Infrastructure Security: Reducing Risk Across Identity & Config

Introduction

This focused half-day course helps IT and security teams improve the security of their infrastructure by strengthening identity controls, hardening configurations, and reducing the organisation's attack surface through effective network design and monitoring.

Why this course matters

Modern attackers exploit misconfigurations, overly-permissive access, and flat networks far more often than zero-days. Most of these issues are preventable. By improving identity controls, enforcing secure baselines, and segmenting networks properly, you can dramatically reduce the blast radius of any breach.

Topics covered

• Identity is the new perimeter: MFA everywhere, conditional access policies, just-in-time admin, service-to-service auth.
• Configuration hardening & baseline compliance: Introduction to CIS, determining compliance, automating baseline enforcement, drift detection and CSPM
• Network Segmentation & Attack Surface: Quantifying, tracking and minimising external attack surface, firewall rule best practice and management, least-privilege ports, north-south vs. east-west monitoring

Key Take-away

From this course, you will:

• Learn how to implement stronger, policy-driven identity and access controls
• Gain tools and techniques to automate secure configuration baselines
• Understand how to design segmented networks that minimise lateral movement
• Develop monitoring strategies to detect threats across network zones
• Build infrastructure that is resilient to real-world attacks and misconfiguration

Who should attend

IT administrators, infrastructure engineers, network architects, and anyone responsible for securing on-prem or hybrid environments.

Delivery

Live online delivery

Contact us for face-to-face / private sessions.

Facilitators

Neil Richardson – Co-Founder & Managing Director | Cyber Alchemy

Neil has 15+ years of experience in cybersecurity, split between academia and strategic advisory roles. A former senior lecturer and now a fractional CISO to scale-ups, Neil specialises in aligning security with growth, helping companies protect funding rounds, launch securely, and simplify compliance. His experience includes 200+ strategic engagements and hands-on DevSecOps implementation for clients across fintech and medtech. A former Cyber Scheme Team Leader and CREST tester, Neil brings senior-level clarity to every course, making secure development something teams actually want to do.

Luke Hill – Co-Founder & Director | Cyber Alchemy

Luke brings eight years of security experience across offensive testing, compliance, and operations, with a focus on infrastructure, cloud, and OT security. He’s assessed everything from medical devices to fintech platforms and is an expert in identifying misconfigurations, attack paths, and hardening gaps across complex environments. Holding AZ-500 and Cyber Scheme Team Member certifications, Luke’s training style is clear, pragmatic, and full of real-world war stories. He also leads weekly hacking labs for university students and contributes to bug bounty and security research projects.

Ali Malik – Co-Founder & Director | Cyber Alchemy

Ali brings over a decade of experience in cybersecurity, paired with eight years in software engineering, making him a rare hybrid who understands what secure development actually looks like in the real world. He’s a specialist in offensive security, DevSecOps, and secure software delivery in regulated industries like MedTech and EdTech. Holding Cyber Scheme Team Leader and ISO 27001 Lead Auditor certifications, Ali regularly advises on integrating security seamlessly into the development lifecycle. Beyond consultancy, he mentors students, leads Capture The Flag competitions, and keeps Cyber Alchemy at the cutting edge of secure development practices.