Overview What You Will Learn Curriculum Instructor

Course Overview

Endpoints remain one of the most targeted entry points for cyberattacks, making endpoint security a critical component of modern cybersecurity programs. As organizations adopt distributed work environments and increasingly sophisticated detection technologies, securing devices requires more than traditional antivirus controls. This course provides practical knowledge and hands-on experience in endpoint protection, detection, Zero Trust implementation, and insider threat management.

This course begins with the fundamentals of endpoint security, including endpoint attack vectors, security principles, hardening techniques, baseline compliance, and security assessment using industry benchmarks. You will then explore Endpoint Detection and Response (EDR), behavior-based detection, MITRE ATT&CK mapping, telemetry collection, and investigation techniques using tools such as Sysmon, Process Monitor, osquery, and Velociraptor. The course also introduces Zero Trust Architecture concepts including identity-based access and endpoint hardening, before progressing to insider threat detection through behavioral monitoring, log analysis, Sigma-based detections, and forensic investigation workflows.

By the end of this course, you will be able to secure endpoints, investigate suspicious activity, implement Zero Trust principles, and strengthen endpoint threat detection and response capabilities.

What You Will Learn

  • Build a secure endpoint architecture from scratch.
  • Use Sysmon to monitor and detect endpoint threats.
  • Correlate logs and behaviors for advanced threat detection.
  • Apply Zero Trust principles using built-in Windows security features.
  • Detect and respond to insider threats using Sigma.

Program Curriculum

  • Module Introduction
  • What is an Endpoint and Why it Matters
  • Common Attack Vectors
  • Real-world Attacks
  • CIA Triad in Endpoint Context
  • Hardening Techniques & Best Practices
  • Endpoint vs. Network Security
  • Key Components of Endpoint Security Systems
  • Security Baseline & Compliance Standards
  • Running a Baseline Scan with CIS-CAT Lite on Windows
  • Chapter 1 Quiz

  • Module Introduction
  • From Antivirus to EDR
  • EDR Pipeline: Collect → Detect → Respond
  • MITRE ATT&CK in EDR
  • Key Artifacts: Process, File, Registry, Network
  • Sysmon Setup & Rule Tuning
  • Visualizing Endpoint Activity with Process Monitor
  • Endpoint Visibility with osquery: Architecture & Live Queries
  • Investigating a Suspicious File-based Alert with Velociraptor
  • Response Discussion and EDR Limitations
  • Chapter 2 Quiz

  • Module Introduction
  • What is Zero Trust?
  • Why Traditional Models Fail
  • Pillars of Zero Trust
  • Trust Evaluation Workflow
  • Policy Decision vs. Enforcement
  • Enterprise Reference Models
  • Hardening the Endpoint for Host Security
  • Advanced Windows Hardening: ASR, Folder Access, Exploit Protection
  • Monitoring and Tamper Protection: Logs, Audit, Baselines
  • Chapter 3 Quiz

  • Module Introduction
  • What are Insider Threats?
  • Types of Insiders & Motivations
  • Key Indicators of Insider Behavior
  • Detection via Logs and Baselines
  • Risks Posed by Privileged Users
  • Policy and Legal Considerations
  • Simulating Suspicious Activity
  • Capturing Behavior with Sysmon & Sigma
  • Investigating the Insider Trail
  • Course Wrap-up Video
  • Chapter 4 Quiz
Load more modules

Instructor

Team StarWeaver

Starweaver delivers 10x better-trained employees and students through scalable, activity-based online learning combined with live human-to-human instruction. With 70–85% course completion rates, we go beyond passive content libraries by focusing on real skill-building and professional competency. Our mission is to transform technologists into world-class experts and business professionals into tech-savvy leaders. Starweaver connects learners with a global network of live instructors and peers, driving higher engagement, satisfaction, and achievement. Our proprietary tools blend guided self-learning with real-time collaboration, ensuring learners stay motivated, capable, and truly job-ready.

Join over 1 Million professionals from the most renowned Companies in the world!

certificate

Fastest Way to Level Up Your Cybersecurity Skills

Invest in your future with flexible subscription plans that give you access to the world’s largest online cybersecurity course library. Whether you're exploring cybersecurity courses for beginners or advancing your expertise,
access in-demand courses, practical labs, and CTF challenges designed to support continuous learning.

Monthly Plans
Annual Plans
Save 20% with our annual plans!

Pro

Build your cybersecurity skills with 900+ bite-sized courses and curated learning paths designed for continuous learning.

$ 69.00
Billed monthly or $599.00 billed annually
Get Started Now
Start your 7-day trial for $1

What is included

  • 880+ Premium Short Courses
  • 70+ Structured Learning Paths
  • Validation of Completion with all courses and learning paths
  • New Courses added every month
Early Access Offer

Pro +

Develop real-world cybersecurity skills through hands-on labs and CTF challenges designed for practical learning.

$ 79.00
Billed monthly or $699.00 billed annually
Get Started Now
Start your 7-day trial for $1

Everything in Pro, Plus:

  • 1600+ Hands-on lab exercises with guided instructions
  • 150+ CTF Challenges with detailed walkthroughs
  • New Hands-on Labs and Challenges added every month

Related Courses

  • Bootstrap 4 Quick Website Bootstrap Components Course
    Short Course

    Bootstrap 4 Quick Website Bootstrap Components Course

    Software Development

    Explore the basics of Bootstrap and learn to create a website...

    $49.99

    Beginner

    1 hr 30 m

  • CCNA - Understanding Routers and Switches
    Short Course

    CCNA - Understanding Routers and Switches

    Security Architecture and Operations

    A comprehensive guide to understanding the in-depth functioni...

    $49.99

    Intermediate

    2 hr 0 m

  • The Complete Full-Stack JavaScript Course
    Short Course

    The Complete Full-Stack JavaScript Course

    Software Development

    Learn full-stack web development using JavaScript (ReactJS, N...

    $79.99

    Beginner

    24 hr 17 m

  • React.JS for Ecommerce: Building a Store with React.JS
    Short Course

    React.JS for Ecommerce: Building a Store with React.JS

    DevSecOps

    From React.js Fundamentals to Crafting an Online Storefront

    $49.99

    Advanced

    3 hr 30 m

  • CISSP Certification Domains 5, 6, 7, and 8 Video Training
    Short Course

    CISSP Certification Domains 5, 6, 7, and 8 Video Training

    Cybersecurity

    This course is ideal for individuals who desire to pass the I...

    $69.99

    Intermediate

    6 hr 30 m

  • Helm 3 - Package Manager for Kubernetes
    Short Course

    Helm 3 - Package Manager for Kubernetes

    Software Development

    A must tool for every DevOps engineer

    $49.99

    Intermediate

    1 hr 27 m

  • Learn Ethical Hacking by Hacking Real Websites Legally
    Short Course

    Learn Ethical Hacking by Hacking Real Websites Legally

    Vulnerability Assessment and Pentesting

    Fun way to learn ethical hacking by playing online hacking ga...

    $69.99

    Beginner

    4 hr 18 m

  • Mastering Ansible Playbooks: Debugging and Security
    Short Course

    Mastering Ansible Playbooks: Debugging and Security

    Software Development

    Securing and Automating Linux and Windows Systems with Advanc...

    $99.99

    Advanced

    5 hr 34 m

1 50
View all