Starweaver
Mastering Endpoint Security & Threat Defense
Starweaver

Mastering Endpoint Security & Threat Defense

Starweaver
Rohit Mukherjee

Instructors: Starweaver

Included with Coursera Plus

Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

9 hours to complete
Flexible schedule
Learn at your own pace
Gain insight into a topic and learn the fundamentals.
Intermediate level

Recommended experience

9 hours to complete
Flexible schedule
Learn at your own pace

What you'll learn

  • Apply endpoint security principles to evaluate architectural components, identify common attack vectors, and implement baseline hardening techniques.

  • Configure endpoint telemetry tools to collect and interpret suspicious system activity.

  • Configure native Windows security controls to enforce Zero Trust at the endpoint level.

  • Analyze endpoint behavior to detect and respond to potential insider threats.

Details to know

Shareable certificate

Add to your LinkedIn profile

Recently updated!

September 2025

Assessments

4 assignments¹

AI Graded see disclaimer
Taught in English

See how employees at top companies are mastering in-demand skills

 logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

There are 6 modules in this course

In this course, you’ll learn how to build and manage endpoint security as the first line of defense in today’s threat landscape. You’ll focus on designing secure endpoint architectures, applying Zero Trust principles, and using tools like Sysmon, Sigma, and Velociraptor to detect and investigate threats. Through expert-led instruction, real-world scenarios, and hands-on labs in virtual environments, you’ll gain the skills to monitor processes, analyze alerts, and respond to insider and external threats. By the end, you’ll be equipped to think like a SOC analyst, correlate logs and behaviors, and implement practical defenses that protect endpoints and strengthen overall cybersecurity posture.

What's included

1 video1 reading1 plugin

In this module, you’ll learn why endpoints are a critical focus in cybersecurity and how attackers often exploit them to reach organizational data. You’ll explore endpoint types, common attack vectors, the CIA triad, and baseline hardening principles, and analyze real-world attack scenarios to see these concepts in action. You’ll also work with CIS-CAT Lite in hands-on labs to assess configurations and understand how architectural components like agents and policy engines interact. Finally, you’ll apply foundational security practices to strengthen baseline defenses and build a resilient endpoint environment.

What's included

10 videos1 reading1 assignment1 peer review2 discussion prompts

In this module, you’ll learn how Endpoint Detection and Response (EDR) strengthens modern security beyond traditional antivirus solutions. You’ll explore how EDR collects and analyzes telemetry, apply frameworks like MITRE ATT&CK to shape detection strategies, and practice using tools such as Sysmon, Process Monitor, osquery, and Velociraptor for visibility and threat hunting. Through hands-on configuration and guided workflows, you’ll build skills in interpreting endpoint telemetry, investigating suspicious activity, and applying structured analysis techniques to real-world defense scenarios.

What's included

10 videos1 reading1 assignment1 peer review2 discussion prompts

In this module, you’ll learn why Zero Trust is essential in today’s borderless networks and how it transforms access control beyond traditional perimeter defenses. You’ll explore core principles such as continuous verification, least privilege, and microsegmentation across identity, device, and application layers. Through real-world reference architectures and policy enforcement models, you’ll gain practical insight into Zero Trust design. Finally, you’ll apply these concepts in a hands-on lab using OpenZiti and endpoint hardening to rethink access workflows and experiment with identity-based segmentation.

What's included

10 videos1 reading1 assignment1 peer review2 discussion prompts

In this module, you’ll learn how to identify and mitigate insider threats—one of the most challenging risks in cybersecurity. You’ll explore insider motives, behavioral indicators, and monitoring techniques based on log analysis and baseline deviations, while also considering the legal and ethical implications of monitoring trusted users. Through case studies, detection strategies, and hands-on simulations with Sysmon and Sigma, you’ll practice analyzing behavior patterns, interpreting activity trails, and evaluating potential misuse of privileges to build a responsible and effective insider threat program.

What's included

10 videos1 reading1 assignment1 peer review2 discussion prompts

In this wrap-up module, you’ll consolidate everything learned across the course by demonstrating your ability to secure, monitor, and investigate a real-world endpoint scenario. Through a graded assessment, hands-on project, and final reflections, you’ll apply endpoint hardening techniques, configure telemetry, simulate insider or malware-like activity, and conduct a structured investigation using free tools. By the end, you’ll showcase the practical skills of a SOC analyst—detecting, responding, and reporting on endpoint threats—while reinforcing your readiness for professional roles and certifications in cybersecurity defense.

What's included

1 video1 peer review

Instructors

Starweaver
Starweaver
448 Courses837,252 learners
Rohit Mukherjee
Starweaver
1 Course51 learners

Offered by

Starweaver

Explore more from Security

Why people choose Coursera for their career

Felipe M.
Learner since 2018
"To be able to take courses at my own pace and rhythm has been an amazing experience. I can learn whenever it fits my schedule and mood."
Jennifer J.
Learner since 2020
"I directly applied the concepts and skills I learned from my courses to an exciting new project at work."
Larry W.
Learner since 2021
"When I need courses on topics that my university doesn't offer, Coursera is one of the best places to go."
Chaitanya A.
"Learning isn't just about being better at your job: it's so much more than that. Coursera allows me to learn without limits."
Coursera Plus

Open new doors with Coursera Plus

Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription

Advance your career with an online degree

Earn a degree from world-class universities - 100% online

Join over 3,400 global companies that choose Coursera for Business

Upskill your employees to excel in the digital economy

Frequently asked questions

¹ Some assignments in this course are AI-graded. For these assignments, your data will be used in accordance with Coursera's Privacy Notice.