All courses
Resource hub
Featured resource
Forrester Wave Report 2025
Pluralsight named a Leader in the Forrester Wave™

Our tech skill development platform earned the highest scores possible across 11 criteria.

Learn more
Hamburger Icon
  • Path icon Learning Path
    • Libraries: This path is only available in the libraries listed. To access this path, purchase a license for the corresponding library.
  • Security
    •

CVEs Emulation and Detection Hands-on Labs

2 Courses
11 Labs
16 Hours
Skill IQ

Common Vulnerabilities and Exposures, or CVEs, are critical security vulnerabilities that have been discovered and publicly disclosed to initiate fixes/patches. Oftentimes it's hard to tell if a system is vulnerable or what to do next if it is. When a critical CVE breaks, we will have rapidly-released content to guide you and your team with what you need to know to protect your systems immediately.

In the section of hands-on labs, you will find common CVEs and walk through the steps of emulation, or discovering if a vulnerability is present, then covering how to detect and protect applications, services and software that has had a recent critical vulnerability with proof-of-concept exploitation released. These are vulnerabilities with the widest impact across all industries, and the information learned is focused on explaining exactly what you can do to protect your organization, and how to test those protections and detections.

Get started

Content in this path

CVE Emulation and Detection Hands-on Labs

In this section of hands-on labs, you will find common CVEs and walk through the steps of emulation, or discovering if a vulnerability is present, then covering how to detect and protect applications, services and software that has had a recent critical vulnerability with proof-of-concept exploitation released. These are vulnerabilities with the widest impact across all industries, and the information learned is focused on explaining exactly what you can do to protect your organization, and how to test those protections and detections.

Course

Getting Started in the Lab Environment

  • by Aaron Rosenmund
  • 6m
  • Oct 07, 2021
Lab

CVE-2025-29927 Next.js Middleware: Emulation and Detection

  • by Thomas ReyesCairo
  • 1h 10m
  • Jul 30, 2025
Lab

CVE-2022-34265 Django: Emulation and Detection

  • by Riley Kidd
  • 45m
  • Aug 04, 2025
Lab

CVE-2022-33891 Apache Spark: Emulation and Detection

  • by West Shepherd
  • 1h 25m
  • Jul 30, 2025
Lab

CVE-2022-26134 Confluence: Emulation and Detection

  • by Krysta Coble
  • 50m
  • Jul 30, 2025
Lab

CVE-2022-24706 Apache CouchDB: Emulation and Detection

  • by Krysta Coble
  • 1h
  • Aug 05, 2025
Lab

CVE-2022-24112 Apache APISIX: Emulation and Detection

  • by West Shepherd
  • 1h 30m
  • Jul 30, 2025
Lab

CVE-2022-22965 Spring4Shell: Emulation and Detection

  • by Riley Kidd
  • 1h 5m
  • Aug 05, 2025
Lab

CVE-2021-42013 Apache HTTP Server: Emulation and Detection

  • by Matthew Lloyd Davies
  • 1h 10m
  • Aug 04, 2025
Lab

CVE-2021-4034 Polkit: Emulation and Detection

  • by West Shepherd
  • 1h 10m
  • Jul 30, 2025
Lab

CVE-2020-1938 Apache Tomcat: Emulation and Detection

  • by Matthew Lloyd Davies
  • 3h 10m
  • Aug 05, 2025
Course

Log4j Vulnerability Lab: Video Walkthrough

  • by Brandon DeVault
  • 22m
  • Mar 21, 2022
Lab

Log4j Vulnerability Lab: Emulation and Detection

  • by Brandon DeVault
  • 2h 35m
  • Aug 07, 2025
Try this learning path for free
Access this learning path and other top-rated tech content with a free trial.
Free individual trial Free team trial
Have questions? Get them answered now.
Start a live chat
What You'll Learn
  • [Breaking News: Vulnerabilities, Exploits and Breaches](Breaking News: Vulnerabilities, Exploits and Breaches)
  • Security Event Triage
Prerequisites
Related topics
  • security testing
  • continuous monitoring and detection
  • CVEs
Not sure where to start?
With over 500 assessments to choose from, you can see where your skills stand and receive adaptive learning recommendations to fill knowledge gaps in as little as 10 minutes.
Learn more

Learn with the best

Aaron Rosenmund
Aaron Rosenmund
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber secur...
Thomas ReyesCairo
Thomas ReyesCairo
Thomas Reyes-Cairo has worked at the intersection of technology and education for 10 years. At Pluralsight, Thomas has worked extensively with hands-on content, first as a Technical Content Producer and now as a Hands-On Author for Security. He specializes in the deployment of lab environments through Terraform and is a Hashicorp certified Terraform Associate.
Riley Kidd
Riley Kidd
Riley has technical security consultancy experience – leading and building teams to deliver projects and outcomes for clients. He has created and facilitated technical trainings across secure coding, python for hackers, offensive operations, and Capture The Flag competitions. Riley has created technical educational content across YouTube, TCM Academy, and his personal Capture The Flag platform – 247CTF. Riley holds a number of certifications including OSCP, OSCE, OSED, OSWE, OSEP, CRTO, CRTL, C...
West Shepherd
West Shepherd
West is a disabled military veteran and established infosec professional with over a decade of IT experience in penetration testing, secure software development, and network engineering. He currently serves as the senior penetration tester and team lead for the Commonwealth of Kentucky's enterprise red team. Over the past five years West has supported multiple government agencies across the Commonwealth as a subject matter expert in large-scale security assessments providing strategic solutions ...
Krysta Coble
Krysta Coble
Krysta Coble is a new Pluralsight author focusing on red teaming, penetration testing, and hacking all the things. She graduated from Rochester Institute of Technology in Rochester, NY with a Bachelor’s in Information Security and Forensics and Master’s degree in Information Assurance and Computing Security. Krysta has worked for several government and military entities to include, the Department of Defense, Department of Justice, and Department of Homeland Security. She was a founding board mem...
Matthew Lloyd Davies
Matthew Lloyd Davies
Matt is a cyber security author and researcher here at Pluralsight. A certified penetration tester and incident handler, he created Pluralsight's CompTIA Pentest+ Specialized Attacks courses as well our courses on wireless, ICS/OT and hardware hacking. Matt has also helped to build our security labs portfolio; labs that help you get hands-on to understand the threats and vulnerabilities your organization faces today. With a background in Chemical Engineering, Matt's focus is on the security ...
Brandon DeVault
Brandon DeVault
Brandon DeVault is a Security Researcher focused on threat hunting at CrowdStrike. He is also a member of the Florida Air National Guard with a variety of offensive and defensive experience. Prior to joining CrowdStrike, Brandon worked full-time as an author with Pluralsight and at Elastic, creating and delivering security content. He also worked with Special Operations Command, where he had two deployments to Afghanistan on deployable communications teams. His experience spans incident response...

Join our learners and upskill
in leading technologies