Security

Secure AI solutions in the cloud by configuring AI workloads, applying cloud-native protections, and reinforcing security outcomes with identity controls. Learn how AI workloads authenticate, how trust boundaries are established, and how security posture and workload protection reduce risk using Microsoft Defender for Cloud and Microsoft Foundry. Extend these protections by using Microsoft Entra to design and apply identity and access controls that explain and harden earlier security decisions. Learning outcomes:

Apply security posture management and workload protection for AI services using Microsoft Defender for Cloud
Configure and secure Microsoft Foundry environments using cloud-native security controls
Design and apply identity and access controls for AI workloads using Microsoft Entra

CompTIA SecAI+ enables a safer digital future by empowering IT and cybersecurity talent worldwide to meet the emerging challenges and opportunities at the intersection of AI and security.
CompTIA SecAI+ is the global IT industry’s first comprehensive “expansion” certification focused on the security of artificial intelligence systems and the secure application of AI in cybersecurity operations. This certification equips professionals with critical, vendor-neutral skills to understand, defend, and ethically deploy AI technologies within any organization.

Every time you check email, log into a cloud app, or perform any number of job tasks using technology, you’re a potential target for cyber threats—and a critical line of defense.
This course empowers everyday technology users like you with the awareness and habits needed to protect yourself and your organization from these threats. You’ll learn how to recognize threats, avoid common traps, and use today’s digital tools—including artificial intelligence (AI)—more safely.
Whether you’re in the office, at home, or on the move, you’ll walk away from this course with the confidence to use technology more securely. And, you’ll have the knowledge and skills to contribute to a strong culture of cybersecurity wherever you work.

The AI Hacking 101 ILT teaches students the fundamentals of penetration testing AI/LLM based applications such as customer facing chatbots.
The course focuses on demonstrating how to detect and exploit common AI vulnerabilities such as:

Prompt Injection
Sensitive Information Disclosure
Improper Output Handling
System Prompt Leakage
Misinformation
Excessive Agency

Not only will students learn about these exploits, but they will also spend hands-on time in a custom-built environment exploiting and uncovering these vulnerabilities. The online lab features the TCM Vulnerable Chatbot, a customer service chatbot that can interact with customers’ tickets and improve its responses via Retrieval Augmented Generation (RAG) using the company’s knowledge base.

The AI Fundamentals and AI Hacking 101 ILT teaches students the fundamentals of how AI works under the hood and then how to break it.
The first day of the course focuses on the fundamentals of how AI works. Students will learn and perform labs on topics such as:

How do neural networks function
Training of neural networks
The progression of AI for natural language processing
Recurrent neural networks (RNN)
Large Language Models and Attention
Self-Hosting LLMs and interacting with them programmatically

The hacking portion of the course focuses on penetration testing AI/LLM based applications such as customer facing chatbots by demonstrating how to detect and exploit common AI vulnerabilities such as:

Prompt Injection
Sensitive Information Disclosure
Improper Output Handling
System Prompt Leakage
Misinformation
Excessive Agency

Not only will students learn about these core topics and exploits, but they will also spend hands-on time in a custom-built environment training their own neural networks, tweaking LLMs, exploiting and uncovering vulnerabilities and much more. The online lab features the TCM Vulnerable Chatbot, a customer service chatbot that can interact with customers’ tickets and improve its responses via Retrieval Augmented Generation (RAG) using the company’s knowledge base.

This one-day live session will focus on teaching students web application hacking basics. The contents covered in this live training session will help students prepare for certification exams like the Practical Web Pentest Associate (PWPA), the Practical Junior Penetration Tester (PJPT), and the Practical Network Penetration Tester (PNPT).

Open-Source Intelligence (OSINT) is the bedrock of modern reconnaissance, powering everything from penetration tests to threat-hunting investigations. This immersive one-day live course equips you with the practical tools and workflows needed to collect, analyze, and leverage publicly available data safely, legally, and efficiently.
Its immersive, practice-first design sets this course apart: concise theory bursts flow straight into guided labs where you build and refine your own OSINT toolkit, and every module mirrors the reconnaissance stages of real-world penetration tests, so the techniques you master translate seamlessly to both client projects and day-to-day security tasks on the job.
This course includes an Exam Voucher for TCM Security’s Practical OSINT Research Professional (PORP) Certification. Each exam voucher includes 1 exam attempt and is valid for 12-months from the course completion date or certification release date.

The Ethical Hacker Bootcamp is an immersive, instructor-led training program designed to build practical offensive cybersecurity skills through hands-on, real-world scenarios. Ideal for organizations seeking to strengthen internal cybersecurity capabilities, the course equips professionals with the tools and techniques necessary to identify and mitigate vulnerabilities before they can be exploited. Emphasizing live instruction and direct interaction with expert practitioners, the bootcamp offers a dynamic learning environment that goes beyond traditional certification prep. The curriculum supports real-world application and prepares participants for advanced certifications such as PJPT and PNPT. This bootcamp provides a practical foundation in ethical hacking for security professionals working to improve organizational resilience against modern threats.
This course includes three Exam Vouchers for TCM Security Certifications: Practical Junior Penetration Tester (PJPT), Practical Network Penetration Tester (PNPT), and Practical OSINT Research Professional (PORP). Each exam voucher includes 1 exam attempt and is valid for 12-months from the course completion date or certification release date.

This hands-on live training is designed to take you from beginner to confident web application pentester with no prior hacking experience required. You’ll gain a solid foundation in how web apps work, how to find and exploit common vulnerabilities, and how to think like an attacker.
The primary focus is learning by doing, with each module focusing on real-world techniques. You will also receive 12-months access to the full on-demand version of the course to support the reinforcement of classroom learning objectives.
This course includes two Exam Vouchers for TCM Security’s Practical Web Pentest Associate (PWPA) and Practical Web Pentest Professional (PWPP) certifications. Each exam voucher includes 1 exam attempt and is valid for 12-months from the course completion date.

One of the most common tools to structure and organize users and computers in a business environment is Microsoft’s Active Directory. However, Active Directory also happens to be one of the most exploited tools that hackers utilize to gain access to corporate networks.
This live Active Directory training class will not only teach you the most common exploits hackers use to break into networks, it will also teach you the steps that you need to take to remediate and patch these exploits. You’ll gain practical skills and knowledge that can be immediately applied to secure your environment.

This three-day, instructor-led course provides IS auditors with the foundational knowledge and background of AI solutions to evaluate their proper governance, design, development, and security to apply their expertise in audit and assurance activities in the enterprise. The course is structured to align with the job practice and features a variety of knowledge check questions, case studies, activities, and discussions designed to apply the concepts to real-life business scenarios.

ISACA Advanced in AI Security ManagementTM (AAISM) validates security management professionals’ ability to demonstrate their expertise in AI. This credential builds upon existing security best practices to enhance expertise and adapt to the evolving AI-driven landscape, ensuring robust protection and a strategic edge.

Security Operations (SOC) 201 is an advanced course designed to elevate your ability to detect, investigate, and respond to complex cyber threats at scale. Building on the foundational skills from SOC 101, this course focuses on developing an effective investigative methodology and mastering the responsibilities of an Incident Responder or Threat Hunter.
Through hands-on labs and realistic scenarios, you’ll investigate sophisticated threats across enterprise environments, applying advanced techniques aligned with the MITRE ATT&CK framework. The curriculum emphasizes proactive threat hunting as part of a continuous detection and response cycle, helping analysts identify active threats, uncover security gaps, and improve future investigations.
By the end of the course, you’ll be equipped with the mindset, tools, and methodologies needed to confidently investigate incidents, trace root causes, and respond effectively to advanced adversaries.
This course includes an Exam Vouchers for TCM Security’s Practical SOC Analyst Professional (PSAP) certification – Launching September 2025. Each exam voucher includes 1 exam attempt and is valid for 12-months from the course completion date or certification release date.

The PNPT Accelerated Camp is an innovative program specifically designed for individuals aspiring to enter the field of ethical hacking, as well as for those seeking to enhance their professional skills. This program stands out for its focus on live training, offering a dynamic and interactive learning environment that greatly benefits students who thrive under direct instruction. Participants will receive immediate feedback and guidance from expert instructors, fostering a more engaging and effective learning experience. Whether you’re looking to kickstart a career in cybersecurity or aiming to elevate your existing professional expertise, the PNPT Accelerated Camp provides a comprehensive, hands-on approach that will prepare you for the PJPT and PNPT penetration testing certifications.
Please note that this course may meet once a week for 4 weeks.

The Information Security Administrator course equips you with the skills needed to plan and implement information security for sensitive data using Microsoft Purview and related services. The course covers essential topics such as information protection, data loss prevention (DLP), retention, and insider risk management. You learn how to protect data within Microsoft 365 collaboration environments from internal and external threats. Additionally, you learn how to manage security alerts and respond to incidents by investigating activities, responding to DLP alerts, and managing insider risk cases. You also learn how to protect data used by AI services within Microsoft environments and implement controls to safeguard content in these environments.

Take your SOC analyst skills to the next level with four full days of intensive live training, labs, and challenges designed to build the foundational skills essential for success in defensive security operations. This course provides deep, practical coverage of monitoring, detection, analysis, and incident response across key areas including phishing, network security, endpoint protection, SIEM management, threat intelligence, and DFIR (Digital Forensics and Incident Response).
By the end of the training, you’ll have a comprehensive understanding of Security Operations Center functions and investigative techniques—developed through real-world scenarios that reflect the demands placed on today’s SOC professionals.
This course includes an Exam Vouchers for TCM Security’s Practical SOC Analyst Associate (PSAA) certification. Each exam voucher includes 1 exam attempt and is valid for 12-months from the course completion date.

Cybersecurity leaders aren’t just defenders—they’re strategists. The global cybersecurity workforce gap reached 4 million professionals in 2023, highlighting urgent demand for experts who can secure and lead at the enterprise level.
CompTIA SecurityX (formerly CASP+) is the only advanced-level, hands-on cybersecurity certification designed for senior security engineers and architects who lead cybersecurity readiness, design secure architectures, and implement resilient enterprise defenses.
SecurityX is the capstone certification in the CompTIA Cybersecurity Pathway and now forms part of the CompTIA Xpert Series. This updated CAS-005 version includes performance-based questions and maps to 19 NICE Framework roles and 19 DoD Cyber Workforce roles, making it an ideal credential for defense contractors and enterprise security leaders alike.

Cybersecurity analysts are critical to protecting organizations from cyberattacks and safeguarding sensitive information. Professionals who earn the Certified Cybersecurity Operations Analyst (CCOA)™ certification, brought to you by the creators of the globally recognized Certified Information Security Manager® (CISM®), will gain a deep understanding of identifying and responding to cyberthreats and performing vulnerability assessments, as well as industry best cybersecurity practices. Leveraging applicable modern technologies, CCOA learners will develop skills through hands-on training that places them in a lab environment where they will develop techniques they will use on the job.

Implement the Microsoft Defender for Endpoint environment to manage devices, perform investigations on endpoints, manage incidents in Defender XDR, and use Advanced Hunting with Kusto Query Language (KQL) to detect unique threats.

This course takes cybersecurity practice to the next level. It is an advanced experience that builds upon the defensive skills and knowledge taught by the CyberSec First Responder® (Exam CFR-410) course. It is an applied experience in that it almost entirely consists of hands-on exercises featuring many different tools and environments.
The “”A”” in CFR-A can also refer to the cybersecurity modes this course is built around:

Attack: Simulating attacks on computing assets to test security measures and learn more about threat vectors.
Analyze: Identifying, detecting, and assessing threats to learn more about how they operate and how they affect security.
Address: Implementing countermeasures and other protections to mitigate the impact of threats to security.

Certified Ethical Hackers, trained in the latest version of CEH v13, are equipped with AI-powered tools and techniques to identify, exploit, and secure vulnerabilities in systems and networks. You’ll learn to leverage AI for automating threat detection, predicting security breaches, and responding swiftly to cyber incidents. Moreover, you’ll also gain the skills needed to secure AI-driven technologies against potential threats. This combination of ethical hacking and AI capabilities will place you at the forefront of cybersecurity, ready to defend organizations across industries from advanced threats and adapt to evolving challenges.
An Exam Voucher is included with the purchase of this course.
Amplify Your Edge as a Certified Ethical Hacker Powered by AI Capabilities:

Advanced Knowledge: As an AI-powered Certified Ethical Hacker, you’ll possess in-depth knowledge of ethical hacking methodologies, enhanced with cutting-edge AI techniques.
AI Integration: You’ll effectively integrate AI across every phase of ethical hacking, from reconnaissance and scanning to gaining access, maintaining access, and covering your tracks.
Automation and Efficiency: You’ll leverage AI to automate tasks, boost efficiency, and detect sophisticated threats that traditional methods might overlook.
Proactive Defense: With AI at your disposal, you’ll be equipped for proactive threat hunting, anomaly detection, and predictive analysis to prevent cyber-attacks before they happen.

This course will provide you with the skills that you need to understand the foundational and essential aspects of Cloud Security. You will learn the fundamentals of cloud computing and the essential aspects of securing identities, data, and applications within cloud providers and hybrid infrastructures. Put your newly acquired abilities to the test in our exhilarating Capstone project to develop the hands-on proficiencies essential for success in your cyber professional role. After completing this course, you will be prepared to move toward a career in cloud security and take the next steps in cloud security certifications.

The DevSecOps Essentials program will provide you with the foundation knowledge and essential aspects of secure application development, or DevSecOps. In this course, you will gather key insights into identifying application development risk and securing and testing applications within on-premises, cloud providers, and hybrid infrastructures. Put your newly acquired abilities to the test in an exhilarating Capstone project to develop the hands-on proficiencies essential for success in your cyber professional role. After completing this program, you will be prepared to move toward a career in secure application development.

This course will introduce learners to Computer Forensics Fundamentals as well as the Computer Forensics Investigation Process. Plan to learn about Dark Web, Windows, Linux, Malware Forensics, and so much more! The interactive labs component of this course ensures that learners receive the hands-on, practical experience required for a future in digital forensics. Put your newly acquired abilities to the test with an exhilarating Capture the Flag (CTF) Exercise seamlessly integrated in our Capstone project. This CTF is seamlessly integrated by live virtual machines, genuine software, and real networks, all delivered within a secure and regulated sandbox environment. With these exclusive hands-on, human-versusmachine CTF challenges you will develop the hands-on proficiencies essential for success in your cyber professional role.

Ethical Hacking Essentials is an introductory cybersecurity course that covers ethical hacking and penetration testing fundamentals and prepares learners for a career in cybersecurity. This ethical hacking course will introduce learners to computer and network security concepts such as threats and vulnerabilities, password cracking, web application attacks, loT and OT attacks, cloud computing, pentesting fundamentals, and more. EC-Council’s ethical hacking essentials course provides hands-on practical experience to learners, thus giving them the skills necessary for a future in cybersecurity. Put your newly acquired abilities to the test with an exhilarating Capture the Flag (CTF) Exercise seamlessly integrated in our Capstone project. This CTF is seamlessly integrated by live virtual machines, genuine software, and real networks, all delivered within a secure and regulated sandbox environment. With these exclusive hands-on, human-versus-machine CTF challenges you will develop the hands-on proficiencies essential for success in your cyber professional role.