6 Mounts



academic hours


Course Opening Date

Tue + Thu 17:30-21:00

Days & Hours

  • About the course
  • Credentials
  • Certifications
  • Study Divisions
  • Lecturers
  • Media
  • More Courses


About the curriculum

The CSTP program is designed to train cyber security experts who can advise, guide and make decisions in data protection, technological-tactical (without administrative-administrative) tasks. The program will provide students with a deep understanding of strategies, tactics, techniques, and best practices in these fields, including knowledge of attack and intelligence.

In addition to professional knowledge, the program prepares its participants for the internationally sought-after certification exams: SSCP certification and the main part of the CISSP certification.

The course deals with the strategic levels and combines the knowledge and disciplines required for an expert and a cyber architect.

The track will give the graduate the ability to deal with the role of cyber security architect, provide him with the ability to plan a cyber security system, choose the right components, implement them with the chosen technique, track and monitor events, analyze and understand events, respond immediately and appropriate to events and initiate "order" in the organization’s cyber security activities.

The essence of the profession:

Cyber Security Technologies Solution Planning in the organization, combining security technologies and methods.

Adapting and integrating protection products into the computer infrastructure, including storage arrays and backup methods.

Accompanying the handling of security events in the technological aspect.

All of this, while recognizing and understanding the activity, needs and organizational goals.

Read more


Program Purpose

The program’s goals: High specialization in the cyber world, providing advanced capability for planning cyber security systems and professional responsibility in the field of business risks.

This program is the first part of the CISO program of the Cyber Defense Technology and Methodology Administration’s broad curriculum.

Read more


Format and nature of studies

Hybrid learning - Two lessons per week from 17:30-21:00, online (live) and frontal lessons, according to each class's schedule.

Read more


Target Audience

Those with practical infrastructure knowledge - operating systems and communications, basic and higher knowledge in cybersecurity tools and systems in addition bachelor's or master's degree in computer science, software/hardware engineering or information systems management. 

The track is not suitable for beginners.

Read more


Admission conditions

Infrastructure knowledge and experience - systems and communications, preferably knowledge of cyber systems or development. Experience cybersecurity practitioners (CSP) or graduates of proven supervised studies for the profession, full matriculation certificate, good English.

Academic degree - advantage.

Personal interview to confirm suitability for the course.

Read more



15,000NIS + 400NIS registration fee


Read more


Post-course work

An information security planner from a technological-tactical perspective.

Read more


Curriculum Tasks

80% attendance requirement.

Each module must meet an internal test or work score of at least 70%

Read more


How does the program stand out?

The main security burden is not assigned to implementors, but rather to the security array designer, an architect or CISO, who also directs implementor and manages the "Battle of Cyber Security". Every organization needs its backbone, and small organizations that can't afford this kind of specialist get this service through consulting companies.


The increasing demand for educated and knowledgeable architects-consultants necessitates a broad and very deep background, as part of an organized methodology to take over the vast amount of information, and this is the essence of the CSTP architecture chapter of the CISO program.


In 2004, the U.S. Department of Defense (DoD) issued Directive No. 8570.1 on: “Information Security Training, Certification and Personnel Management”.


The provision requires that every technical or administrative professional in information security is trained and certified in accordance with a clear standard, to enable effective protection of information, information systems and information infrastructure of DoD and to define groups of subjects and levels of proficiency. [Instruction 8570.1].

Read more


More about the program

Advanced cybersecurity professions and positions are:

Cyber Security Practitioner

Technology Specialist (Architect - Cyber Security Technology Expert)

Cyber Security Methodology Expert - Expert in Methodology and Governance

Cyber Security Penetration Testing Expert

Cyber Investigations Expert (Cyber Research Expert)

The role which involves the design of an information security architecture is often referred to as "cyber security architect" and the role is often mistaken for "information security consultant".

The architect is the "thinker" who designs technical defenses on aspects of technology and technique, from an in-depth knowledge of hacker capabilities and potential vulnerabilities. The cyber headquarters regards this profession as the most essential component of the cyber-unit profession.

Read more





Study Divisions

Main Topics for this Session:
Exploring Cybersecurity incidents of recent years (Use Cases / Case Studies)
Introduction to Cybersecurity management
Anchoring terminologies and definitions
Introducing the role of the CISO

The technological chapter of the course covers key issues of security engineering using plans, designs, and principles, evaluating and reducing vulnerabilities of information systems, basic concepts of security models and security architectures in critical areas such as access control, cloud systems, cryptography, system penetration (ransomware, fault injection and more) and virtual systems. The tools and techniques complement each other as part of the technological response to threats, in the layer of operating systems, communications, applications, special environments such as cloud and mobile and end stations:

  • Cryptography
  • Network Security - Network Access Control and Remote Access
  • Application Security
  • Access Control
  • Virtualization Security
  • Introduction to Cloud Computing and Security 
  • Hardware Security
  • System Security
  • IOT Security
  • Advanced Cyber Security Technical Controls
  • SCADA Security
  • Integrated Technological Architecture
  • Unlocking the Power on Artificial Intelligence: Enhancing Cybersecurity for CISOs
  • CISO-TECH Students Seminar

Knowing only the functionality of the various tools is not enough. We must learn to "play" the game. There is no practical possibility to understand the ways of defense, without recognizing the ways of the attacker. This chapter deals with knowing the world of both techniques and tools for Penetration Testing tasks. The chapter details the classic threats on information assets, caused by a malicious human factor. The world of attacks and intelligence is studied in order to get to know the threats, vulnerabilities, techniques, and technologies used by the attacker:


  • Hacking Defined - Introduction
  • Hacking Methodologies and Passive Reconnaissance - info oriented
  • Passive Reconnaissance - tech oriented
  • Active Reconnaissance and get into systems (exploitation)
  • Post Exploitation: Tools and Techniques
  • Web Application Security
  • Business-logic
  • PT report

Incident Response refers to the process by which an organization handles and manages the consequences of a security breach or cyber-attack, also known as an "incident". The goal is not only to manage the situation so that the damage is limited, and the recovery time and costs are reduced, but also to ensure that similar events do not happen again. The response to the incident must be quick, well-coordinated and systematic to prevent further damage and return the systems to their normal function.

Incident response is an integral part of an overall cybersecurity strategy, which includes various components, such as: preparation, detection and analysis, containment, eradication and recovery. The process does not end after the incident is resolved, as organizations need to learn from the incident to prevent future attacks. Understanding the response to the event paves the way for a more detailed examination of its various aspects. This chapter in the course deals with knowing the monitoring and response systems and other aspects, such as damage analysis, incident investigation and threat intelligence:

  • Introduction to Incident Response
  • Introduction to SIEM
  • Malware Analysis
  • Cyber Forensics
  • Cyber Threat Intelligence