Identity-Centric Security Architecture
RCCE students will learn how identity becomes the primary control plane for modern security architectures across workforce, customer, partner, and machine access. RCCE students will learn to design architectures around strong authentication, authorization boundaries, federation, conditional access, token security, and least-privilege identity workflows that support zero-trust operating models. The course covers practical scenarios ranging from identity placement in architectures to access path design, trust decisions, and governance. RCCE students will learn to analyze complex systems and think like an attacker to better defend the organization. This comprehensive course delivers practical knowledge applicable to real-world cybersecurity operations. Starting from foundational concepts, RCCE students will learn through a combination of concept explanation, practical demonstration, and hands-on exercises.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Identity-Centric Security Architecture
- Design a scalable privilege management architecture with policy and enforcement
- Explain Course Overview and Learning Objectives fundamentals
- Execute hands-on tasks for what you will learn
- Execute hands-on tasks for skills you will build — covering Course Structure.
- Integrate privilege controls with identity providers and SIEM telemetry, including Network perimeter dissolved by cloud and remote, and From network-centric to identity-centric controls.
- Design a scalable privilege management architecture with policy and enforcement, including Network perimeter dissolved by cloud and remote, and From network-centric to identity-centric controls.
- Execute hands-on tasks for customer (ciam) — covering External users and consumers.
- Execute hands-on tasks for machine / workload — covering Service accounts, APIs, bots.
- Integrate privilege controls with identity providers and SIEM telemetry
- Execute hands-on tasks for control plane components
- Integrate privilege controls with identity providers and SIEM telemetry, including Identity Provider (IdP) as central authority, and Token issuance and validation at every hop.
- Integrate privilege controls with identity providers and SIEM telemetry, including Token issuance and validation at every hop.
| Module 01 | Security Architecture |
| Module 02 | Course Overview and Learning Objectives |
| Module 03 | What You Will Learn |
| Module 04 | Skills You Will Build |
| Module 05 | Why Identity-Centric? |
| Module 06 | The Shift in Architecture |
| Module 07 | Customer (CIAM) |
| Module 08 | Machine / Workload |
| Module 09 | The Identity Control Plane |
| Module 10 | Control Plane Components |
| Module 11 | Data Plane Integration |
| Module 12 | Identity Provider (IdP) as central authority |
| Module 13 | Policy Enforcement Points (PEPs) at resources |
| Module 14 | Authentication Architecture — Factors and Flows |
All hands-on labs run on Rocheston Rose X OS. Students practice identity-centric security architecture by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Design a scalable privilege management architecture with policy and enforcement
- Lab 2: Explain Course Overview and Learning Objectives fundamentals
- Lab 3: Execute hands-on tasks for what you will learn
- Lab 4: Execute hands-on tasks for skills you will build
- Lab 5: Integrate privilege controls with identity providers and SIEM telemetry
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Identity-Centric Security Architecture, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI