Evidence Threats and Detection: Bootcamp Module
RCCE students will learn audit evidence collection, management, and presentation including evidence types, collection methodologies, evidence repositories, and evidence lifecycle management. RCCE students will learn to identify the types of evidence required for various compliance frameworks, develop evidence collection procedures that produce consistent and reliable results, configure automated evidence collection from security tools and systems, manage evidence repositories with proper access controls and versioning, validate evidence quality and completeness, present evidence packages to internal and external auditors, and maintain evidence retention schedules that meet regulatory requirements. This threat-focused course teaches students to think like adversaries while building robust defenses. Building on core knowledge, RCCE students will learn to analyze attack techniques, build detection logic, and implement defensive strategies that proactively identify threats before they cause damage. Students develop a threat-informed mindset that drives better security decisions across all operational activities.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Evidence Threats and Detection: Bootcamp Module
- Build detections and response workflows for privilege escalation
- Execute hands-on tasks for bootcamp module
- Execute hands-on tasks for advanced cyber defense mastery
- Explain Executive Overview fundamentals
- Execute hands-on tasks for evidence collection
- Execute hands-on tasks for evidence management — covering Threat Detection.
- Execute hands-on tasks for strategic importance of evidence management
- Monitor and audit privilege usage; detect escalation attempts
- Execute hands-on tasks for avg breach cost
- Execute hands-on tasks for compliance pass
- Execute hands-on tasks for core definitions: evidence types
| Module 01 | Evidence Threats and Detection |
| Module 02 | Bootcamp Module |
| Module 03 | Advanced Cyber Defense Mastery |
| Module 04 | Executive Overview |
| Module 05 | Evidence Collection |
| Module 06 | Evidence Management |
| Module 07 | Strategic Importance of Evidence Management |
| Module 08 | Audit Failures |
| Module 09 | Avg Breach Cost |
| Module 10 | Detection Gap |
| Module 11 | Compliance Pass |
| Module 12 | Core Definitions: Evidence Types |
| Module 13 | Evidence Collection Methodology |
| Module 14 | Evidence Lifecycle Management |
All hands-on labs run on Rocheston Rose X OS. Students practice evidence threats and detection: bootcamp module by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Build detections and response workflows for privilege escalation
- Lab 2: Execute hands-on tasks for bootcamp module
- Lab 3: Execute hands-on tasks for advanced cyber defense mastery
- Lab 4: Explain Executive Overview fundamentals
- Lab 5: Execute hands-on tasks for evidence collection
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Evidence Threats and Detection: Bootcamp Module, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI