Where Do You Want to Be in Six Months?
Each path takes you from where you are to a capability you can demonstrate. Not awareness, not theory, but the ability to design, detect, investigate, or govern in production. Every path starts with a free preview.
6 paths · 21 courses · Every course includes a free preview. Compare tiers →
What do you want to be doing in six months?
Designing and defending M365 security architecture
Writing detections and hunting threats in a SOC
Running forensic investigations and incident response
Building cross-SIEM detection across Sentinel, Splunk, and AD
Running GRC and AI-enhanced security operations
Moving into security from IT or administration
Security Engineer Path
By the end, you design and operate the identity, endpoint, and platform security stack across an M365 environment: hardened endpoints, a documented Conditional Access framework, production detections, and architecture decisions you can defend to leadership.
SOC Analyst & Detection Engineer Path
By the end, you run a detection program that catches real attacks: production KQL detections, a CI pipeline for rules, repeatable hypothesis-driven hunts, automated response, and the offensive perspective that makes your detections survive real adversaries.
Incident Responder & DFIR Path
By the end, you investigate incidents end-to-end across cloud, AWS, Windows, Linux, and macOS: from the first triage decision through forensic analysis to a report that holds up under scrutiny.
Multi-Platform Detection Path
By the end, you write and deploy detections across Sentinel (KQL), Splunk (SPL), and Active Directory, with a Sigma-based CI pipeline that converts rules to any backend. One detection methodology, multiple platforms.
GRC & Security Operations Path
By the end, you run a governance program with risk registers, compliance mappings, audit evidence packages, and board reports, enhanced with AI-assisted workflows and grounded in the security operations that make controls real.
New to Security Engineering
By the end, you've moved from IT into security engineering: M365 security operations, working KQL, a deployed endpoint security stack, and identity controls, plus the artifacts to prove it in interviews.
Not sure yet? Browse all courses.
The course catalog has search, level filters, and descriptions for every course. Find something that fits, preview it free, and come back here when you're ready to commit to a path.





















