Learn how to protect and monitor the web, the ecosystem every organisation relies upon to deliver its services, all in a series of SOC-oriented labs and real-world scenarios.

In this module, you will learn how the web works and how modern web threats can affect both end users and application owners. You will use network captures, raw logs, and SIEM to understand how different web attacks unfold and how to detect them in a SOC. Beyond the logs, you will explore not just how to detect threats but also how to stop them with tools like WAF and CDN.

Web Security Essentials

Learn how the web works, common website security risks, and protections for a safer internet.

Detecting Web Attacks

Explore web attacks and detection methods through log and network traffic analysis.

Detecting Web Shells

Explore web shell detection by analyzing logs, file systems, and network traffic.

Detecting Web DDoS

Explore denial-of-service attacks, detection techniques, and strategies for protection.

Topic Rewind Recap

Lock in what you learned with a recap. Earn points and keep your streak.

Upload and Conquer

An old, forgotten upload page on an e-commerce website becomes every hacker's dream when it pops up ...

Next steps

Windows Security Monitoring

Learn how Windows logging works and how you can use it to detect common Windows attacks - all through real-world examples and challenging, hands-on threat detection labs.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.