual insight into dependency risks, fundamental SBOM ideas, and the incorporation of security checks inside development pipelines, while prioritising secure software development at the code level. Upon completion, participants can implement secure coding techniques across various programming platforms and incorporate security considerations into routine development processes.",
    "detailedContentOutlineTopic": [
        "Secure-by-Design Foundations and OWASP Risk Framework: Secure-by-design and secure-by-default principles, Introduction to OWASP Top 10 as a secure coding workflow model, Mapping vulnerability classes to root causes, Threat modelling fundamentals aligned with OWASP categories, Developer responsibility within secure SDLC",
        "OWASP Top 10 - Vulnerability Classes and Secure Coding Patterns: Injection flaws and secure input validation, Broken authentication and secure identity controls, Access control weaknesses and authorization enforcement, Cryptographic failures and secure data protection, Insecure design and architectural anti-patterns, Security misconfiguration and defensive configuration practices, Vulnerable and outdated components (dependency risks), Identification and authentication failures, Software and data integrity failures, Logging and monitoring considerations at development level, Each category includes:, Root cause analysis, Insecure code example, Secure coding remediation pattern, Prevention guidelines",
        "Secure Code Review Methodology (OWASP-aligned): Systematic review based on OWASP risk categories, Manual secure code inspection techniques, Introduction to static analysis (SAST) tools, Root-cause remediation and refactoring strategies, Documenting findings and communicating risk",
        "Secure Component Integration & SBOM (Supporting - LOS 21): OWASP perspective on vulnerable and outdated components, Third-party library risk assessment, Introduction to SBOM concepts (SPDX, CycloneDX), Software Composition Analysis (SCA) fundamentals, Dependency update and patch governance",
        "DevSecOps and Secure Deployment Practices (Supporting - LOS 22): Integrating OWASP-based controls into SDLC, Embedding SAST and SCA into CI/CD pipelines, Secure pipeline validation gates, Continuous security testing workflow, Developer feedback loops and remediation tracking",
        "Applied Secure Coding Workshop (OWASP-driven): Vulnerability identification in sample code aligned with OWASP categories, Refactoring insecure patterns into secure implementations, Applying structured mitigation workflows, Group-based review and remediation validation"
    ],
    "reqPlatformsInfra": [
        "LMS",
        "CR environment with programming languages",
        "static/dynamic analysis tools (e.g. SonarQube",
        "Valgrind)."
    ],
    "langDeliveryMaterial": "• English (with option for local translation)",
    "assessmentMethod": [
        "Cyber Range (70%)",
        "Final quiz (30%)"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "Instructor-led presentation materials covering secure-by-design principles and OWASP Top 10 vulnerability classes",
        "OWASP Top 10 structured mapping worksheets (vulnerability → root cause → mitigation → validation)",
        "Secure coding reference guides for defensive programming patterns in programming language C/C++",
        "Sample vulnerable code repositories aligned with OWASP categories",
        "Secure code review checklists and remediation tracking templates",
        "SBOM reference documentation (SPDX, CycloneDX examples)",
        "CI/CD security integration examples (pipeline configuration samples with security gates)",
        "Cyber Range environments for CR-12 to CR-16 language-specific specialization modules",
        "Knowledge assessment question bank (OWASP-based case scenarios)"
    ],
    "ectsCredsEquivalent": "5",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This course comprises a modular secure development program that follows the bootcamp Secure coding course (BTMCP-02). The instructor-led core emphasises secure coding practices in accordance with the OWASP Top 10 (LOS 16 - Secure Coding & Design). It creates a systematic procedure for identifying and remediating vulnerabilities that is adaptable across many programming languages and development environments. Supporting elements pertain to secure component integration and software supply chain considerations (LOS 21), along with the incorporation of security controls into development pipelines and DevSecOps processes (LOS 22). These aspects offer contextual support for secure coding methods but do not supplant the primary emphasis on code-level security. The Cyber Range specialisation allows learners to implement safe coding practices inside designated C/C++ programming language environment. Practical examination is automated by established validation checkpoints, test suites, and security verification scripts. The course excludes offensive penetration testing, red team simulations, malware analysis, and organisational audit frameworks. The focus is exclusively on defensive software development and vulnerability mitigation at the code level.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-13",
    "courseTitle": "Secure Coding .Net/C#",
    "authorOwner": "AU",
    "contactPerson": [
        "Aleksander Radovan"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "LMS",
        "CR"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2026-08-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Review codes assess their security",
        "Develop code, scripts and programmes",
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Assess the security and performance of solutions",
        "Identify and solve cybersecurity-related issues",
        "Apply auditing tools and techniques",
        "Design systems and architectures based on security and privacy by design and by defaults cybersecurity principles",
        "Manage and analyse log files",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Implement cybersecurity recommendations and best practices"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Secure Coder / Secure Software Developer (proposed addition to ECSF framework)"
    ],
    "targetAudience": [
        "Software developers working in .NET/C#",
        "Application security engineers involved in secure SDLC implementation",
        "DevOps and DevSecOps engineers responsible for integrating security controls into CI/CD pipelines",
        "Technical leads and software architects seeking to strengthen secure-by-design development practices",
        "Quality assurance and code review professionals involved in secure code validation"
    ],
    "prerequisitesEntryReq": [
        "Practical programming experience in at least one of the supported languages (.NET/C#).",
        "Working knowledge of software development lifecycle (SDLC) processes and version control systems.",
        "Understanding of fundamental programming concepts, including memory management, input validation, authentication mechanisms and error handling.",
        "Familiarity with common software architectures (e.g., client-server, web-based applications, APIs).",
        "Basic awareness of common application security vulnerabilities (e.g., OWASP Top 10).",
        "Ability to read and interpret source code independently."
    ],
    "learningObjectives": [
        "Explain secure-by-design and secure-by-default principles within modern software development environments.",
        "Analyse common software vulnerability classes and their root causes across different programming paradigms.",
        "Apply structured secure coding methodologies aligned with OWASP and industry best practices.",
        "Perform systematic secure code reviews using vulnerability identification techniques.",
        "Integrate security controls into the software development lifecycle (SDLC).",
        "Select and justify appropriate mitigation strategies for identified application security weaknesses.",
        "Apply language-agnostic defensive programming patterns prior to specialization in a selected CR module."
    ],
    "suggestedLearningObjLOS": [
        "16",
        "21",
        "22"
    ],
    "learningOutcomes": [
        "Identify and classify software vulnerabilities (e.g., injection, memory corruption, authentication flaws, insecure deserialization).",
        "Decompose application components to detect weak input validation, insecure data handling and ineffective access controls.",
        "Conduct structured secure code analysis and document security findings.",
        "Propose and implement secure coding improvements consistent with recognised best practices.",
        "Evaluate the effectiveness of remediation strategies against defined threat models.",
        "Integrate secure development principles into practical coding exercises within the selected CR specialization (.NET/C#)."
    ],
    "courseDesc": "This course offers instructor-led instruction centred on secure coding principles and defensive programming techniques. Participants acquire skills in designing and authoring secure code, mitigating prevalent vulnerability categories, and methodically detecting deficiencies during code review.\nThe course focuses on secure-by-design principles, root-cause analysis of software vulnerabilities, and practical mitigation solutions in accordance with established industry standards like OWASP. Participants develop the capability to identify insecure patterns, strengthen input validation, enforce appropriate authentication and authorisation controls, and implement robust error handling mechanisms. The course encompasses fundamental secure coding principles and presents supplementary ideas pertaining to secure component integration and DevSecOps workflows. These parts offer contextual insight into dependency risks, fundamental SBOM ideas, and the incorporation of security checks inside development pipelines, while prioritising secure software development at the code level. Upon completion, participants can implement secure coding techniques across various programming platforms and incorporate security considerations into routine development processes.",
    "detailedContentOutlineTopic": [
        "Secure-by-Design Foundations and OWASP Risk Framework: Secure-by-design and secure-by-default principles, Introduction to OWASP Top 10 as a secure coding workflow model, Mapping vulnerability classes to root causes, Threat modelling fundamentals aligned with OWASP categories, Developer responsibility within secure SDLC",
        "OWASP Top 10 - Vulnerability Classes and Secure Coding Patterns: Injection flaws and secure input validation, Broken authentication and secure identity controls, Access control weaknesses and authorization enforcement, Cryptographic failures and secure data protection, Insecure design and architectural anti-patterns, Security misconfiguration and defensive configuration practices, Vulnerable and outdated components (dependency risks), Identification and authentication failures, Software and data integrity failures, Logging and monitoring considerations at development level, Each category includes:, Root cause analysis, Insecure code example, Secure coding remediation pattern, Prevention guidelines",
        "Secure Code Review Methodology (OWASP-aligned): Systematic review based on OWASP risk categories, Manual secure code inspection techniques, Introduction to static analysis (SAST) tools, Root-cause remediation and refactoring strategies, Documenting findings and communicating risk",
        "Secure Component Integration & SBOM (Supporting - LOS 21): OWASP perspective on vulnerable and outdated components, Third-party library risk assessment, Introduction to SBOM concepts (SPDX, CycloneDX), Software Composition Analysis (SCA) fundamentals, Dependency update and patch governance",
        "DevSecOps and Secure Deployment Practices (Supporting - LOS 22): Integrating OWASP-based controls into SDLC, Embedding SAST and SCA into CI/CD pipelines, Secure pipeline validation gates, Continuous security testing workflow, Developer feedback loops and remediation tracking",
        "Applied Secure Coding Workshop (OWASP-driven): Vulnerability identification in sample code aligned with OWASP categories, Refactoring insecure patterns into secure implementations, Applying structured mitigation workflows, Group-based review and remediation validation"
    ],
    "reqPlatformsInfra": [
        "LMS",
        "CR environment with programming languages",
        "static/dynamic analysis tools (e.g. SonarQube",
        "OWASP ZAP)"
    ],
    "langDeliveryMaterial": "• English (with option for local translation)",
    "assessmentMethod": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "certOffered": [
        "Certificate of Completion (minimum average score ≥ 70%)"
    ],
    "supportingMaterial": [
        "Instructor-led presentation materials covering secure-by-design principles and OWASP Top 10 vulnerability classes",
        "OWASP Top 10 structured mapping worksheets (vulnerability → root cause → mitigation → validation)",
        "Secure coding reference guides for defensive programming patterns in programming language .NET/C#",
        "Sample vulnerable code repositories aligned with OWASP categories",
        "Secure code review checklists and remediation tracking templates",
        "SBOM reference documentation (SPDX, CycloneDX examples)",
        "CI/CD security integration examples (pipeline configuration samples with security gates)",
        "Cyber Range environments for CR-12 to CR-16 language-specific specialization modules",
        "Knowledge assessment question bank (OWASP-based case scenarios)"
    ],
    "ectsCredsEquivalent": "5",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This course comprises a modular secure development program that follows the bootcamp Secure coding course (BTMCP-02). The instructor-led core emphasises secure coding practices in accordance with the OWASP Top 10 (LOS 16 - Secure Coding & Design). It creates a systematic procedure for identifying and remediating vulnerabilities that is adaptable across many programming languages and development environments. Supporting elements pertain to secure component integration and software supply chain considerations (LOS 21), along with the incorporation of security controls into development pipelines and DevSecOps processes (LOS 22). These aspects offer contextual support for secure coding methods but do not supplant the primary emphasis on code-level security. The Cyber Range specialisation allows learners to implement safe coding practices inside designated .NET/C# programming language environment. Practical examination is automated by established validation checkpoints, test suites, and security verification scripts. The course excludes offensive penetration testing, red team simulations, malware analysis, and organisational audit frameworks. The focus is exclusively on defensive software development and vulnerability mitigation at the code level.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-14",
    "courseTitle": "Secure Coding Java",
    "authorOwner": "AU",
    "contactPerson": [
        "Aleksander Radovan"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "LMS",
        "CR"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2026-08-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Review codes assess their security",
        "Develop code, scripts and programmes",
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Assess the security and performance of solutions",
        "Identify and solve cybersecurity-related issues",
        "Apply auditing tools and techniques",
        "Design systems and architectures based on security and privacy by design and by defaults cybersecurity principles",
        "Manage and analyse log files",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Implement cybersecurity recommendations and best practices"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Secure Coder / Secure Software Developer (proposed addition to ECSF framework)"
    ],
    "targetAudience": [
        "Software developers working in Java",
        "Application security engineers involved in secure SDLC implementation",
        "DevOps and DevSecOps engineers responsible for integrating security controls into CI/CD pipelines",
        "Technical leads and software architects seeking to strengthen secure-by-design development practices",
        "Quality assurance and code review professionals involved in secure code validation"
    ],
    "prerequisitesEntryReq": [
        "Practical programming experience in at least one of the supported languages (Java).",
        "Working knowledge of software development lifecycle (SDLC) processes and version control systems.",
        "Understanding of fundamental programming concepts, including memory management, input validation, authentication mechanisms and error handling.",
        "Familiarity with common software architectures (e.g., client-server, web-based applications, APIs).",
        "Basic awareness of common application security vulnerabilities (e.g., OWASP Top 10).",
        "Ability to read and interpret source code independently."
    ],
    "learningObjectives": [
        "Explain secure-by-design and secure-by-default principles within modern software development environments.",
        "Analyse common software vulnerability classes and their root causes across different programming paradigms.",
        "Apply structured secure coding methodologies aligned with OWASP and industry best practices.",
        "Perform systematic secure code reviews using vulnerability identification techniques.",
        "Integrate security controls into the software development lifecycle (SDLC).",
        "Select and justify appropriate mitigation strategies for identified application security weaknesses.",
        "Apply language-agnostic defensive programming patterns prior to specialization in a selected CR module."
    ],
    "suggestedLearningObjLOS": [
        "16",
        "21",
        "22"
    ],
    "learningOutcomes": [
        "Identify and classify software vulnerabilities (e.g., injection, memory corruption, authentication flaws, insecure deserialization).",
        "Decompose application components to detect weak input validation, insecure data handling and ineffective access controls.",
        "Conduct structured secure code analysis and document security findings.",
        "Propose and implement secure coding improvements consistent with recognised best practices.",
        "Evaluate the effectiveness of remediation strategies against defined threat models.",
        "Integrate secure development principles into practical coding exercises within the selected CR specialization (Java)."
    ],
    "courseDesc": "This course offers instructor-led instruction centred on secure coding principles and defensive programming techniques. Participants acquire skills in designing and authoring secure code, mitigating prevalent vulnerability categories, and methodically detecting deficiencies during code review.\nThe course focuses on secure-by-design principles, root-cause analysis of software vulnerabilities, and practical mitigation solutions in accordance with established industry standards like OWASP. Participants develop the capability to identify insecure patterns, strengthen input validation, enforce appropriate authentication and authorisation controls, and implement robust error handling mechanisms. The course encompasses fundamental secure coding principles and presents supplementary ideas pertaining to secure component integration and DevSecOps workflows. These parts offer contextual insight into dependency risks, fundamental SBOM ideas, and the incorporation of security checks inside development pipelines, while prioritising secure software development at the code level. Upon completion, participants can implement secure coding techniques across various programming platforms and incorporate security considerations into routine development processes.",
    "detailedContentOutlineTopic": [
        "Secure-by-Design Foundations and OWASP Risk Framework: Secure-by-design and secure-by-default principles, Introduction to OWASP Top 10 as a secure coding workflow model, Mapping vulnerability classes to root causes, Threat modelling fundamentals aligned with OWASP categories, Developer responsibility within secure SDLC",
        "OWASP Top 10 - Vulnerability Classes and Secure Coding Patterns: Injection flaws and secure input validation, Broken authentication and secure identity controls, Access control weaknesses and authorization enforcement, Cryptographic failures and secure data protection, Insecure design and architectural anti-patterns, Security misconfiguration and defensive configuration practices, Vulnerable and outdated components (dependency risks), Identification and authentication failures, Software and data integrity failures, Logging and monitoring considerations at development level, Each category includes:, Root cause analysis, Insecure code example, Secure coding remediation pattern, Prevention guidelines",
        "Secure Code Review Methodology (OWASP-aligned): Systematic review based on OWASP risk categories, Manual secure code inspection techniques, Introduction to static analysis (SAST) tools, Root-cause remediation and refactoring strategies, Documenting findings and communicating risk",
        "Secure Component Integration & SBOM (Supporting - LOS 21): OWASP perspective on vulnerable and outdated components, Third-party library risk assessment, Introduction to SBOM concepts (SPDX, CycloneDX), Software Composition Analysis (SCA) fundamentals, Dependency update and patch governance",
        "DevSecOps and Secure Deployment Practices (Supporting - LOS 22): Integrating OWASP-based controls into SDLC, Embedding SAST and SCA into CI/CD pipelines, Secure pipeline validation gates, Continuous security testing workflow, Developer feedback loops and remediation tracking",
        "Applied Secure Coding Workshop (OWASP-driven): Vulnerability identification in sample code aligned with OWASP categories, Refactoring insecure patterns into secure implementations, Applying structured mitigation workflows, Group-based review and remediation validation"
    ],
    "reqPlatformsInfra": [
        "LMS",
        "CR environment with programming languages",
        "static/dynamic analysis tools (e.g. SonarQube",
        "OWASP ZAP)"
    ],
    "langDeliveryMaterial": "• English (with option for local translation)",
    "assessmentMethod": [
        "Cyber Range (70%)",
        "Final quiz (30%)"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "Instructor-led presentation materials covering secure-by-design principles and OWASP Top 10 vulnerability classes",
        "OWASP Top 10 structured mapping worksheets (vulnerability → root cause → mitigation → validation)",
        "Secure coding reference guides for defensive programming patterns in programming language Java",
        "Sample vulnerable code repositories aligned with OWASP categories",
        "Secure code review checklists and remediation tracking templates",
        "SBOM reference documentation (SPDX, CycloneDX examples)",
        "CI/CD security integration examples (pipeline configuration samples with security gates)",
        "Cyber Range environments for CR-12 to CR-16 language-specific specialization modules",
        "Knowledge assessment question bank (OWASP-based case scenarios)"
    ],
    "ectsCredsEquivalent": "5",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This course comprises a modular secure development program that follows the bootcamp Secure coding course (BTMCP-02). The instructor-led core emphasises secure coding practices in accordance with the OWASP Top 10 (LOS 16 - Secure Coding & Design). It creates a systematic procedure for identifying and remediating vulnerabilities that is adaptable across many programming languages and development environments. Supporting elements pertain to secure component integration and software supply chain considerations (LOS 21), along with the incorporation of security controls into development pipelines and DevSecOps processes (LOS 22). These aspects offer contextual support for secure coding methods but do not supplant the primary emphasis on code-level security. The Cyber Range specialisation allows learners to implement safe coding practices inside designated Java programming language environment. Practical examination is automated by established validation checkpoints, test suites, and security verification scripts. The course excludes offensive penetration testing, red team simulations, malware analysis, and organisational audit frameworks. The focus is exclusively on defensive software development and vulnerability mitigation at the code level.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-15",
    "courseTitle": "Secure Coding Python",
    "authorOwner": "AU",
    "contactPerson": [
        "Aleksander Radovan"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "LMS",
        "CR"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2026-08-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Review codes assess their security",
        "Develop code, scripts and programmes",
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Assess the security and performance of solutions",
        "Identify and solve cybersecurity-related issues",
        "Apply auditing tools and techniques",
        "Design systems and architectures based on security and privacy by design and by defaults cybersecurity principles",
        "Manage and analyse log files",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Implement cybersecurity recommendations and best practices"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Secure Coder / Secure Software Developer (proposed addition to ECSF framework)"
    ],
    "targetAudience": [
        "Software developers working in Python",
        "Application security engineers involved in secure SDLC implementation",
        "DevOps and DevSecOps engineers responsible for integrating security controls into CI/CD pipelines",
        "Technical leads and software architects seeking to strengthen secure-by-design development practices",
        "Quality assurance and code review professionals involved in secure code validation"
    ],
    "prerequisitesEntryReq": [
        "Practical programming experience in at least one of the supported languages (Python).",
        "Working knowledge of software development lifecycle (SDLC) processes and version control systems.",
        "Understanding of fundamental programming concepts, including memory management, input validation, authentication mechanisms and error handling.",
        "Familiarity with common software architectures (e.g., client-server, web-based applications, APIs).",
        "Basic awareness of common application security vulnerabilities (e.g., OWASP Top 10).",
        "Ability to read and interpret source code independently."
    ],
    "learningObjectives": [
        "Explain secure-by-design and secure-by-default principles within modern software development environments.",
        "Analyse common software vulnerability classes and their root causes across different programming paradigms.",
        "Apply structured secure coding methodologies aligned with OWASP and industry best practices.",
        "Perform systematic secure code reviews using vulnerability identification techniques.",
        "Integrate security controls into the software development lifecycle (SDLC).",
        "Select and justify appropriate mitigation strategies for identified application security weaknesses.",
        "Apply language-agnostic defensive programming patterns prior to specialization in a selected CR module."
    ],
    "suggestedLearningObjLOS": [
        "16",
        "21",
        "22"
    ],
    "learningOutcomes": [
        "Identify and classify software vulnerabilities (e.g., injection, memory corruption, authentication flaws, insecure deserialization).",
        "Decompose application components to detect weak input validation, insecure data handling and ineffective access controls.",
        "Conduct structured secure code analysis and document security findings.",
        "Propose and implement secure coding improvements consistent with recognised best practices.",
        "Evaluate the effectiveness of remediation strategies against defined threat models.",
        "Integrate secure development principles into practical coding exercises within the selected CR specialization (Python)."
    ],
    "courseDesc": "This course offers instructor-led instruction centred on secure coding principles and defensive programming techniques. Participants acquire skills in designing and authoring secure code, mitigating prevalent vulnerability categories, and methodically detecting deficiencies during code review.\nThe course focuses on secure-by-design principles, root-cause analysis of software vulnerabilities, and practical mitigation solutions in accordance with established industry standards like OWASP. Participants develop the capability to identify insecure patterns, strengthen input validation, enforce appropriate authentication and authorisation controls, and implement robust error handling mechanisms. The course encompasses fundamental secure coding principles and presents supplementary ideas pertaining to secure component integration and DevSecOps workflows. These parts offer contextual insight into dependency risks, fundamental SBOM ideas, and the incorporation of security checks inside development pipelines, while prioritising secure software development at the code level. Upon completion, participants can implement secure coding techniques across various programming platforms and incorporate security considerations into routine development processes.",
    "detailedContentOutlineTopic": [
        "Secure-by-Design Foundations and OWASP Risk Framework: Secure-by-design and secure-by-default principles, Introduction to OWASP Top 10 as a secure coding workflow model, Mapping vulnerability classes to root causes, Threat modelling fundamentals aligned with OWASP categories, Developer responsibility within secure SDLC",
        "OWASP Top 10 - Vulnerability Classes and Secure Coding Patterns: Injection flaws and secure input validation, Broken authentication and secure identity controls, Access control weaknesses and authorization enforcement, Cryptographic failures and secure data protection, Insecure design and architectural anti-patterns, Security misconfiguration and defensive configuration practices, Vulnerable and outdated components (dependency risks), Identification and authentication failures, Software and data integrity failures, Logging and monitoring considerations at development level, Each category includes:, Root cause analysis, Insecure code example, Secure coding remediation pattern, Prevention guidelines",
        "Secure Code Review Methodology (OWASP-aligned): Systematic review based on OWASP risk categories, Manual secure code inspection techniques, Introduction to static analysis (SAST) tools, Root-cause remediation and refactoring strategies, Documenting findings and communicating risk",
        "Secure Component Integration & SBOM (Supporting - LOS 21): OWASP perspective on vulnerable and outdated components, Third-party library risk assessment, Introduction to SBOM concepts (SPDX, CycloneDX), Software Composition Analysis (SCA) fundamentals, Dependency update and patch governance",
        "DevSecOps and Secure Deployment Practices (Supporting - LOS 22): Integrating OWASP-based controls into SDLC, Embedding SAST and SCA into CI/CD pipelines, Secure pipeline validation gates, Continuous security testing workflow, Developer feedback loops and remediation tracking",
        "Applied Secure Coding Workshop (OWASP-driven): Vulnerability identification in sample code aligned with OWASP categories, Refactoring insecure patterns into secure implementations, Applying structured mitigation workflows, Group-based review and remediation validation"
    ],
    "reqPlatformsInfra": [
        "LMS",
        "CR environment with programming languages",
        "static/dynamic analysis tools (e.g. SonarQube",
        "OWASP ZAP)"
    ],
    "langDeliveryMaterial": "• English (with option for local translation)",
    "assessmentMethod": [
        "Cyber Range (70%)",
        "Final quiz (30%)"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "Instructor-led presentation materials covering secure-by-design principles and OWASP Top 10 vulnerability classes",
        "OWASP Top 10 structured mapping worksheets (vulnerability → root cause → mitigation → validation)",
        "Secure coding reference guides for defensive programming patterns in programming language Python",
        "Sample vulnerable code repositories aligned with OWASP categories",
        "Secure code review checklists and remediation tracking templates",
        "SBOM reference documentation (SPDX, CycloneDX examples)",
        "CI/CD security integration examples (pipeline configuration samples with security gates)",
        "Cyber Range environments for CR-12 to CR-16 language-specific specialization modules",
        "Knowledge assessment question bank (OWASP-based case scenarios)"
    ],
    "ectsCredsEquivalent": "5",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This course comprises a modular secure development program that follows the bootcamp Secure coding course (BTMCP-02). The instructor-led core emphasises secure coding practices in accordance with the OWASP Top 10 (LOS 16 - Secure Coding & Design). It creates a systematic procedure for identifying and remediating vulnerabilities that is adaptable across many programming languages and development environments. Supporting elements pertain to secure component integration and software supply chain considerations (LOS 21), along with the incorporation of security controls into development pipelines and DevSecOps processes (LOS 22). These aspects offer contextual support for secure coding methods but do not supplant the primary emphasis on code-level security. The Cyber Range specialisation allows learners to implement safe coding practices inside designated Python programming language environment. Practical examination is automated by established validation checkpoints, test suites, and security verification scripts. The course excludes offensive penetration testing, red team simulations, malware analysis, and organisational audit frameworks. The focus is exclusively on defensive software development and vulnerability mitigation at the code level.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-16",
    "courseTitle": "Secure Coding Mobile",
    "authorOwner": "AU",
    "contactPerson": [
        "Aleksander Radovan"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "LMS",
        "CR"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online selfpaced",
    "durationIntensity": "12 hours",
    "expectedWeeklyTimeCommitment": "12",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2026-08-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Review codes assess their security",
        "Develop code, scripts and programmes",
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Assess the security and performance of solutions",
        "Identify and solve cybersecurity-related issues",
        "Apply auditing tools and techniques",
        "Design systems and architectures based on security and privacy by design and by defaults cybersecurity principles",
        "Manage and analyse log files",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Implement cybersecurity recommendations and best practices"
    ],
    "ecsfRoles": [
        "Cybersecurity Implementer",
        "Secure Coder / Secure Software Developer (proposed addition to ECSF framework)"
    ],
    "targetAudience": [
        "Software developers working in Java",
        "Application security engineers involved in secure SDLC implementation",
        "DevOps and DevSecOps engineers responsible for integrating security controls into CI/CD pipelines",
        "Technical leads and software architects seeking to strengthen secure-by-design development practices",
        "Quality assurance and code review professionals involved in secure code validation"
    ],
    "prerequisitesEntryReq": [
        "Practical programming experience in at least one of the supported languages for mobile platforms.",
        "Working knowledge of software development lifecycle (SDLC) processes and version control systems.",
        "Understanding of fundamental programming concepts, including memory management, input validation, authentication mechanisms and error handling.",
        "Familiarity with common software architectures (e.g., client-server, web-based applications, APIs).",
        "Basic awareness of common application security vulnerabilities (e.g., OWASP Mobile Top 10).",
        "Ability to read and interpret source code independently."
    ],
    "learningObjectives": [
        "Explain secure-by-design and secure-by-default principles within modern software development environments.",
        "Analyse common software vulnerability classes and their root causes across different programming paradigms.",
        "Apply structured secure coding methodologies aligned with OWASP and industry best practices.",
        "Perform systematic secure code reviews using vulnerability identification techniques.",
        "Integrate security controls into the software development lifecycle (SDLC).",
        "Select and justify appropriate mitigation strategies for identified application security weaknesses.",
        "Apply language-agnostic defensive programming patterns prior to specialization in a selected CR module."
    ],
    "suggestedLearningObjLOS": [
        "16",
        "21",
        "22"
    ],
    "learningOutcomes": [
        "Identify and classify software vulnerabilities (e.g., injection, memory corruption, authentication flaws, insecure deserialization).",
        "Decompose application components to detect weak input validation, insecure data handling and ineffective access controls.",
        "Conduct structured secure code analysis and document security findings.",
        "Propose and implement secure coding improvements consistent with recognised best practices.",
        "Evaluate the effectiveness of remediation strategies against defined threat models.",
        "Integrate secure development principles into practical coding exercises within the selected CR specialization for mobile technologies."
    ],
    "courseDesc": "This course offers instructor-led instruction centered on secure coding principles and defensive programming techniques. Participants acquire skills in designing and authoring secure code, mitigating prevalent vulnerability categories, and methodically detecting deficiencies during code review.\nThe course focuses on secure-by-design principles, root-cause analysis of software vulnerabilities, and practical mitigation solutions in accordance with established industry standards like OWASP. Participants develop the capability to identify insecure patterns, strengthen input validation, enforce appropriate authentication and authorisation controls, and implement robust error handling mechanisms. The course encompasses fundamental secure coding principles and presents supplementary ideas pertaining to secure component integration and DevSecOps workflows. These parts offer contextual insight into dependency risks, fundamental SBOM ideas, and the incorporation of security checks inside development pipelines, while prioritizing secure software development at the code level. Upon completion, participants can implement secure coding techniques across various programming platforms and incorporate security considerations into routine development processes.",
    "detailedContentOutlineTopic": [
        "Secure-by-Design Foundations and OWASP Risk Framework: Secure-by-design and secure-by-default principles, Introduction to OWASP Mobile Top 10 as a secure coding workflow model, Mapping vulnerability classes to root causes, Threat modelling fundamentals aligned with OWASP categories, Developer responsibility within secure SDLC",
        "OWASP Mobile Top 10 - Vulnerability Classes and Secure Coding Patterns: Improper Platform Usage, Insecure Data Storage, Insecure Communication, Insecure Authentication, Insufficient Cryptography, Insecure Authorization, Client Code Quality, Code Tampering, Reverse Engineering, Extraneous Functionality, Each category includes:, Root cause analysis, Insecure code example, Secure coding remediation pattern, Prevention guidelines",
        "Secure Code Review Methodology (OWASP-aligned): Systematic review based on OWASP risk categories, Manual secure code inspection techniques, Introduction to static analysis (SAST) tools, Root-cause remediation and refactoring strategies, Documenting findings and communicating risk",
        "Secure Component Integration & SBOM (Supporting - LOS 21): OWASP perspective on vulnerable and outdated components, Third-party library risk assessment, Introduction to SBOM concepts (SPDX, CycloneDX), Software Composition Analysis (SCA) fundamentals, Dependency update and patch governance",
        "DevSecOps and Secure Deployment Practices (Supporting - LOS 22): Integrating OWASP-based controls into SDLC, Embedding SAST and SCA into CI/CD pipelines, Secure pipeline validation gates, Continuous security testing workflow, Developer feedback loops and remediation tracking",
        "Applied Secure Coding Workshop (OWASP-driven): Vulnerability identification in sample code aligned with OWASP categories, Refactoring insecure patterns into secure implementations, Applying structured mitigation workflows, Group-based review and remediation validation"
    ],
    "reqPlatformsInfra": [
        "LMS",
        "CR environment with programming languages",
        "static/dynamic analysis tools (e.g. SonarQube",
        "OWASP ZAP)"
    ],
    "langDeliveryMaterial": "• English (with option for local translation)",
    "assessmentMethod": [
        "Cyber Range (70%)",
        "Final quiz (30%)"
    ],
    "certOffered": [
        "certificate of course attendance (participation in ≥ 90% of total workload);",
        "certificate of successful course completion (50% ≤ GPA ≤ 64.9%);",
        "certificate of successful course completion with very good performance (65% ≤ GPA ≤ 84.9%);",
        "certificate of successful course completion with excellent performance (85% ≤ GPA ≤ 100%)"
    ],
    "supportingMaterial": [
        "Instructor-led presentation materials covering secure-by-design principles and OWASP Mobile Top 10 vulnerability classes",
        "OWASP Mobile Top 10 structured mapping worksheets (vulnerability → root cause → mitigation → validation)",
        "Secure coding reference guides for defensive programming patterns in programming language Java",
        "Sample vulnerable code repositories aligned with OWASP categories",
        "Secure code review checklists and remediation tracking templates",
        "SBOM reference documentation (SPDX, CycloneDX examples)",
        "CI/CD security integration examples (pipeline configuration samples with security gates)",
        "Cyber Range environments for CR-12 to CR-16 language-specific specialization modules",
        "Knowledge assessment question bank (OWASP-based case scenarios)"
    ],
    "ectsCredsEquivalent": "5",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This course comprises a modular secure development program that follows the bootcamp Secure coding course (BTMCP-02). The instructor-led core emphasises secure coding practices in accordance with the OWASP Mobile Top 10 (LOS 16 - Secure Coding & Design). It creates a systematic procedure for identifying and remediating vulnerabilities that is adaptable across many programming languages and development environments. Supporting elements pertain to secure component integration and software supply chain considerations (LOS 21), along with the incorporation of security controls into development pipelines and DevSecOps processes (LOS 22). These aspects offer contextual support for secure coding methods but do not supplant the primary emphasis on code-level security. The Cyber Range specialisation allows learners to implement safe coding practices inside designated Java programming language environment. Practical examination is automated by established validation checkpoints, test suites, and security verification scripts. The course excludes offensive penetration testing, red team simulations, malware analysis, and organisational audit frameworks. The focus is exclusively on defensive software development and vulnerability mitigation at the code level.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-17",
    "courseTitle": "Post-Quantum_Cryptography",
    "authorOwner": "AU + CTI",
    "contactPerson": [
        "Yiannis Stamatiou",
        "Panagiotis Nastou",
        "Ioanna Kantsavelou",
        "Aristidis Ilias"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "LMS",
        "Labs",
        "BTCMP"
    ],
    "proficiencyLevel": "Advanced",
    "eqfLevel": "6-7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Hybrid & Physical",
    "durationIntensity": "40 hours (4 weeks)",
    "expectedWeeklyTimeCommitment": "10 h",
    "traineeGroupSize": "10-24",
    "courseAvailability": "2027-01-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Anticipate cybersecurity threats, needs and upcoming challenges",
        "Design systems and architectures based on security and privacy by design and by defaults cybersecurity principles",
        "Decompose and analyse systems to develop security and privacy requirements and identify effective solutions",
        "Develop code, scripts and programmes",
        "Review codes assess their security",
        "Analyse and implement cybersecurity policies, certifications, standards, methodologies and frameworks",
        "Assess the security and performance of solutions",
        "Enable business assets owners, executives and other stakeholders to make risk-informed decisions to manage and mitigate risks",
        "Generate new ideas and transfer theory into practice"
    ],
    "ecsfRoles": [
        "Cybersecurity Architect",
        "Cybersecurity Researcher",
        "Chief Information Security Officer (CISO)",
        "Cybersecurity Auditor",
        "Cybersecurity Implementer"
    ],
    "targetAudience": [
        "SMEs",
        "Cybersecurity professionals",
        "system architects",
        "developers",
        "public sector IT/security staff",
        "critical infrastructure operators"
    ],
    "prerequisitesEntryReq": [
        "Solid knowledge of mathematics and computer science basics",
        "Familiarity with classical cryptography (RSA, ECC, AES)",
        "Basic programming skills (Python/C)"
    ],
    "learningObjectives": [
        "Explain fundamental principles of symmetric and asymmetric cryptography.",
        "Assess the risks posed by quantum computing to current cryptographic systems.",
        "Understand the NIST PQC standardization process and selected algorithms.",
        "Implement basic PQC algorithms in a lab environment.",
        "Plan migration strategies from classical to post-quantum cryptography."
    ],
    "suggestedLearningObjLOS": [
        "24"
    ],
    "learningOutcomes": [
        "Differentiate between classical and post-quantum cryptographic approaches.",
        "Implement and test PQC algorithms such as lattice-based (Kyber, Dilithium).",
        "Evaluate cryptographic protocols for quantum resilience.",
        "Develop migration roadmaps integrating hybrid cryptography solutions.",
        "Communicate cryptographic risks and strategies to decision-makers."
    ],
    "courseDesc": "This course introduces participants to the theory and practice of modern cryptography with a focus on post-quantum methods. It covers classical symmetric/asymmetric algorithms, quantum threats, and hands-on implementation of PQC algorithms. Practical labs emphasize integration of PQC into real systems, hybrid deployment, and migration strategies.",
    "detailedContentOutlineTopic": [
        "Introduction to cryptography (classical symmetric & asymmetric)",
        "Quantum computing and its impact on cryptography",
        "NIST PQC project: algorithm families and selection process",
        "Lattice-based cryptography: Kyber (encryption), Dilithium (signatures)",
        "Code-based, multivariate, and hash-based approaches",
        "Hybrid cryptographic models (classical + PQC)",
        "PQC implementation labs (Python, OpenSSL PQC extensions)",
        "Migration planning and risk management in organizations"
    ],
    "reqPlatformsInfra": [
        "LMS",
        "lab environment with cryptographic libraries (OpenSSL PQC",
        "Python libs)"
    ],
    "langDeliveryMaterial": "• English (with option for local translation)",
    "assessmentMethod": [
        "Lab assignments (40%)",
        "Final project (30%)",
        "Final quiz (30%)"
    ],
    "certOffered": [
        "Certificate of Completion (minimum average score ≥ 70%)"
    ],
    "supportingMaterial": [
        "Trainer slides, lab guides, open-source PQC libraries"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-18",
    "courseTitle": "Network Penetration Testing",
    "authorOwner": "CTI",
    "contactPerson": [
        "Grammati Pantziou"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online self-paced (with hands-on labs)",
    "durationIntensity": "17 hours / 2-3 hours per day",
    "expectedWeeklyTimeCommitment": "10",
    "traineeGroupSize": "5-50",
    "courseAvailability": "2026-07-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Anticipate cybersecurity threats, needs and upcoming challenges",
        "Assess and enhance an organisation’s cybersecurity posture",
        "Conduct ethical hacking",
        "Conduct technical analysis and reporting",
        "Identify and exploit vulnerabilities",
        "Identify, analyse and correlate cybersecurity events",
        "Use penetration testing tools effectively",
        "Work on operating systems, servers, clouds and relevant infrastructures",
        "Assess the security and performance of solutions",
        "Work ethically and independently; not influenced and biased by internal or external actors",
        "Work under pressure"
    ],
    "ecsfRoles": [
        "Penetration Tester",
        "Cybersecurity Implementer",
        "Cybersecurity Researcher"
    ],
    "targetAudience": [
        "IT security professionals",
        "red teams",
        "SOC/Blue teamers seeking offensive skills",
        "network administrators across all sectors."
    ],
    "prerequisitesEntryReq": [
        "Strong understanding of TCP/IP and networking fundamentals",
        "Familiarity with Linux command-line",
        "Basic scripting (Python/Bash)",
        "Understanding of firewalls, routing, and network architectures",
        "Basic cybersecurity concepts (threats, vulnerabilities, exploits)"
    ],
    "learningObjectives": [
        "Explain the network penetration testing methodology and rules of engagement",
        "Perform advanced network scanning and enumeration (Nmap, NSE scripts)",
        "Identify vulnerabilities in common network services (SMB, RDP, SSH, SNMP, FTP, etc.)",
        "Exploit misconfigurations in network protocols (LLMNR, NetBIOS poisoning, ARP spoofing, DHCP attacks)",
        "Conduct password attacks, MITM attacks, and credential harvesting",
        "Execute post-exploitation techniques to move laterally across a network",
        "Document findings and provide network-hardening recommendations"
    ],
    "suggestedLearningObjLOS": [
        "4",
        "6",
        "11"
    ],
    "learningOutcomes": [
        "Analyze network pentesting scope and Rules of Engagement (RoE)",
        "Evaluate legal, ethical, and authorization requirements",
        "Conduct comprehensive network discovery and port enumeration (Apply)",
        "Identify vulnerable services and leverage network exploitation tools (Analyze)",
        "Perform credential attacks (bruteforce, hash extraction, MITM capture) in a controlled environment (Apply)",
        "Execute lateral movement techniques across segmented network zones (Analyze/Create)",
        "Analyze traffic to identify weaknesses in network protocols (Apply)",
        "Create a professional-level network penetration testing report with actionable remediation items (Create)"
    ],
    "courseDesc": "This course provides a deep dive into Network Penetration Testing, focusing exclusively on the assessment and exploitation of network infrastructures. Trainees learn how attackers map, probe, and compromise networked systems by exploiting protocol weaknesses, insecure services, misconfigurations, and weak segmentation practices. The program covers scanning, enumeration, service exploitation, password attacks, lateral movement, and network-level post-exploitation techniques.\nParticipants practice intensively within a realistic cyber range, where they will attack multi-segmented networks, bypass defenses, exploit vulnerable services, capture credentials, and escalate access across the environment. Emphasis is placed on understanding real-world attacker techniques (MITM, spoofing, pivoting), while building the ability to produce professional reporting and remediation guidance for securing enterprise networks. The above topics are initially covered in a theory-focused session, followed by tailored Capture the Flag (CTF) scenarios that provide guidance and concise theoretical context (2-3 lines) to reinforce key concepts.",
    "detailedContentOutlineTopic": [
        "Module 1: Fundamentals of Network Pentesting: Engagement planning, legal/ethical considerations, Scoping, RoE, and network pentest methodology",
        "Module 2: Discovery, Scanning & Enumeration: Network mapping and host discovery, Nmap advanced scanning + NSE scripts, Banner grabbing & service fingerprinting, Enumerating SMB, SNMP, RDP, SSH, FTP, SMTP",
        "Module 3: Network Protocol Attacks: ARP spoofing & MITM attacks, LLMNR/NBT-NS poisoning (Responder), DHCP spoofing/rogue DHCP, Capturing NTLM hashes",
        "Module 4: Service-Level Vulnerability Analysis & Exploitation: Exploiting SMB vulnerabilities (e.g., EternalBlue class vulns on lab machines), SSH/FTP misconfigurations, Password attacks (Hydra, Medusa, hashcat basics), RDP exploitation scenarios",
        "Module 5: Lateral Movement & Network Pivoting: Credential reuse attacks, Pass-the-Hash / Pass-the-Ticket, Tunneling and pivoting (ProxyChains, SSH tunnels, Metasploit pivoting), Privilege escalation paths on networked systems",
        "Module 6: Traffic Analysis & Defense Evasion: Packet capture and analysis with Wireshark, Detecting weak encryption, cleartext protocols, IDS/IPS evasion concepts (fragmentation, decoys)",
        "Module 7: Reporting & Remediation: Structuring a network pentest report, Risk scoring (CVSS, likelihood/impact), Hardening recommendations (network segmentation, authentication, monitoring), Lab Scenario (Capstone), Full multi-network penetration test:, Identify & exploit at least 4 network-service vulnerabilities, Capture credentials via MITM, Pivot into restricted subnet, Produce full assessment report"
    ],
    "reqPlatformsInfra": [
        "Kali Linux attacker VM",
        "Ubuntu VM attacker (on cyber range)",
        "Target hosts: Linux servers",
        "legacy services",
        "insecure network segments",
        "Simulated multi-subnet environment with routing",
        "firewalls",
        "and misconfigured services"
    ],
    "langDeliveryMaterial": "• English",
    "assessmentMethod": [
        "Quiz assessments - 20%",
        "CTF-style lab challenges - 20%",
        "Final Capstone CTF-style lab challenge - 40%",
        "Final network penetration testing report - 20%",
        "Pass threshold: ≥70% combined score"
    ],
    "certOffered": [
        "Certificate upon achieving ≥70 % combined score"
    ],
    "supportingMaterial": [
        "Slides, Handbooks"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-18",
    "courseTitle": "Network Penetration Testing",
    "authorOwner": "CTI",
    "contactPerson": [
        "Grammati Pantziou"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online self-paced (with hands-on labs)",
    "durationIntensity": "17 hours / 2-3 hours per day",
    "expectedWeeklyTimeCommitment": "10",
    "traineeGroupSize": "5-50",
    "courseAvailability": "2026-07-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Anticipate cybersecurity threats, needs and upcoming challenges",
        "Assess and enhance an organisation’s cybersecurity posture",
        "Conduct ethical hacking",
        "Conduct technical analysis and reporting",
        "Identify and exploit vulnerabilities",
        "Identify, analyse and correlate cybersecurity events",
        "Use penetration testing tools effectively",
        "Work on operating systems, servers, clouds and relevant infrastructures",
        "Assess the security and performance of solutions",
        "Work ethically and independently; not influenced and biased by internal or external actors",
        "Work under pressure"
    ],
    "ecsfRoles": [
        "Penetration Tester",
        "Cybersecurity Implementer",
        "Cybersecurity Researcher"
    ],
    "targetAudience": [
        "IT security professionals",
        "red teams",
        "SOC/Blue teamers seeking offensive skills",
        "network administrators across all sectors."
    ],
    "prerequisitesEntryReq": [
        "Strong understanding of TCP/IP and networking fundamentals",
        "Familiarity with Linux command-line",
        "Basic scripting (Python/Bash)",
        "Understanding of firewalls, routing, and network architectures",
        "Basic cybersecurity concepts (threats, vulnerabilities, exploits)"
    ],
    "learningObjectives": [
        "Explain the network penetration testing methodology and rules of engagement",
        "Perform advanced network scanning and enumeration (Nmap, NSE scripts)",
        "Identify vulnerabilities in common network services (SMB, RDP, SSH, SNMP, FTP, etc.)",
        "Exploit misconfigurations in network protocols (LLMNR, NetBIOS poisoning, ARP spoofing, DHCP attacks)",
        "Conduct password attacks, MITM attacks, and credential harvesting",
        "Execute post-exploitation techniques to move laterally across a network",
        "Document findings and provide network-hardening recommendations"
    ],
    "suggestedLearningObjLOS": [
        "4",
        "6",
        "11"
    ],
    "learningOutcomes": [
        "Analyze network pentesting scope and Rules of Engagement (RoE)",
        "Evaluate legal, ethical, and authorization requirements",
        "Conduct comprehensive network discovery and port enumeration (Apply)",
        "Identify vulnerable services and leverage network exploitation tools (Analyze)",
        "Perform credential attacks (bruteforce, hash extraction, MITM capture) in a controlled environment (Apply)",
        "Execute lateral movement techniques across segmented network zones (Analyze/Create)",
        "Analyze traffic to identify weaknesses in network protocols (Apply)",
        "Create a professional-level network penetration testing report with actionable remediation items (Create)"
    ],
    "courseDesc": "This course provides a deep dive into Network Penetration Testing, focusing exclusively on the assessment and exploitation of network infrastructures. Trainees learn how attackers map, probe, and compromise networked systems by exploiting protocol weaknesses, insecure services, misconfigurations, and weak segmentation practices. The program covers scanning, enumeration, service exploitation, password attacks, lateral movement, and network-level post-exploitation techniques.\nParticipants practice intensively within a realistic cyber range, where they will attack multi-segmented networks, bypass defenses, exploit vulnerable services, capture credentials, and escalate access across the environment. Emphasis is placed on understanding real-world attacker techniques (MITM, spoofing, pivoting), while building the ability to produce professional reporting and remediation guidance for securing enterprise networks. The above topics are initially covered in a theory-focused session, followed by tailored Capture the Flag (CTF) scenarios that provide guidance and concise theoretical context (2-3 lines) to reinforce key concepts.",
    "detailedContentOutlineTopic": [
        "Module 1: Fundamentals of Network Pentesting: Engagement planning, legal/ethical considerations, Scoping, RoE, and network pentest methodology",
        "Module 2: Discovery, Scanning & Enumeration: Network mapping and host discovery, Nmap advanced scanning + NSE scripts, Banner grabbing & service fingerprinting, Enumerating SMB, SNMP, RDP, SSH, FTP, SMTP",
        "Module 3: Network Protocol Attacks: ARP spoofing & MITM attacks, LLMNR/NBT-NS poisoning (Responder), DHCP spoofing/rogue DHCP, Capturing NTLM hashes",
        "Module 4: Service-Level Vulnerability Analysis & Exploitation: Exploiting SMB vulnerabilities (e.g., EternalBlue class vulns on lab machines), SSH/FTP misconfigurations, Password attacks (Hydra, Medusa, hashcat basics), RDP exploitation scenarios",
        "Module 5: Lateral Movement & Network Pivoting: Credential reuse attacks, Pass-the-Hash / Pass-the-Ticket, Tunneling and pivoting (ProxyChains, SSH tunnels, Metasploit pivoting), Privilege escalation paths on networked systems",
        "Module 6: Traffic Analysis & Defense Evasion: Packet capture and analysis with Wireshark, Detecting weak encryption, cleartext protocols, IDS/IPS evasion concepts (fragmentation, decoys)",
        "Module 7: Reporting & Remediation: Structuring a network pentest report, Risk scoring (CVSS, likelihood/impact), Hardening recommendations (network segmentation, authentication, monitoring), Lab Scenario (Capstone), Full multi-network penetration test:, Identify & exploit at least 4 network-service vulnerabilities, Capture credentials via MITM, Pivot into restricted subnet, Produce full assessment report"
    ],
    "reqPlatformsInfra": [
        "Kali Linux attacker VM",
        "Ubuntu VM attacker (on cyber range)",
        "Target hosts: Linux servers",
        "legacy services",
        "insecure network segments",
        "Simulated multi-subnet environment with routing",
        "firewalls",
        "and misconfigured services"
    ],
    "langDeliveryMaterial": "• English",
    "assessmentMethod": [
        "Quiz assessments - 20%",
        "CTF-style lab challenges - 20%",
        "Final Capstone CTF-style lab challenge - 40%",
        "Final network penetration testing report - 20%",
        "Pass threshold: ≥70% combined score"
    ],
    "certOffered": [
        "Certificate upon achieving ≥70 % combined score"
    ],
    "supportingMaterial": [
        "Slides, Handbooks"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-19",
    "courseTitle": "WEB Application Penetration Testing",
    "authorOwner": "CTI",
    "contactPerson": [
        "Ioanna Kantzavelou"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Hybrid & Physical (Online instructor-led + hands-on cyber range labs)",
    "durationIntensity": "2 weeks (~20 total hours)",
    "expectedWeeklyTimeCommitment": "≈ 10",
    "traineeGroupSize": "5-50",
    "courseAvailability": "2026-12-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Conduct ethical hacking",
        "Identify and exploit vulnerabilities",
        "Use penetration testing tools effectively",
        "Identify, analyse and correlate cybersecurity events",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Conduct technical analysis and reporting",
        "Model threats, actors and TTPs",
        "Work on operating systems, servers, clouds and relevant infrastructures",
        "Think creatively and outside the box",
        "Communicate, present and report to relevant stakeholders",
        "Work ethically and independently; not influenced and biased by internal or external actors"
    ],
    "ecsfRoles": [
        "Penetration Tester",
        "Cybersecurity Implementer",
        "Cybersecurity Architect",
        "Cyber Incident Responder",
        "Cybersecurity Auditor",
        "Digital Forensics Investigator",
        "Cyber Threat Intelligence Specialist"
    ],
    "targetAudience": [
        "ICT & Cybersecurity professionals",
        "Financial sector SOC & Offensive Security teams",
        "Developers transitioning to Application Security",
        "Public sector cybersecurity units",
        "Telecom & critical infrastructure security teams",
        "Consulting & audit firms (technical audit personnel)"
    ],
    "prerequisitesEntryReq": [
        "Understanding of HTTP, DNS, and networking fundamentals",
        "Basic programming/scripting (Python, JavaScript desirable)",
        "Experience with Linux command line",
        "Prior knowledge of basic cybersecurity or vulnerability scanning",
        "Familiarity with OWASP Top 10 is helpful but not required"
    ],
    "learningObjectives": [
        "Understand web application architectures, technology stacks, and underlying protocols.",
        "Apply structured web penetration testing methodology based on OWASP Testing Guide.",
        "Perform enumeration, endpoint discovery, and attack surface mapping.",
        "Test authentication, authorization, and session management mechanisms.",
        "Identify and exploit major web vulnerabilities (XSS, CSRF, SQLi, SSRF, LFI/RFI, Command Injection).",
        "Analyse weak input validation and business logic flaws.",
        "Assess API endpoints and modern authentication tokens (OAuth, JWT).",
        "Use Burp Suite and other web security tools effectively.",
        "Document and report findings according to professional pentest standards.",
        "Recommend mitigation strategies aligned with OWASP ASVS."
    ],
    "suggestedLearningObjLOS": [
        "6",
        "10",
        "12",
        "13"
    ],
    "learningOutcomes": [
        "Performing comprehensive web-app enumeration using industry tools.",
        "Identifying critical vulnerabilities and prioritizing them based on impact.",
        "Exploiting client-side and server-side weaknesses.",
        "Testing for insecure direct object references and access control flaws.",
        "Analysing and manipulating cookies, JWT tokens, and session IDs.",
        "Detecting and exploiting injection flaws in SQL, NoSQL, OS commands, and templates.",
        "Assessing API-driven applications and modern microservice architectures.",
        "Generating structured, high-quality penetration testing reports for stakeholders.",
        "Mapping findings to OWASP ASVS, CWE, and best-practice mitigations.",
        "Operating within an ethical, legal, and professional pentesting framework."
    ],
    "courseDesc": "This course provides a comprehensive, hands-on exploration of Web Application Penetration Testing, focusing on real-world techniques, exploitation workflows, and attacker methodologies. Through a combination of theory, guided demonstrations, and intensive cyber range labs, participants learn how to deconstruct and assess modern web applications across all layers-client-side, server-side, authentication flows, and backend architectures.\n\nThe training is fully aligned with OWASP Testing Guide (WSTG), OWASP Top 10, CWE, ASVS, and industry standards for offensive security operations. Learners engage with practical scenarios including session hijacking, API exploitation, business logic attacks, misconfiguration discovery, injection exploitation, and chained attack escalation.\n\nBy the end of the course, participants will have the skills required to conduct full-scope web penetration tests, produce actionable findings, and support secure development and risk mitigation across organizations.",
    "detailedContentOutlineTopic": [
        "Module 1: Foundations of Web Security: HTTP, HTTPS, TLS, methods, headers, status codes, cookies, tokens, session management, web application architectures (monolithic, microservices, API-first)",
        "Module 2: Reconnaissance & Enumeration: Fingerprinting technologies and frameworks, endpoint discovery (Dirb, Dirsearch, Gobuster), parameter analysis and fuzzing, subdomain enumeration and virtual hosts",
        "Module 3: Authentication & Session Testing: Weak password mechanisms, MFA testing strategies, session fixation, session hijacking, JWT token analysis, OAuth and SSO security assessment",
        "Module 4: Input Validation & Injection Attacks: SQL Injection (manual and automated), NoSQL Injection, Command Injection, Server-Side Template Injection (SSTI), file inclusion (LFI/RFI), XXE attacks",
        "Module 5: Client-Side Attacks: Cross-Site Scripting (XSS) (reflected, stored, DOM-based), Cross-Site Request Forgery (CSRF), cookie manipulation, SameSite misconfigurations, clickjacking",
        "Module 6: Server-Side Attacks: Server-Side Request Forgery (SSRF), open redirects, misconfigurations and security header evaluation, path traversal and access control weaknesses",
        "Module 7: API & Modern Web Application Testing: REST, GraphQL, WebSockets, token validation, rate limiting bypass, API fuzzing approaches",
        "Module 8: Reporting & Documentation: Writing professional penetration testing reports, executive summaries versus technical detail, mapping findings to ASVS, CWE, and MITRE ATT&CK Web",
        "Module 9: Capstone"
    ],
    "reqPlatformsInfra": [
        "Cyber range environment with production-like web targets",
        "Vulnerable applications (DVWA, Juice Shop, BWAPP, custom images)",
        "Burp Suite Professional (licenses provided)",
        "Kali Linux VM (provided)",
        "Containerized vulnerable APIs (Docker-based)",
        "Secure VPN access to cloud labs"
    ],
    "langDeliveryMaterial": "• English",
    "assessmentMethod": [
        "Weekly quizzes (minimum pass score: 70%)",
        "Hands-on exploitation challenges (pass/fail)",
        "Final practical exam: full-scope web penetration test",
        "Final report submission (must meet structural & quality criteria to pass)"
    ],
    "certOffered": [
        "Certificate upon achieving ≥70 % combined score"
    ],
    "supportingMaterial": [
        "Slide deck (PDF)",
        "Lab exercise guides",
        "Vulnerable application datasets",
        "Reporting templates",
        "Cheat sheets (OWASP, ASVS, Burp Suite)"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This course is updated twice per year to integrate new OWASP developments, emerging attack techniques, and the latest web exploitation tools. Corporate-customized versions available upon request.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-19",
    "courseTitle": "WEB Application Penetration Testing",
    "authorOwner": "CTI",
    "contactPerson": [
        "Ioanna Kantzavelou"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Hybrid & Physical (Online instructor-led + hands-on cyber range labs)",
    "durationIntensity": "2 weeks (~20 total hours)",
    "expectedWeeklyTimeCommitment": "≈ 10",
    "traineeGroupSize": "5-50",
    "courseAvailability": "2026-12-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Conduct ethical hacking",
        "Identify and exploit vulnerabilities",
        "Use penetration testing tools effectively",
        "Identify, analyse and correlate cybersecurity events",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Conduct technical analysis and reporting",
        "Model threats, actors and TTPs",
        "Work on operating systems, servers, clouds and relevant infrastructures",
        "Think creatively and outside the box",
        "Communicate, present and report to relevant stakeholders",
        "Work ethically and independently; not influenced and biased by internal or external actors"
    ],
    "ecsfRoles": [
        "Penetration Tester",
        "Cybersecurity Implementer",
        "Cybersecurity Architect",
        "Cyber Incident Responder",
        "Cybersecurity Auditor",
        "Digital Forensics Investigator",
        "Cyber Threat Intelligence Specialist"
    ],
    "targetAudience": [
        "ICT & Cybersecurity professionals",
        "Financial sector SOC & Offensive Security teams",
        "Developers transitioning to Application Security",
        "Public sector cybersecurity units",
        "Telecom & critical infrastructure security teams",
        "Consulting & audit firms (technical audit personnel)"
    ],
    "prerequisitesEntryReq": [
        "Understanding of HTTP, DNS, and networking fundamentals",
        "Basic programming/scripting (Python, JavaScript desirable)",
        "Experience with Linux command line",
        "Prior knowledge of basic cybersecurity or vulnerability scanning",
        "Familiarity with OWASP Top 10 is helpful but not required"
    ],
    "learningObjectives": [
        "Understand web application architectures, technology stacks, and underlying protocols.",
        "Apply structured web penetration testing methodology based on OWASP Testing Guide.",
        "Perform enumeration, endpoint discovery, and attack surface mapping.",
        "Test authentication, authorization, and session management mechanisms.",
        "Identify and exploit major web vulnerabilities (XSS, CSRF, SQLi, SSRF, LFI/RFI, Command Injection).",
        "Analyse weak input validation and business logic flaws.",
        "Assess API endpoints and modern authentication tokens (OAuth, JWT).",
        "Use Burp Suite and other web security tools effectively.",
        "Document and report findings according to professional pentest standards.",
        "Recommend mitigation strategies aligned with OWASP ASVS."
    ],
    "suggestedLearningObjLOS": [
        "6",
        "10",
        "12",
        "13"
    ],
    "learningOutcomes": [
        "Performing comprehensive web-app enumeration using industry tools.",
        "Identifying critical vulnerabilities and prioritizing them based on impact.",
        "Exploiting client-side and server-side weaknesses.",
        "Testing for insecure direct object references and access control flaws.",
        "Analysing and manipulating cookies, JWT tokens, and session IDs.",
        "Detecting and exploiting injection flaws in SQL, NoSQL, OS commands, and templates.",
        "Assessing API-driven applications and modern microservice architectures.",
        "Generating structured, high-quality penetration testing reports for stakeholders.",
        "Mapping findings to OWASP ASVS, CWE, and best-practice mitigations.",
        "Operating within an ethical, legal, and professional pentesting framework."
    ],
    "courseDesc": "This course provides a comprehensive, hands-on exploration of Web Application Penetration Testing, focusing on real-world techniques, exploitation workflows, and attacker methodologies. Through a combination of theory, guided demonstrations, and intensive cyber range labs, participants learn how to deconstruct and assess modern web applications across all layers-client-side, server-side, authentication flows, and backend architectures.\n\nThe training is fully aligned with OWASP Testing Guide (WSTG), OWASP Top 10, CWE, ASVS, and industry standards for offensive security operations. Learners engage with practical scenarios including session hijacking, API exploitation, business logic attacks, misconfiguration discovery, injection exploitation, and chained attack escalation.\n\nBy the end of the course, participants will have the skills required to conduct full-scope web penetration tests, produce actionable findings, and support secure development and risk mitigation across organizations.",
    "detailedContentOutlineTopic": [
        "Module 1: Foundations of Web Security: HTTP, HTTPS, TLS, methods, headers, status codes, cookies, tokens, session management, web application architectures (monolithic, microservices, API-first)",
        "Module 2: Reconnaissance & Enumeration: Fingerprinting technologies and frameworks, endpoint discovery (Dirb, Dirsearch, Gobuster), parameter analysis and fuzzing, subdomain enumeration and virtual hosts",
        "Module 3: Authentication & Session Testing: Weak password mechanisms, MFA testing strategies, session fixation, session hijacking, JWT token analysis, OAuth and SSO security assessment",
        "Module 4: Input Validation & Injection Attacks: SQL Injection (manual and automated), NoSQL Injection, Command Injection, Server-Side Template Injection (SSTI), file inclusion (LFI/RFI), XXE attacks",
        "Module 5: Client-Side Attacks: Cross-Site Scripting (XSS) (reflected, stored, DOM-based), Cross-Site Request Forgery (CSRF), cookie manipulation, SameSite misconfigurations, clickjacking",
        "Module 6: Server-Side Attacks: Server-Side Request Forgery (SSRF), open redirects, misconfigurations and security header evaluation, path traversal and access control weaknesses",
        "Module 7: API & Modern Web Application Testing: REST, GraphQL, WebSockets, token validation, rate limiting bypass, API fuzzing approaches",
        "Module 8: Reporting & Documentation: Writing professional penetration testing reports, executive summaries versus technical detail, mapping findings to ASVS, CWE, and MITRE ATT&CK Web",
        "Module 9: Capstone"
    ],
    "reqPlatformsInfra": [
        "Cyber range environment with production-like web targets",
        "Vulnerable applications (DVWA, Juice Shop, BWAPP, custom images)",
        "Burp Suite Professional (licenses provided)",
        "Kali Linux VM (provided)",
        "Containerized vulnerable APIs (Docker-based)",
        "Secure VPN access to cloud labs"
    ],
    "langDeliveryMaterial": "• English",
    "assessmentMethod": [
        "Weekly quizzes (minimum pass score: 70%)",
        "Hands-on exploitation challenges (pass/fail)",
        "Final practical exam: full-scope web penetration test",
        "Final report submission (must meet structural & quality criteria to pass)"
    ],
    "certOffered": [
        "Certificate upon achieving ≥70 % combined score"
    ],
    "supportingMaterial": [
        "Slide deck (PDF)",
        "Lab exercise guides",
        "Vulnerable application datasets",
        "Reporting templates",
        "Cheat sheets (OWASP, ASVS, Burp Suite)"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "This course is updated twice per year to integrate new OWASP developments, emerging attack techniques, and the latest web exploitation tools. Corporate-customized versions available upon request.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-20",
    "courseTitle": "Denial of Service (DoS)",
    "authorOwner": "CTI",
    "contactPerson": [
        "Yiannis Stamatiou",
        "Panagiotis Nastou",
        "Aristidis Ilias"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online self-paced (with hands-on labs)",
    "durationIntensity": "2 Weeks (6 Sessions × 4 Hours)",
    "expectedWeeklyTimeCommitment": "12",
    "traineeGroupSize": "5-50",
    "courseAvailability": "2026-07-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Manage and analyse log files",
        "Identify, analyse and correlate cybersecurity events",
        "Conduct technical analysis and reporting",
        "Practice all technical, functional and operational aspects of cybersecurity incident handling and response",
        "Anticipate cybersecurity threats, needs and upcoming challenges",
        "Model threats, actors and TTPs",
        "Implement cybersecurity recommendations and best practices",
        "Build resilience against points of failure across the architecture"
    ],
    "ecsfRoles": [
        "Cyber Incident Responder",
        "Digital Forensics Investigator",
        "Cyber Threat Intelligence Specialist",
        "Penetration Tester",
        "Chief Information Security Officer (CISO)",
        "Cyber Threat Intelligence Specialist",
        "Cybersecurity Architect"
    ],
    "targetAudience": [
        "Telecommunications & Internet Service Providers (ISPs)",
        "Financial services & banking",
        "Government agencies & public administration",
        "Critical infrastructure operators (energy, water, transport)",
        "Healthcare organisations & hospitals",
        "E-commerce and digital service providers",
        "Cloud service providers and data centres",
        "Cybersecurity operations centres (SOCs)",
        "Technology companies and software service providers"
    ],
    "prerequisitesEntryReq": [
        "Basic understanding of computer networks, including IP addressing, routing, and common protocols (TCP/UDP, DNS, HTTP).",
        "Familiarity with operating systems (Linux and/or Windows), including command-line usage.",
        "Prior exposure to information security concepts (CIA triad, threat actors, vulnerabilities, risk).",
        "Awareness of common attack types and defensive principles.",
        "Experience with network monitoring tools (e.g., Wireshark, tcpdump).",
        "Basic understanding of firewalls, IDS/IPS, and security logging.",
        "Comfort working in virtualized environments (VMware, VirtualBox, or cloud labs).",
        "Ability to participate in practical labs using a laptop that supports virtualization (if hands-on exercises are included).",
        "No prior programming knowledge is required unless the course includes traffic-generation scripting or defensive automation."
    ],
    "learningObjectives": [
        "Understand the mechanics, types, and impact of DoS and DDoS attacks, including threat actors, vectors, and amplification methods",
        "Analyze DoS/DDoS traffic patterns and identify indicators of attack using network monitoring, logging, and anomaly-detection techniques",
        "Apply defensive strategies and mitigation techniques (rate limiting, filtering, scrubbing, CDN protections, WAF/IPS tuning) to reduce DoS/DDoS impact",
        "Conduct controlled simulations of DoS-style attacks in a secure lab environment to understand attacker methodology and defensive reactions",
        "Design and implement incident response workflows for detecting, escalating, containing, and recovering from DoS/DDoS events",
        "Evaluate the resilience of network architectures and propose enhancements (redundancy, segmentation, capacity planning, zero-trust edges) to reduce DoS exposure",
        "Communicate DoS-related risks and recommended mitigations to technical and non-technical stakeholders"
    ],
    "suggestedLearningObjLOS": [
        "1",
        "3",
        "6",
        "13",
        "17"
    ],
    "learningOutcomes": [
        "Explain and categorize the core mechanics, primary types (e.g., volumetric, protocol, application layer), and potential impact of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks.",
        "Identify common threat actors, attack vectors, and amplification techniques utilized in modern DoS/DDoS campaigns (e.g., NTP reflection, DNS amplification).",
        "Analyze real-world network traffic, logs, and security alerts to differentiate normal traffic from malicious DoS/DDoS attack indicators using monitoring and anomaly-detection tools.",
        "Implement and configure specific defensive strategies, including rate limiting, traffic filtering (ACLs), traffic scrubbing services, Content Delivery Networks (CDNs), and Web Application Firewalls (WAF)/Intrusion Prevention Systems (IPS) settings, to effectively mitigate the impact of various DoS/DDoS attacks.",
        "Execute controlled DoS-style attack simulations within a secure laboratory environment to document the attacker's methodology and evaluate the effectiveness of deployed defensive controls.",
        "Develop and deploy comprehensive incident response workflows for DoS/DDoS events, covering the systematic processes of detection, escalation, containment, and service recovery.",
        "Evaluate the current network and system architecture (e.g., cloud, on-premises) to quantify its inherent resilience against DoS/DDoS threats.",
        "Design and propose specific architectural enhancements (e.g., increasing redundancy, implementing network segmentation, optimizing capacity planning, utilizing Zero Trust principles) to significantly reduce DoS attack exposure and enhance organizational defense posture.",
        "Formulate and deliver clear, concise reports and presentations to communicate DoS/DDoS risks, the current security posture, and recommended mitigation strategies to both technical security teams and non-technical business stakeholders."
    ],
    "courseDesc": "This course provides a comprehensive introduction to Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, focusing on how modern networks, systems, and online services are targeted, disrupted, and defended. Participants explore the full lifecycle of DoS incidents- from attacker motivations and common threat vectors to large-scale botnet operations, amplification techniques, and stealthy evasion methods used against contemporary detection systems.\nThrough a combination of theoretical knowledge and hands-on guided exercises, learners gain the ability to analyze malicious traffic patterns, interpret network telemetry, and utilize monitoring tools to identify early indicators of attack. The course further examines practical defense strategies, including rate limiting, scrubbing, traffic engineering, content delivery networks, and architectural hardening approaches designed to maintain service availability under stress.\nEmphasis is placed on structured incident response and business continuity planning, helping participants understand how to prepare for, mitigate, and recover from DoS events. By the end of the course, learners will be able to evaluate the resilience of network infrastructures, propose improvements, and communicate DoS-related risks and mitigation measures to both technical teams and management stakeholders.",
    "detailedContentOutlineTopic": [
        "Introduction to DoS & DDoS",
        "DoS Attack Fundamentals",
        "Network Architecture Vulnerabilities",
        "Traffic Analysis & Detection",
        "Tools & Platforms for Monitoring and Analysis",
        "Defensive Techniques & Mitigation Strategies",
        "o Infrastructure Hardening",
        "o Application-Level Defenses",
        "o Cloud & ISP-Based Protection",
        "Incident Response for DoS/DDoS",
        "Business Continuity & Resilience",
        "Legal, Ethical, and Compliance Considerations",
        "Hands-On Exercises / Labs (Optional but Recommended)",
        "Final Assessment & Practical Evaluation"
    ],
    "reqPlatformsInfra": [
        "Total VMs (4): attacker, web-waf, sensor, siem",
        "Traffic path: attacker → web-waf (Nginx + ModSecurity OWASP CRS)",
        "One Telemetry path: Filebeat → Elasticsearch → Kibana | Logging pipeline:",
        "Filebeat runs on data-source VMs (sensor, web-waf), reads log files (Zeek, Nginx access/error logs), and ships them to siem.",
        "Elasticsearch runs on siem, stores and indexes events for fast search and aggregation.",
        "Kibana runs on siem, connects to Elasticsearch to search, chart, and dashboard the events.",
        "Trainees’ attack tools:",
        "wrk (high‑load HTTP benchmarking)",
        "slowhttptest (slow‑HTTP style attacks - connection exhaustion)",
        "hping3 (crafted TCP/UDP/SYN floods and low‑level packet tests)"
    ],
    "langDeliveryMaterial": "• English",
    "assessmentMethod": [
        "Lab assignments (70%), final quiz (30%)"
    ],
    "certOffered": [
        "Certificate upon achieving ≥70 % combined score"
    ],
    "supportingMaterial": [
        "Lecture",
        "Presentation Material"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-21",
    "courseTitle": "Operating Systems Penetration Testing",
    "authorOwner": "CTI",
    "contactPerson": [
        "Aristeidis Ilias",
        "Panagiotis Nastou",
        "Ioannis Stamatiou"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Online self-paced (with hands-on labs)",
    "durationIntensity": "2 weeks (~20 total hours)",
    "expectedWeeklyTimeCommitment": "≈ 10",
    "traineeGroupSize": "5-50",
    "courseAvailability": "2026-12-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Conduct ethical hacking",
        "Identify, analyse and correlate cybersecurity events",
        "Identify and exploit vulnerabilities",
        "Use penetration testing tools effectively",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Work on operating systems, servers, clouds and relevant infrastructures",
        "Conduct technical analysis and reporting",
        "Communicate, present and report to relevant stakeholders",
        "Work ethically and independently; not influenced and biased by internal or external actors",
        "Work under pressure",
        "Perform social engineering"
    ],
    "ecsfRoles": [
        "Penetration Tester",
        "Cybersecurity Researcher",
        "Cybersecurity Implementer",
        "Cyber Incident Responder",
        "Cybersecurity Architect",
        "Digital Forensics Investigator",
        "Cyber Threat Intelligence Specialist"
    ],
    "targetAudience": [
        "IT security professionals, system administrators, penetration testers, red teams, SOC analysts, blue teams (cross-sector), OS security engineers."
    ],
    "prerequisitesEntryReq": [
        "Strong knowledge of Linux and Windows operating systems",
        "Familiarity with system administration (processes, permissions, services)",
        "Basic scripting (Bash or PowerShell)",
        "Basic networking & security fundamentals",
        "Experience with virtual machines or cyber ranges"
    ],
    "learningObjectives": [
        "Upon completion, participants will be able to:",
        "Explain OS-level attack vectors and privilege escalation methodologies",
        "Perform enumeration and vulnerability assessment on Windows & Linux systems",
        "Exploit common OS misconfigurations and privilege escalation opportunities",
        "Use frameworks and tools (Metasploit, PowerShell Empire, LinPEAS, WinPEAS) for OS exploitation",
        "Analyze OS logs, services, processes and permissions to identify weaknesses",
        "Conduct post-exploitation activities (credential dumping, persistence, lateral movement)",
        "Produce a comprehensive OS penetration test report with remediation actions"
    ],
    "suggestedLearningObjLOS": [
        "6",
        "11",
        "12"
    ],
    "learningOutcomes": [
        "After completing the course, participants will be able to:",
        "Enumerate OS processes, services, permissions and scheduled tasks to identify misconfigurations (Apply)",
        "Exploit a misconfigured Windows or Linux service to escalate privileges (Analyze/Create)",
        "Perform OS credential harvesting and evaluate security impact (Analyze)",
        "Use OS-specific exploitation tools (e.g., Mimikatz, Impacket, BloodHound, PEAS scripts) to gain elevated access (Apply)",
        "Document OS exploitation steps and deliver a structured remediation-focused pentest report (Create)"
    ],
    "courseDesc": "This course focuses on penetration testing techniques targeting operating systems, including Windows and Linux environments. Learners study how OS-level vulnerabilities, misconfigurations, privilege escalation paths, and insecure services can be discovered and exploited. The curriculum covers enumeration, local and remote exploitation, post-exploitation techniques, credential dumping, persistence mechanisms, and lateral movement. Participants practice hands-on in a cyber range, attacking intentionally vulnerable OS images and applying real exploitation workflows. The course prepares learners to understand and evaluate the security posture of system-level components and to propose effective remediation strategies.",
    "detailedContentOutlineTopic": [
        "Module 1 - OS Pentesting Fundamentals: OS security models (Windows vs Linux), User accounts, permissions, tokens, groups, Attack surface identification",
        "Module 2 - Enumeration & Recon: System information gathering, Service analysis, process inspection, Enumerating scheduled tasks, installed software, registry/sudoers",
        "Module 3 - Vulnerability Assessment: Local and remote enumeration scripts (LinPEAS, WinPEAS), Manual misconfiguration discovery, Identifying weak ACLs, vulnerable services, DLL hijacking opportunities",
        "Module 4 - Exploitation Techniques (Windows & Linux): Exploiting SUID binaries, Kernel exploits (intro), Abusing weak file permissions, Service misconfigurations exploitation, Token impersonation, UAC bypass techniques",
        "Module 5 - Post-Exploitation: Credential dumping (Mimikatz, LSASS extraction, /etc/shadow attacks), Persistence mechanisms, Lateral movement (PsExec, SSH hijacking, pass-the-hash)",
        "Module 6 - OS Logging, Events & Detection: Windows Event Logs, Sysmon basics, Linux logs and auditing, Detecting exploitation attempts",
        "Module 7 - Reporting & Remediation: Mapping findings to risk levels, OS hardening strategies, Creating a professional OS penetration testing report, Lab Scenario (Cyber Range), Perform a full OS-level penetration test against Windows & Linux target machines. Students must identify ≥3 privilege escalation paths, exploit them, collect evidence, and submit a final report."
    ],
    "reqPlatformsInfra": [
        "Cyber range with Windows & Linux vulnerable VMs",
        "Kali Linux attacker machine",
        "Tools including Metasploit",
        "WinPEAS",
        "LinPEAS",
        "Mimikatz",
        "Impacket",
        "Sysinternals Suite",
        "Remote exploitation environments and logging dashboards"
    ],
    "langDeliveryMaterial": "• English",
    "assessmentMethod": [
        "Hands-on CTF-style exploitation challenges (60%)",
        "Final OS penetration testing report (40%)",
        "Pass threshold: ≥70%"
    ],
    "certOffered": [
        "Certificate upon achieving ≥70 % combined score"
    ],
    "supportingMaterial": [
        "Slide deck (PDF)",
        "Lab guides with step-by-step exploitation workflows",
        "Vulnerable OS images",
        "Command cheat-sheets for Windows & Linux"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "Aligned with ECSF OS exploitation KSAs. Focuses on Windows & Linux privilege escalation paths. Includes cyber range missions and is customizable for enterprise server environments.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}

{
    "courseID": "CADMUS-CR-22",
    "courseTitle": "Mobile/OT Penetration Testing",
    "authorOwner": "CTI",
    "contactPerson": [
        "Ioanna Kantzavelou"
    ],
    "cadmusCourseURL": "",
    "platformCategory": [
        "Cyber Range"
    ],
    "proficiencyLevel": "Intermediate",
    "eqfLevel": "7",
    "trainingType": [
        "Upskilling"
    ],
    "deliveryMethod": "Hybrid & Physical (online theory + physical lab environment for OT components)",
    "durationIntensity": "3 weeks (~30 total hours)",
    "expectedWeeklyTimeCommitment": "≈ 10",
    "traineeGroupSize": "5-50",
    "courseAvailability": "2026-07-01 00:00:00",
    "ecsfKeySkillsTarget": [
        "Conduct ethical hacking",
        "Identify and exploit vulnerabilities",
        "Use penetration testing tools effectively",
        "Conduct technical analysis and reporting",
        "Identify, analyse and correlate cybersecurity events",
        "Assess the security and performance of solutions",
        "Implement cybersecurity recommendations and best practices",
        "Select appropriate specifications, procedures and controls",
        "Decompose and analyse systems to identify weaknesses and ineffective controls",
        "Analyse business processes, assess and review software or hardware security, as well as technical and organisational controls",
        "Model threats, actors and TTPs",
        "Identify threat actors TTPs and campaigns",
        "Manage and analyse log files",
        "Practice all technical, functional and operational aspects of cybersecurity incident handling and response",
        "Develop and communicate, detailed and reasoned investigation reports",
        "Communicate, present and report to relevant stakeholders",
        "Review and enhance security documents, reports, SLAs and ensure the security objectives",
        "Identify and solve cybersecurity-related issues",
        "Draw cybersecurity architectural and functional specifications",
        "Coordinate the integration of security solutions",
        "Build resilience against points of failure across the architecture",
        "Think creatively and outside the box",
        "Organise and work in a systematic and deterministic way based on evidence",
        "Work ethically and independently; not influenced and biased by internal or external actors"
    ],
    "ecsfRoles": [
        "Penetration Tester",
        "Penetration Tester",
        "Cybersecurity Implementer",
        "Cybersecurity Architect",
        "Cyber Incident Responder",
        "Cybersecurity Researcher",
        "Cyber Threat Intelligence Specialist"
    ],
    "targetAudience": [
        "Industrial & OT environments (energy, manufacturing, telecom, utilities)",
        "Mobile application development and security",
        "Red teams",
        "AppSec and DevSecOps teams",
        "SOC/CSIRT teams",
        "Digital Forensics & Incident Response professionals"
    ],
    "prerequisitesEntryReq": [
        "Strong knowledge of networking and Linux",
        "Understanding of mobile OS architecture (Android/iOS)",
        "Basic knowledge of programming (Java/Kotlin, Swift, Python or similar)",
        "Familiarity with pentesting fundamentals",
        "Understanding of OT/ICS concepts (PLC, SCADA, ICS protocols)"
    ],
    "learningObjectives": [
        "Explain mobile OS architecture, sandboxing and security models",
        "Perform static and dynamic analysis of mobile applications",
        "Identify insecure mobile app storage, authentication, and communication flaws",
        "Conduct OT network reconnaissance and protocol fingerprinting",
        "Exploit vulnerabilities in OT components, PLCs and industrial devices under controlled conditions",
        "Bypass mobile security controls (root/jailbreak detection, certificate pinning, secure storage)",
        "Assess ICS/SCADA protocols such as Modbus, DNP3, Profinet",
        "Evaluate wireless attack vectors (Bluetooth, NFC, Wi-Fi weaknesses)",
        "Perform secure exploitation in hybrid environments safely (safety-critical constraints)",
        "Prepare and deliver a professional penetration testing report"
    ],
    "suggestedLearningObjLOS": [
        "6",
        "11",
        "14"
    ],
    "learningOutcomes": [
        "Perform static and dynamic mobile app analysis and identify critical vulnerabilities (Apply)",
        "Intercept, modify, and exploit insecure mobile communications (Analyze/Create)",
        "Execute exploitation techniques on OT protocol weaknesses in a testbed (Apply)",
        "Enumerate OT assets and identify attack paths using safe methodologies (Analyze)",
        "Craft and submit a full professional pentest report aligned to mobile/OT findings (Create)"
    ],
    "courseDesc": "This advanced course introduces participants to the methodologies, tools and techniques used to assess the security of mobile applications and Operational Technology (OT) environments. Students learn how to analyze and exploit vulnerabilities in Android/iOS applications through static analysis, dynamic testing, reverse engineering, traffic interception, and exploitation of insecure mobile design patterns.\n\nFor OT, participants explore industrial control system architectures, SCADA environments, PLC behavior, industrial network protocols, and critical vulnerabilities found in real-world OT infrastructures. Through a safe cyber range designed for industrial systems, learners practice reconnaissance, protocol testing, exploitation, segmentation bypass and post-exploitation methods adapted to safety-critical environments.\n\nThe course blends mobile and OT domains to highlight how modern cyber-physical and mobile-controlled industrial systems can be compromised, and how to mitigate these threats effectively.",
    "detailedContentOutlineTopic": [
        "Module 1 - Fundamentals of Mobile & OT Security: Mobile OS architecture (Android/iOS), OT/ICS architecture & Purdue model, Threat landscape for mobile and industrial systems",
        "Module 2 - Mobile Application Testing (Android & iOS): Static analysis (source code & APK analysis), Dynamic analysis (instrumentation, hooking, bypassing), Network interception, SSL pinning bypass, API abuse, Mobile storage, authentication, and crypto weaknesses",
        "Module 3 - Reverse Engineering: Mobile binary analysis (APK, IPA), Using Frida, objection, JADX, Hopper, Ghidra",
        "Module 4 - OT Penetration Testing: SCADA/PLC reconnaissance, Modbus, DNP3, Profinet, BACnet exploitation, Safe exploitation principles (ICS impact & safety surfaces), Asset mapping, pivoting in OT networks",
        "Module 5 - Wireless, BLE, RFID and NFC Attacks: BLE enumeration & manipulation, NFC/RFID vulnerabilities, Wi-Fi attacks targeting mobile-OT integrations",
        "Module 6 - Attack Scenarios (Capstone Labs): Exploiting insecure mobile controls in industrial apps, Manipulating data between mobile interfaces and OT devices, Compromising a simulated ICS network through mobile entry point",
        "Module 7 - Reporting & Mitigation: Mapping findings to OWASP MASVS & ICS Security Standards, Writing mobile + OT integrated pentest reports"
    ],
    "reqPlatformsInfra": [
        "Cyber Range with:",
        "Android emulator & physical mobile devices",
        "Jailbroken/rooted mobile environments",
        "OT testbed (virtual PLCs, SCADA simulations)",
        "Mobile security toolkits (Burp Suite, Frida, MobSF)",
        "ICS protocol analyzers",
        "VM images (Kali, Android x86, custom ICS VMs)",
        "Licensing for specific mobile testing tools where applicable"
    ],
    "langDeliveryMaterial": "• English",
    "assessmentMethod": [
        "Practical mobile exploitation labs (40%) - Pass ≥ 60%",
        "OT protocol exploitation challenge (30%) - Pass ≥ 60%",
        "Final pentest project & professional report (30%) - Pass ≥ 70%"
    ],
    "certOffered": [
        "Certificate upon achieving ≥70 % combined score"
    ],
    "supportingMaterial": [
        "Slide deck (PDF), lab guide with step-Slide deck (PDF)",
        "Lab guides with step-by-step exercises",
        "Mobile & OT vulnerable environments",
        "Cheatsheets (mobile security, ICS protocols, secure coding)by-step exercises, vulnerable VM images, cheat-sheets"
    ],
    "ectsCredsEquivalent": "",
    "skillBasedMicroCredECTSCred": "",
    "additionalNotesComments": "Aligned with ECSF penetration and red teaming KSAs. Includes hands-on CTF elements; customizable for network/web focus.",
    "repoPath": "",
    "linkType": "Concept",
    "digitalTechnology": "AI, cybersecurity, IoT, big data, blockchain, robotics, augmented reality, virtual reality, high performance computing, machine learning, cloud computing, 5G, telecommunications, WiFi, quantum computing, software, mobile application development, web development, microelectronics, digital skills, digital transformation, robotic process automation, edge computing, Cyber Skills Academy.",
    "endDate": "It is calculated indirectly from the start and duration.",
    "geographicScope": "European Union",
    "isThisCourseFree": "Yes",
    "typeOfFunding": "",
    "typeOfTrainingRecord": "",
    "linkeText": "",
    "fieldOfEducationandTraining": "",
    "permissionToDistributeRawEducationalMaterial": ""
}