CAS Cyber Security Analytics & Defense Expert («CSACAS»)

• Using useful hacking tools and frameworks and assessing the risks they pose Testing IT systems, networks and web applications for vulnerabilities
• Simulating and analysing targeted attacks on employees, IT systems, networks and web applications
• Finding targeted artefacts and determining indicators of compromise
• (IoC) (IoC)
• Incorporating offensive findings into cyber security strategies
• Implementing known and novel exploiting techniques
• Testing security measures against exploits in test environments (hacking labs)
• Sharpening analytical skills against targeted attacks
• Understanding and quickly recognising attack patterns
• Commissioning a lab environment (Windows Active Directory) to simulate/practice common attacks
• Identifying the individual TTPs (tactics, techniques and procedures) of a cyber attack and assigning them to the enterprise matrix of the MITRE ATT&CK® framework
• Analysing and interpreting the test results of security testers according to OSSTMM, for example to calculate the benchmark risk assessment value (RAV) or to identify incorrect results
• Preparing for the OSSTMM Professional Security Analyst exam

The Swiss economy relies on secure digitalisation to maintain and expand its competitive advantages. With its strong practical focus, the CAS Cyber Security Analytics & Defence Expert training course prepares participants for in-demand cyber security roles, particularly in security operation centres (SOCs). Analysts with technical and methodological cyber security skills are in particularly high demand. We develop both technical and methodological expertise. Our graduates can communicate and present results in a way that is suitable for businesses. We demand results and recommendations that are fit for business (ISO 27001).

The CAS Cyber Security Analytics & Defence Expert training course enables experienced IT specialists to acquire the skills necessary to recognise and quickly assess complex attack scenarios. We combine incident analysis with offensive attack techniques because we believe this is the only way to recommend appropriate, targeted defensive measures. This is what sets us apart. You will learn about the latest attack methods on Linux and Windows environments (mobile and stationary). Current attack scenarios involving hardware implants and wireless technologies are also covered.

Through our proactive, hands-on approach, participants will learn the same hacking skills as attackers, equipping them with the ability to analyse complex attack patterns. The OSSTMM Professional Security Analyst (OPSA) certification also involves methodically evaluating results and converting them into business-friendly metrics, such as RAV (Risk Assessment Value) and STAR (Security Test Audit Report). This is the only way to assess and address risks in accordance with ISO 27001.

Consists of the following modules

• Cyber Security Analyst & Investigator – Hands-On/AI («CSA1»)
• Cyber Security Tester – Hands-on Professional («HAK2»)
• Cyber Security Tester/Analyst – Hands-On Exploiting («HAK4»)
• Windows Domain Hacking & Security Hands-On («CYBADE»)
• OSSTMM Professional Security Analyst Fast Track («TSA»)
• Exam Preparation, Exam and Final Presentation

The training course is designed in a blended learning format. The learning design includes preparatory self-study assignments, homework, exam preparation, exams and transfer assignments. The courses consist of interactive training with group work, discussions and presentations. The study concept places particular emphasis on practical implementation.

This CAS training course is aimed at security analysts, testers, engineers, consultants and system administrators with responsibility for security. Thanks to its comprehensive knowledge base and practical, in-depth, hands-on training, the course is particularly well-suited to managers and employees of Cyber Defence and Security Operations Center (SOC) organisations.

Federal certificate, a federal diploma, an HF diploma, a university degree (university or FH, bachelor's or master's) or at least 3 years of professional experience in IT.

Experience in projects and in the daily use of information technologies, IT systems and networks is required. Basic knowledge of programming (scripting) is also desirable.

CAS Cyber Security experts no longer need to attend the Cyber Security Tester – Hands-on Professional course. To obtain the 15th ECTS credit, attend the IT Basic Protection course in the above-mentioned programme. For more information, please contact our client advisors at info@digicomp.ch.

Admission to the CAS exam

All CAS modules must be completed and the OSSTMM Professional Security Analyst exam must be passed.

Exam and presentation

The two-day exam in the exam lab is practice-oriented and very demanding. All practical skills acquired are required in various attack simulations. In addition to the exam, an OSSTMM-compliant analysis report with recommendations must be prepared as a transfer task and submitted to the exam experts. At the end of the exam, the analysis team gives a management-ready presentation of the analysis results and corresponding recommendations to the exam experts. The final grade is based on the analysis report and the presentation.

ECTS credits

The CAS and 15 ECTS credits will be awarded by HWZ University of Applied Sciences in Business Administration Zurich upon satisfactory completion of the course.

• CAS Cyber Security Expert («INFCSE»)

Module sequence/dates

The modules must be taken in the given sequence. You can choose the dates for each module.

Credits and compulsory attendance

Credits from other institutions cannot be transferred towards admission to the certificate course. Attendance is compulsory.

Extension of the submission deadline

Late submission of assignments and reports will result in failure. A new topic must be submitted for a retake.

CAS and ECTS credits are awarded by HWZ University of Applied Sciences in Business Administration Zurich.