SecureSetu Cyber Academy
Structured Learning. Measurable Competency.
SecureSetu Cyber Academy delivers governance-aligned training programs designed for every organizational layer — from board directors and C-suite executives to SOC analysts, developers, and offensive security operators. Each program produces measurable competency outcomes, not attendance certificates.
Board-Level Cyber Awareness
CXO Governance Workshop
SOC Analyst Development Program
DevSecOps Secure Coding Program
Red Team Operations Lab
Training Programs
Five Programs. Every Organizational Layer.
Each program follows a structured curriculum with defined learning objectives, hands-on exercises, competency assessments, and certification — designed to produce measurable capability improvement, not passive knowledge transfer.
Board-Level Cyber Awareness
A structured awareness program designed for board governance committees — translating cyber risk into boardroom language, establishing governance responsibilities, and equipping directors with the knowledge to ask informed questions about organizational cybersecurity posture.
CURRICULUM MODULES
Cyber risk as business risk — translating technical threats into financial and operational impact
Board governance responsibilities under RBI IT Governance Guidelines and DPDP Act 2023
Reading and interpreting cybersecurity dashboards, maturity scorecards, and risk registers
Questioning frameworks — what boards should ask their CISO and how to evaluate responses
Cyber insurance governance — understanding coverage, exclusions, and claim requirements
Incident response governance — board role during and after cyber events
CXO Governance Workshop
An executive workshop designed for the C-suite — establishing cross-functional cybersecurity governance responsibilities, regulatory obligations, and strategic decision-making frameworks for leaders who influence security posture through budget, policy, and operational decisions.
CURRICULUM MODULES
Cybersecurity as enterprise risk — integration with operational risk, financial risk, and strategic risk frameworks
Regulatory landscape for CXOs — DPDP Act personal liability, RBI mandates, CERT-In obligations
Cross-functional security governance — HR (insider threat), Legal (incident response), Finance (fraud), Operations (OT security)
Vendor and third-party risk governance — CXO responsibilities in outsourcing and partnership decisions
Crisis management and communication — executive role in cyber incident response and stakeholder communication
Cyber investment decision frameworks — ROI measurement, risk reduction quantification, and budget prioritization
SOC Analyst Development Program
A structured SOC analyst development program covering the full detection-investigation-response pipeline — from alert triage and SIEM correlation to advanced threat hunting, SOAR playbook development, and MITRE ATT&CK-mapped detection engineering.
CURRICULUM MODULES
SIEM architecture and log source integration — understanding data pipelines and correlation logic
Alert triage methodology — structured investigation procedures for Tier 1 analysts with escalation criteria
Detection engineering — writing correlation rules, developing detection logic, and mapping to MITRE ATT&CK
SOAR playbook development — automating repetitive response actions and enrichment workflows
Threat hunting fundamentals — hypothesis-driven hunting campaigns using EDR, network, and cloud telemetry
Incident investigation — timeline reconstruction, artifact analysis, and structured investigation reporting
MITRE ATT&CK applied — using the framework for detection coverage analysis and adversary profiling
Threat intelligence integration — consuming, contextualizing, and operationalizing threat intelligence feeds
DevSecOps Secure Coding Program
A hands-on secure coding program designed for development teams — covering secure architecture, OWASP Top 10 prevention, CI/CD pipeline security integration, container security, and supply chain governance within real-world development workflows.
CURRICULUM MODULES
Secure architecture principles — threat modeling, security design patterns, and defense-in-depth for applications
OWASP Top 10 deep dive — understanding, identifying, and preventing the most critical web application security risks
Secure coding practices — input validation, output encoding, authentication, session management, and cryptography
CI/CD pipeline security — integrating SAST, DAST, SCA, and secrets detection into automated build pipelines
Container security — Docker image hardening, Kubernetes security, and runtime protection configuration
API security engineering — authentication, authorization, rate limiting, and input validation for API endpoints
Supply chain security — SBOM generation, dependency vulnerability tracking, and third-party component governance
Security code review — conducting effective peer reviews with security focus and using automated review tools
Red Team Operations Lab
An advanced offensive security program covering full-scope red team operations — from reconnaissance and initial access through persistence, lateral movement, privilege escalation, and objective completion — with structured methodology aligned to MITRE ATT&CK and real-world adversary tradecraft.
CURRICULUM MODULES
Reconnaissance and OSINT — structured information gathering methodologies for target profiling
Initial access techniques — phishing campaigns, web application exploitation, and external service compromise
Post-exploitation and persistence — establishing command and control, persistence mechanisms, and defensive evasion
Lateral movement — network pivoting, credential harvesting, and domain escalation techniques
Privilege escalation — local and domain privilege escalation across Windows and Linux environments
Active Directory attack paths — Kerberoasting, AS-REP roasting, delegation abuse, and trust exploitation
Cloud attack techniques — AWS, Azure, and GCP exploitation including IAM abuse and metadata attacks
Purple team collaboration — translating offensive findings into defensive detection and response improvements