In today’s evolving cyber threat landscape, every endpoint—whether a laptop, server, cloud workload, or mobile device—represents a potential gateway to sensitive data. Cybercriminals know this, making endpoint security the true front line of defense. This course provides a structured, beginner-friendly introduction to endpoint security, taking you beyond traditional antivirus into modern defenses like EDR, Zero Trust, and insider threat detection.

Discover new skills with $120 off courses from industry experts. Save now.


Recommended experience
What you'll learn
Apply endpoint security principles to evaluate architectural components, identify common attack vectors, and implement baseline hardening techniques.
Configure endpoint telemetry tools to collect and interpret suspicious system activity.
Configure native Windows security controls to enforce Zero Trust at the endpoint level.
Analyze endpoint behavior to detect and respond to potential insider threats.
Skills you'll gain
- Hardening
- Authentications
- Threat Management
- Anomaly Detection
- Security Controls
- Cybersecurity
- MITRE ATT&CK Framework
- Continuous Monitoring
- Threat Detection
- Endpoint Detection and Response
- Virtual Machines
- Zero Trust Network Access
- Cyber Threat Intelligence
- IT Security Architecture
- Intrusion Detection and Prevention
- Event Monitoring
- Cyber Attacks
- Endpoint Security
- System Monitoring
- Cyber Threat Hunting
Details to know

Add to your LinkedIn profile
September 2025
See how employees at top companies are mastering in-demand skills

There are 6 modules in this course
In this course, you’ll learn how to build and manage endpoint security as the first line of defense in today’s threat landscape. You’ll focus on designing secure endpoint architectures, applying Zero Trust principles, and using tools like Sysmon, Sigma, and Velociraptor to detect and investigate threats. Through expert-led instruction, real-world scenarios, and hands-on labs in virtual environments, you’ll gain the skills to monitor processes, analyze alerts, and respond to insider and external threats. By the end, you’ll be equipped to think like a SOC analyst, correlate logs and behaviors, and implement practical defenses that protect endpoints and strengthen overall cybersecurity posture.
What's included
1 video1 reading1 plugin
In this module, you’ll learn why endpoints are a critical focus in cybersecurity and how attackers often exploit them to reach organizational data. You’ll explore endpoint types, common attack vectors, the CIA triad, and baseline hardening principles, and analyze real-world attack scenarios to see these concepts in action. You’ll also work with CIS-CAT Lite in hands-on labs to assess configurations and understand how architectural components like agents and policy engines interact. Finally, you’ll apply foundational security practices to strengthen baseline defenses and build a resilient endpoint environment.
What's included
10 videos1 reading1 assignment1 peer review2 discussion prompts
In this module, you’ll learn how Endpoint Detection and Response (EDR) strengthens modern security beyond traditional antivirus solutions. You’ll explore how EDR collects and analyzes telemetry, apply frameworks like MITRE ATT&CK to shape detection strategies, and practice using tools such as Sysmon, Process Monitor, osquery, and Velociraptor for visibility and threat hunting. Through hands-on configuration and guided workflows, you’ll build skills in interpreting endpoint telemetry, investigating suspicious activity, and applying structured analysis techniques to real-world defense scenarios.
What's included
10 videos1 reading1 assignment1 peer review2 discussion prompts
In this module, you’ll learn why Zero Trust is essential in today’s borderless networks and how it transforms access control beyond traditional perimeter defenses. You’ll explore core principles such as continuous verification, least privilege, and microsegmentation across identity, device, and application layers. Through real-world reference architectures and policy enforcement models, you’ll gain practical insight into Zero Trust design. Finally, you’ll apply these concepts in a hands-on lab using OpenZiti and endpoint hardening to rethink access workflows and experiment with identity-based segmentation.
What's included
10 videos1 reading1 assignment1 peer review2 discussion prompts
In this module, you’ll learn how to identify and mitigate insider threats—one of the most challenging risks in cybersecurity. You’ll explore insider motives, behavioral indicators, and monitoring techniques based on log analysis and baseline deviations, while also considering the legal and ethical implications of monitoring trusted users. Through case studies, detection strategies, and hands-on simulations with Sysmon and Sigma, you’ll practice analyzing behavior patterns, interpreting activity trails, and evaluating potential misuse of privileges to build a responsible and effective insider threat program.
What's included
10 videos1 reading1 assignment1 peer review2 discussion prompts
In this wrap-up module, you’ll consolidate everything learned across the course by demonstrating your ability to secure, monitor, and investigate a real-world endpoint scenario. Through a graded assessment, hands-on project, and final reflections, you’ll apply endpoint hardening techniques, configure telemetry, simulate insider or malware-like activity, and conduct a structured investigation using free tools. By the end, you’ll showcase the practical skills of a SOC analyst—detecting, responding, and reporting on endpoint threats—while reinforcing your readiness for professional roles and certifications in cybersecurity defense.
What's included
1 video1 peer review
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.
Instructors


Offered by
Explore more from Security
- Status: Free Trial
- Status: Free Trial
- Status: Free Trial
Google Cloud
Why people choose Coursera for their career





Open new doors with Coursera Plus
Unlimited access to 10,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription
Advance your career with an online degree
Earn a degree from world-class universities - 100% online
Join over 3,400 global companies that choose Coursera for Business
Upskill your employees to excel in the digital economy
Frequently asked questions
To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.
When you purchase a Certificate you get access to all course materials, including graded assignments. Upon completing the course, your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.
You will be eligible for a full refund until two weeks after your payment date, or (for courses that have just launched) until two weeks after the first session of the course begins, whichever is later. You cannot receive a refund once you’ve earned a Course Certificate, even if you complete the course within the two-week refund period. See our full refund policy.
More questions
Financial aid available,
¹ Some assignments in this course are AI-graded. For these assignments, your data will be used in accordance with Coursera's Privacy Notice.