Path icon Learning Paths
Skills

Critical Vulnerabilities and Exploits

  • Number of Courses17 courses
  • Duration4 hours

Common Vulnerabilities and Exposures, or CVEs, are critical security vulnerabilities that have been discovered and publicly disclosed to initiate fixes/patches. Oftentimes it's hard to tell if a system is vulnerable or what to do next if it is. When a critical CVE breaks, we will have rapidly-released content to guide you and your team with what you need to know to protect your systems immediately.

In the section of hands-on labs, you will find common CVEs and walk through the steps of emulation, or discovering if a vulnerability is present, then covering how to detect and protect applications, services and software that has had a recent critical vulnerability with proof-of-concept exploitation released. These are vulnerabilities with the widest impact across all industries, and the information learned is focused on explaining exactly what you can do to protect your organization, and how to test those protections and detections.

Courses in this path

Critical Vulnerabilities and Exploits: What You Should Know

Common Vulnerabilities and Exposures, or CVEs, are critical security vulnerabilities that have been discovered and publicly disclosed to initiate fixes/patches. Oftentimes it's hard to tell if a system is vulnerable or what to do next if it is.

In this section, we cover critical, new vulnerabilities and exploits discovered - what they are, how to identify them in your environment and what risks are of concern to cybersecurity professionals.

regreSSHion - an OpenSSH RCE Vulnerability: What You Should Know

  • by Matthew Lloyd Davies
  • 13m Duration

Palo Alto PAN-OS RCE Vulnerability: What You Should Know

  • by Matthew Lloyd Davies
  • 14m Duration

XZ Backdoor Supply Chain Vulnerability: What You Should Know

  • by Matthew Lloyd Davies
  • 21m Duration

ConnectWise ScreenConnect Vulnerability: What You Should Know

  • by Aaron Rosenmund
  • 18m Duration

Ivanti Avalanche Vulnerability: What You Should Know

  • by Michael Teske
  • 9m Duration

Atlassian RCE Vulnerabilities: What You Should Know

  • by Matthew Lloyd Davies
  • 9m Duration

TorchServe Vulnerabilities: What You Should Know

  • by Brandon DeVault
  • 19m Duration

Kubernetes on Windows Vulnerability: What You Should Know

  • by Michael Teske
  • 12m Duration

MOVEit Vulnerability: What You Should Know

  • by Aaron Rosenmund
  • 17m Duration

VMWare ESXi Vulnerability: What You Should Know

  • by Brandon DeVault
  • 4m Duration
  •  (11)

Microsoft Outlook Elevation of Privilege Vulnerability: What You Should Know

  • by Brandon DeVault
  • 5m Duration

Apache Commons Text Vulnerability: What You Should Know

  • by Bri Frost
  • 10m Duration
  •  (18)

Log4j Vulnerability: What You Should Know

  • by Brandon DeVault
  • 8m Duration
  •  (77)

Log4j Vulnerability Lab: Video Walkthrough

  • by Brandon DeVault
  • 22m Duration

Talking Tradecraft @ Pluralsight: A Technical Dive into the Log4Shell Exploit

  • by Aaron Rosenmund
  • 57m Duration

Ivanti Connect Secure VPN Vulnerability: What You Should Know

  • by Michael Teske
  • 11m Duration

CVE Emulation and Detection Hands-on Labs

In this section of hands-on labs, you will find common CVEs and walk through the steps of emulation, or discovering if a vulnerability is present, then covering how to detect and protect applications, services and software that has had a recent critical vulnerability with proof-of-concept exploitation released. These are vulnerabilities with the widest impact across all industries, and the information learned is focused on explaining exactly what you can do to protect your organization, and how to test those protections and detections.

Getting Started in the Lab Environment

  • by Aaron Rosenmund
  • 6m Duration
  •  (14)

Learn with the best

Matthew Lloyd Davies
Matthew Lloyd Davies
Matt is a cyber security author and researcher here at Pluralsight. A certified penetration tester and incident handler, he created Pluralsight's CompTIA Pentest+ Specialized Attacks courses as well our courses on wireless, ICS/OT and hardware hacking. Matt has also helped to build our security labs portfolio; labs that help you get hands-on to understand the threats and vulnerabilities your organization faces today. With a background in Chemical Engineering, Matt's focus is on the security ... more
Michael Teske
Michael Teske
Michael Teske is a principal security author with Pluralsight helping people build their skills toolkit. Michael has 25+ years of experience in the IT Ops/Cloud/Cybersecurity industry including 17 of those years as an IT instructor at a technical college, focusing on Microsoft server infrastructure, security and automation. Michael attained his MBA with an emphasis in Computer Information System Security several years ago. Michael still keeps up with the industry as an independent consultant in ... more
Aaron Rosenmund
Aaron Rosenmund
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber secur... more
Bri Frost
Bri Frost
Bri is a renowned expert with 7 years of experience in the field of Cybersecurity and IT, bringing a unique perspective to the table. As the Director of Security Curriculum and Research at Pluralsight, Bri is instrumental in developing the cutting-edge cybersecurity curriculum and content strategy. With a wealth of knowledge as an author of Pluralsight training content, she infuses a "red-team" or attacker-focused mindset into her teachings to grasp security concepts and defense strategies effec... more
Brandon DeVault
Brandon DeVault
Brandon DeVault is a Security Researcher focused on threat hunting at CrowdStrike. He is also a member of the Florida Air National Guard with a variety of offensive and defensive experience. Prior to joining CrowdStrike, Brandon worked full-time as an author with Pluralsight and at Elastic, creating and delivering security content. He also worked with Special Operations Command, where he had two deployments to Afghanistan on deployable communications teams. His experience spans incident response... more
Kat DeLorean Seymour
Kat DeLorean Seymour
Kat Seymour is a Security Author with 20 years of experience in technology and information security. With a wide breadth of experience, Kat's focus is on Red, Blue, and Purple team operations, tools, and techniques. Kat retired from a decades long career in Fintech to pursue her passion of mentoring and teaching full time. Throughout her career Kat has worked to build and innovate technology at a Fortune 100 Financial Institution including development of the first formalized application monitori... more

Join our learners and upskill
in leading technologies