Badge Descriptions

Below are descriptions of the available Infuse learning paths and associated badges. Please note that Infuse does not have a centralized system for verifying a Learner’s knowledge and skills. Learners are intended to only claim a badge once they have undergone skill verification with a qualified Mentor or peer, but there is no centralized system in place to enforce this.

Detecting, Investigating and Tracking Malicious Infrastructure

Phishing messages are often tied to complex attacker infrastructure which aims to capture data. Infuse Learners who complete this path are introduced to various techniques that could help uncover such infrastructure—from passive analysis of email headers or domains to active analysis of dynamic content in messages and web pages. They also learn about the operational security steps an analyst should take. Finally, Learners following this path explore what they should do after completing a successful investigation (e.g., writing up research findings and contacting web hosts and similar institutions with requests to take down malicious infrastructure).

Detecting Malware

Infuse Learners who complete this learning path explore intermediate-level malware detection using a variety of tools, from off-the-shelf antivirus to more specialized methods such as mvt, traffic analysis, or basic sandboxes. Starting out with a guide on responsibly supporting at-risk individuals and groups with high privacy needs, the learning path then considers various types of malware and detection techniques. Learners are provided with a primer on how to disassemble Office documents to look for malicious scripts and other undesirable content therein, as well as instruction on clean-up and remediation efforts following malware infections.

Analyzing Malware

Sometimes, we encounter novel malware and need to figure it out via disassembly. Infuse Learners completing this advanced level learning path learn how to set up an effective malware analysis environment. They examine dynamic analysis through sandboxes and static analysis through commercially available disassembly tools. Learners explore indicators of compromise and how, once someone has found and analyzed a piece of novel malware, they can effectively share findings with their wider community.

Web Application Security Fundamentals

Dynamic web applications contain a huge amount of features but also many potential security flaws. Infuse Learners completing this learning path gain an introduction to infrastructure vulnerabilities, data validation vulnerabilities, authentication and authorization vulnerabilities, and application logic vulnerabilities. Learners study each of those vulnerabilities, and also explore OWASP as a framework. Finally, the learning path looks at how digital protectors can effectively discuss vulnerabilities, threats, and remediations with at-risk individuals and organizations.

Web Application Security Assessment

Web application vulnerabilities can be hard to find. Infuse Learners completing this learning path are introduced to a variety of different methods, both manual and automated, which can be used to find and patch vulnerabilities within web applications. Learners explore detecting a wide range of possible vulnerabilities, such as script, SQL, and command injections, authorization and authentication vulnerabilities, path traversal vulnerabilities, as well as business logic vulnerabilities and race conditions. The learning path also teaches how to responsibly check a site for vulnerabilities, refine and improve assessment methodologies, and effectively practice and hone web assessment skills.

Web Application Hardening, Forensics, and Incident Response

Web applications, particularly those run by civil society and other at-risk groups, are at constant risk of attacks. Infuse Learners completing this learning path are introduced to the steps administrators could take to reduce the chance of successful denial of service (DoS) attacks, and how to respond when such an attack is ongoing. Learners examine logs within web applications and learn how to search through and analyze their content to find information about potential attacks. They also explore methods for effective incident response after a break in, including ways to detect and confirm an attack as well as tracking and evicting the attacker.