What is penetration testing and why is it important?

Penetration testing, or pen testing, is the process of simulating cyberattacks to identify vulnerabilities in an organization's security systems. It helps businesses strengthen their cybersecurity defenses by revealing weaknesses before malicious hackers can exploit them. Regular pen testing is crucial for maintaining data security and meeting compliance standards.

How does threat hunting differ from penetration testing?

Threat hunting is a proactive cybersecurity strategy where experts search for potential threats within an organization's network, even if no alarm has been triggered. Unlike penetration testing, which focuses on identifying vulnerabilities through simulated attacks, threat hunting seeks out hidden or advanced threats that may bypass traditional security measures.

How do penetration testing and threat hunting improve cybersecurity?

Penetration testing helps organizations strengthen their cybersecurity by identifying and addressing vulnerabilities before they can be exploited by attackers. Threat hunting, on the other hand, proactively seeks out hidden or advanced threats that evade traditional security measures. Together, these practices enhance an organization's ability to detect, prevent, and respond to cyberattacks, ensuring a more robust and resilient security posture.

What is the role of cryptography in cybersecurity?

Cryptography plays a key role in protecting sensitive information and converting it into formats that are unreadable or inaccessible to unauthorized users. It enhances the confidentiality, integrity, and authenticity of digital communications. Cryptography also helps secure transactions, personal data, and private communications from cyberattacks. It is widely used in applications such as secure online banking, encrypted messaging apps, digital signatures, and virtual private networks (VPNs).

When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I subscribe to this Certificate?

When you enroll in the course, you get access to all of the courses in the Certificate, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Penetration Testing, Threat Hunting, and Cryptography

4 days left! Save on skills that make you shine with 40% off 3 months of Coursera Plus. Save now

Penetration Testing, Threat Hunting, and Cryptography

This course is part of multiple programs.

Instructors: Dr. Manish Kumar

115,043 already enrolled

Included with

Learn more

6 modules

Gain insight into a topic and learn the fundamentals.

2,532 reviews

Intermediate level

Recommended experience

Flexible schedule

2 weeks at 10 hours a week

Learn at your own pace

92%

Most learners liked this course

6 modules

Gain insight into a topic and learn the fundamentals.

2,532 reviews

Intermediate level

Recommended experience

Flexible schedule

2 weeks at 10 hours a week

Learn at your own pace

92%

Most learners liked this course

What you'll learn

In-demand penetration and threat hunting skills, supported by hands-on practice that employers are looking for on a resume.
Hands-on experience applying the principles of penetration testing using tools, such as OWASP ZAP and SNYK.
How to create penetration testing reports and integrate AI to perform advanced threat hunting and threat intelligence.
Use cryptography and cryptanalysis techniques like encryption and hashing to ensure data integrity and confidentiality.

Skills you'll gain

Tools you'll learn

MITRE ATT&CK Framework

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

15 assignments¹

AI Graded see disclaimer

Taught in English

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is available as part of

When you enroll in this course, you'll also be asked to select a specific program.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

There are 6 modules in this course

The cost of a security breach averages nearly $5M (IBM) and is increasing every year. So, businesses are always looking for professionals who can anticipate threats and prevent them. This IBM Penetration Testing, Threat Hunting, and Cryptography course builds expertise in identifying vulnerabilities, protecting assets, and using AI and cryptography techniques to strengthen an organization’s cybersecurity posture.

During the course, you’ll explore the penetration testing phases and gain practical experience performing software pen testing and scanning code repositories. You’ll also learn to create comprehensive pen testing reports, perform threat hunting, and integrate AI into threat intelligence. Plus, you’ll learn to leverage Cyber Threat Intelligence (CTI) frameworks for effective threat identification. Finally, you’ll explore cryptography, including encryption, decryption, and hashing techniques, while also learning about common cryptographic attacks and cryptanalysis methods. To complete the hands-on labs and project, you’ll require a laptop or desktop and basic knowledge of networking and cybersecurity. This course is ideal for existing and aspiring cybersecurity professionals looking to enhance their skills and advance their careers. It is recommended that you have fundamental knowledge of IT systems and cybersecurity principles prior to starting this course. If you’re looking to build in-demand cybersecurity skills in threat prevention, enroll today! In five weeks, you’ll add penetration testing, threat hunting, and cryptography to your resume.

Module details

This module provides an overview of the different phases of penetration testing, which includes planning, discovery, attack, verification, and reporting. You'll also learn about the fundamental concepts of penetration testing and its importance. The module will focus on the planning and discovery phases. The planning phase will cover the rules of engagement, which ensure penetration tests are conducted ethically and legally. Then, in the discovery phase, you will be introduced to passive and active reconnaissance methods and Google Dorking.

What's included

5 videos2 readings3 assignments7 plugins

5 videosTotal 33 minutes

Course Introduction 4 minutes
What is Penetration Testing?8 minutes
Penetration Testing Phases 7 minutes
Penetration Testing: Planning Phase 8 minutes
Penetration Testing: Discovery Phase6 minutes

2 readingsTotal 8 minutes

Course Overview 5 minutes
Summary and Highlights: Penetration Testing: Planning and Discovery Phases3 minutes

3 assignmentsTotal 50 minutes

Graded Quiz: Penetration Testing: Planning and Discovery Phases30 minutes
Practice Quiz: Penetration Testing Planning10 minutes
Practice Quiz: Penetration Testing Discovery10 minutes

7 pluginsTotal 63 minutes

Helpful Tips for Course Completion3 minutes
Uncovering Penetration Testing Myths5 minutes
Activity: Phases of the Penetration Testing Challenge15 minutes
Reading: Examples of Passive and Active Reconnaissance 5 minutes
Reading: Google Dorking 5 minutes
Lab: Practicing Google Dorking Commands20 minutes
Module Glossary: Penetration Testing: Planning and Discovery Phases10 minutes

This module focuses on the attack phase of penetration testing. You will learn about the key actions involved in the attack phase, including running exploits, bypassing defenses, gaining elevated privileges, and initiating post-attack activities. You will also explore various penetration testing tools and perform port and website scans using online penetration tools. Further, you will solidify your understanding of port scanning, network scanning, and network protocol analyzers through hands-on labs.

What's included

3 videos1 reading3 assignments3 app items3 plugins

3 videosTotal 20 minutes

Penetration Testing: Attack Phase6 minutes
Port Scanning7 minutes
Overview of Network Protocol Analyzers7 minutes

1 readingTotal 5 minutes

Summary and Highlights: Penetration Testing: Attack Phase 5 minutes

3 assignmentsTotal 46 minutes

Graded Quiz: Penetration Testing: Attack Phase 30 minutes
Practice Quiz: Penetration Testing: Attack Phase6 minutes
Practice Quiz: Port Scanning and Network Protocol Analyzers10 minutes

3 app itemsTotal 85 minutes

Lab: Port Scanning with NMap20 minutes
Lab: Port Scanning with NMap GUI20 minutes
Lab: Network Protocol Analyzers45 minutes

3 pluginsTotal 65 minutes

Reading: Penetration Testing Tools5 minutes
Lab: Port Scanning with Pen-test Tools45 minutes
Module Glossary: Penetration Testing: Attack Phase 15 minutes

This module focuses on the reporting phase of penetration testing, while introducing the concepts of software and application pen testing. You will learn how to scan code repositories for vulnerabilities and understand its benefits. You will also understand the importance of the reporting phase, create comprehensive penetration testing reports, and implement the Penetration Testing Execution Standard (PTES) framework, which provides insights into industry standards for reporting.

What's included

3 videos1 reading3 assignments5 plugins

3 videosTotal 20 minutes

Software and Application Pen Testing7 minutes
Scanning Code Repositories 5 minutes
Penetration Testing: Reporting Phase8 minutes

1 readingTotal 5 minutes

Summary and Highlights: Penetration Testing: Reporting Phase 5 minutes

3 assignmentsTotal 50 minutes

Graded Quiz: Penetration Testing: Reporting Phase 30 minutes
Practice Quiz: Software Penetration Testing10 minutes
Practice Quiz: Penetration Testing Reporting 10 minutes

5 pluginsTotal 69 minutes

Lab: Getting Started with GitHub (Optional)15 minutes
Lab: Using SNYK to Scan Your Code Repository (Optional)30 minutes
Reading: PTES Framework 4 minutes
Activity: PTES framework 15 minutes
Glossary: Penetration Testing: Reporting Phase5 minutes

This module provides an overview of threat hunting practices and the role of threat intelligence in cybersecurity. You will explore various threat intelligence sources and learn how to review recent security threat reports using IBM X-Force Threat Exchange. You'll also learn about threat intelligence platforms, security information and event management (SIEM) systems, threat intelligence frameworks, and threat hunting models. Additionally, you'll gain insights into the role of AI in enhancing threat intelligence and hunting capabilities.

What's included

5 videos1 reading3 assignments7 plugins

5 videosTotal 33 minutes

Threat Hunting Overview 8 minutes
Threat Intelligence Overview 5 minutes
Security Information and Event Management7 minutes
AI in Threat Intelligence and Threat Hunting5 minutes
Threat Intelligence Framework Overview 7 minutes

1 readingTotal 4 minutes

Summary and Highlights: Threat Hunting and Threat Intelligence 4 minutes

3 assignmentsTotal 50 minutes

Graded Quiz: Threat Hunting and Threat Intelligence 30 minutes
Practice Quiz: Threat Hunting and Intelligence 10 minutes
Practice Quiz: Threat Intelligence Platforms and Frameworks 10 minutes

7 pluginsTotal 47 minutes

Reading: Threat Intelligence Process3 minutes
Activity: Implement Threat Intelligence15 minutes
Reading: Threat Intelligence Sources 4 minutes
Lab: Review X-Force Exchange Threat Reports5 minutes
Reading: User and Entity Behavior Analytics5 minutes
Reading: Use Cases of the MITRE ATT&CK Model and the Diamond Model of Intrusion Analysis5 minutes
Glossary: Threat Hunting and Threat Intelligence 10 minutes

This module delves into the fundamental concepts and practices of cryptography, covering essential techniques for ensuring data integrity, confidentiality, and authenticity. You will gain insights into symmetric and asymmetric encryption algorithms like AES and RSA, as well as hashing techniques. The module also examines key management practices and crucial cryptographic techniques, such as securing SSL/TLS. Further, it addresses common cryptographic attacks and cryptanalysis techniques, providing a comprehensive understanding of cryptographic solutions for enhancing organizational security.

What's included

7 videos1 reading3 assignments2 app items7 plugins

7 videosTotal 40 minutes

Importance of Cryptography6 minutes
Overview of Encryption, Decryption, and Hashing7 minutes
Symmetric and Asymmetric Encryption6 minutes
Common Cryptographic Attacks7 minutes
Securing SSL/TLS and Strengthening Key Management4 minutes
Cryptanalysis and Its Impact on Encryption7 minutes
IBM Quantum Safe Cryptography Solutions3 minutes

1 readingTotal 3 minutes

Summary and Highlights: Cryptography: Principles and Techniques3 minutes

3 assignmentsTotal 50 minutes

Graded Quiz: Cryptography: Principles and Techniques30 minutes
Practice Quiz: Introduction to Cryptography 10 minutes
Practice Quiz: Cryptographic Attacks10 minutes

2 app itemsTotal 60 minutes

Lab: Symmetric Encryption Using AES30 minutes
Lab: Asymmetric Encryption Using RSA30 minutes

7 pluginsTotal 57 minutes

Evolution of Cryptography 15 minutes
Reading: Essentials of Cryptography and Security 5 minutes
(Optional) Lab: End of Encryption/Decryption (RSA Algorithm)5 minutes
Reading: Cryptographic Algorithms, Applications, and Attacks 10 minutes
(Optional) Lab: Cryptanalysis Attack5 minutes
Reading: Quantum-Safe Cryptography7 minutes
Glossary: Cryptography: Principles and Techniques10 minutes

In this module, you will apply the knowledge gained in the course in a final project. The module also wraps up the course learning and highlights key takeaways and next steps.

What's included

1 video2 readings1 peer review2 app items4 plugins

1 videoTotal 7 minutes

Course Highlights and Key Takeaways7 minutes

2 readingsTotal 6 minutes

Congratulations and Next Steps5 minutes
Thanks from the Course Team1 minute

1 peer reviewTotal 60 minutes

Option 2: Peer Graded - Final Project Submission and Evaluation60 minutes

2 app itemsTotal 90 minutes

Final Project: Part 2 - Secure Information Using Symmetric Encryption30 minutes
Option 1: AI Graded - Final Project: Submission and Evaluation60 minutes

4 pluginsTotal 27 minutes

Final Project Overview2 minutes
Reading: Final Project Submission Guidelines and Deliverables5 minutes
Final Project: Part 1 - Perform Vulnerability Analysis and Penetration Testing5 minutes
Course Glossary: Penetration Testing, Threat Hunting, and Cryptography15 minutes

Earn a career certificate

Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.

Instructors

Instructor ratings

(652 ratings)

Dr. Manish Kumar

IBM

8 Courses211,365 learners

IBM Skills Network Team

92 Courses1,996,922 learners

Dee Dee Collette

IBM

11 Courses734,202 learners

Offered by

IBM

Learner reviews

5 stars
74.10%
4 stars
18.43%
3 stars
4.26%
2 stars
1.57%
1 star
1.61%

Showing 3 of 2532

Reviewed on May 6, 2025

Professional insights and valuable course to be honest, I developed my skills and my passion grows now due to this outstanding course and the lab was enjoyable as well. Thanks from bottom of my heart.

Reviewed on Oct 18, 2022

Muy bien estructurado, es un paso general por los conceptos de las pruebas de penetracion y respuesta a incidentes. Se hace necesario estudiar por cuenta propia si se quiere profundizar en alguno.

Reviewed on Jun 10, 2024

I've learned more than in the Internet videos, the explanation and examples helps to practice and understand how to think, scratch and create a script in Python.

View more reviews