May 23 - Jul 21, 2023
Dark Lab Academy is a cutting-edge program launched by PwC Hong Kong (PwC), in partnership with Xccelerate, to upskill and re-skill the next generation of cybersecurity talent. This course is built to create a talent pipeline equipped to aid organizations and greater society in protecting data and systems, mitigating cyber risks and improving resilience against modern cyber threats.
Dark Lab Academy’s course pertains to penetration testing, a skill used by ethical hackers to evaluate the effectiveness of technical controls throughout computational systems. Learning penetration testing is essential to understanding how sophisticated adversaries think and act. Students of this program will become proficient in this and other in-demand cybersecurity skills, allowing them to explore the domain at their own pace.
This penetration testing course will span 10 weeks, with content divided into 3 distinct sections– the first of which addressing fundamental theory essential to utilize across all penetration testing engagements.
The second section will act as a sandbox for students, comprising websites and applications intentionally configured to host vulnerabilities reflected in the OWASP Top 10 Framework, similar to real-world situations that PwC’s Dark Lab encounter on a daily basis.
The third section builds on concepts of its predecessors, with practical exercises based on deliberately insecure open source environments used for testing vulnerabilities commonly found in Java-based applications that use popular components.
Self-paced, learn anytime or anywhere
Weekly face-to-face tutorials
Campus hot desk available to all students
Access anytime or anywhere
Access to digital content e.g. documentation/video recordings/practical skills
Online support from mentors
Introduction & Fundamentals
• Learn why cybersecurity is a critical component to modern business.
• Work with real industry professionals to get a sense of their impact.
• Understand the variety of potential roles you can move into through this exciting career path.
Theoretical Concepts and Techniques
• Cover key terminology and concepts to understand the penetration testing landscape.
• Dive into the OWASP Top 10 Framework which entails the most critical security risks to web applications - learn about at least one area of the OWASP Top 10 per week through a blend of theory and practical exercises.
• Become familiar with command execution and learn how to find tools and resources to help you beyond the course.
Hands-On Cyber Ranger and Advanced Concepts
• Work in custom-built environments to learn how to identify and exploit potential vulnerabilities.
• Learn advanced penetration testing concepts including scanning defenses, pivoting between networks, deploying proxy chains and more.
• Polish your skills and prepare to become Dark Lab Academy certified.
Request a detailed syllabus
Explore the course features
Full access to all learning materials
Unlimited during bootcamp
Full access to all learning materials
Unlimited during bootcamp
Explore our payment plans and choose the best option for you.
Make 12 payments over 12 months with 0% interest
New users get HK$200 cash reward for opening Livi account with code X#livi
Users can enjoy up to 8% cash back (up to $100 a month)
What is the assessment I will need to take to earn my badge and complete the course?
The examination consists of two parts - a 24-hour penetration testing examination assessing the knowledge and skills obtained throughout the course, followed by a documentation report due 24 hours after the practical element.
Can you really guarantee me a job offer after I complete this course?
Yes, PwC Dark Lab will be offering a full-time permanent job offer as a Junior Penetration Tester to all students that complete the course and successfully pass an examination that comprises hands-on practical exercises in the virtual cyber range. This is subject to undergoing the standard PwC standard onboarding process (e.g., application, background checks, and streamlined interviews).
Why is PwC guaranteeing job offers for this industry?
The era of cloud computing, Internet of Things (IoT), automation and online collaboration tools has accelerated digital and human connectivity. These new hybrid human-digital ecosystems are often fragile, with the cyber threat landscape becoming increasingly sophisticated as malicious attackers take advantage for profitability, sabotage, and espionage. As organisations look to improve their cyber-resilience, they are faced with another problem - a talent shortage. This hurdle has jeopardised the ability of organisations to act swiftly and decisively to safeguard against dynamic cyber threats. We aim to solve the cyber talent shortage issue through upskilling and reskilling our workforce. In doing so, we will have a deeper resource pool to call upon to protect our society from the ever-changing cyber threat landscape.
Do I need to be a Hong Kong resident to be applicable for the course or the job guarantee?
At this point in time, yes. This is subject to further review and change in the future.
What if I choose not to accept the job offer?
Students will also be eligible to join Dark Lab’s bug bounty program via the Cyberbay platform. This will grant students access to a range of real, live systems by various large corporations and Small to Medium Enterprises (SMEs) to continually “learn and hack” after the course, and subsequently be able to “hack and earn” for cash and credits.
How will I be able to use the badge I earn from the course?
As above - though we may want to elaborate this more when we decide what to do with the badge, including having token/gamification to generate demand
Is the course lecture based or self paced?
The course will provide students with on-demand learning content, ranging from documentation to videos and a cyber range to hone practical skills. Every week, our instructors will host two one-hour open sessions to receive questions and provide more specific guidance on the condition that students have attempted the course and homework. Discord channel will be open for students to raise questions, share information, and encourage each other.
Do I need any prerequisites to qualify for the course or the offer guarantee?
All students require is the willingness to learn, good attitude, and the ability to “try harder”. We advocate passion as that will always allow you to get to where you want in life.
Is this only for HONG KONG permanent residents? Will I get guaranteed jobs if I am not?
All citizens residing in Hong Kong will be eligible for enrolment in Dark Lab Academy’s cybersecurity course. Students that successfully completed the course training, quizzes and lab exercises, and passed the examination designed by PwC Hong Kong will obtain the Dark Lab Academy digital badge to demonstrate their skills learnt during the course. Please note at the moment the guaranteed job offered by PwC Dark Lab (i.e. full-time permanent job as a Junior Penetration Tester) are only applicable for those with Hong Kong Permanent Resident status.
For the Cybersecurity course, it said it is 10 weeks. Do we have a detailed schedule of exactly which dates/time for the course?
Upon successful enrollment of the Dark Lab Academy cybersecurity course, students will be shared the course schedule detailing on open sessions arrangement, course breakdown and module breakdown.
If I missed out the previous week lessons, I can still make it up later on? Because it said twice weekly?
The Dark Lab Academy cybersecurity course will adopt the self-learning approach, whereby students will be able to access the documentation, videos, and cyber range through the on-demand platform to learn at their own pace. The course materials will be released on a weekly basis to ensure students are able to focus on the latest content. To support students learning during the 10-week course, two one-hour open sessions in English and Cantonese will be hosted every week by Instructors to address selected questions raised on the Discord channel. The open sessions will be held according to the agreed timeslot between the instructor and the cohort, while the video recording of the sessions will be available for students unable to attend. The Discord channel will be available 24x7 for students to raise questions for Instructors, exchange information with each other, and encourage collaboration throughout the course.
When will the exam take place? Will it be an online test at the end of the course? How is the exam format? writing report is required?
Upon successful completion of the 10-week Dark Lab Academy cybersecurity course, students will have two further weeks to hone their skills in the cyber range. They will also be entitled to make an appointment for one attempt of the examination from the start of the course until the end of this 2-week period, totaling 12-weeks. Please note there is no fixed date or expiration period for the examination attempt, and there is no penalty for changing the examination date up to two times during the 12-week period. The examination is attempted online (i.e., remotely) without any assistance or collaboration from peers. The examination consists of two parts: (1) 24-hour penetration testing examination to assess the student’s knowledge and skills obtained throughout the course by hacking up to three vulnerable machines, and (2) submission of documentation report 24 hours after the practical element detailing the steps performed and tools leveraged during the hands-on practical examination to fully compromise the vulnerable machines. A sample report template will be made available to students upon the start of the course as part of the course materials. Students may familiarize themselves with the reporting structure and would need to adhere to a professional documented approach to pass the examination.
I had Certified Information Systems Auditor (CISA) certificate from refers the Information Systems Audit and Control Association (ISACA) before, would this course still help me to get a job?
The CISA certificate is the global standard for professionals who have a career in information systems particularly in auditing, control, and security. This may be helpful for students to grasp concepts more easily in our course. However, they are not necessarily assessing and/or demonstrating the same skillsets as the Dark Lab Academy course. Given our course focuses on ensuring students are able to perform a hands-on practical assessment to evaluate if web applications are vulnerable to the most critical security risks. As a result, the CISA certificate will neither be a pre-requisite to apply for the course, nor part of the requirement to get the job in PwC’s Dark Lab.
What if I want to work Part-time or Freelance after the course since I have other engagement?
Upon obtaining the Dark Lab Academy digital badge, students are eligible to join Dark Lab’s bug bounty platform, which offers monetary awards for finding and reporting certain types of vulnerabilities and bugs. This can be done in a part-time or freelance capacity, with no time commitment. Details of the program will be made available upon request.
If I don't have any technical background, would I still be able to join the course?
There are no pre-requisites to enrolling for the Dark Lab Academy course. Our objective is to lower the barriers of entry to the cybersecurity profession, provide accessibility to all groups of people regardless of their technical background, and democratize cybersecurity as it is viewed by PwC Dark Lab as a basic human right.
Can we issue the Darklab badge as an NFT?
Can our current badge system have unique IDs?
If we have an NFT badge and PWC wants to revoke it, is that possible?
Yes, it’s possible. We can add a function in the smart contract that allows the owner to transfer the NFT back to the minter (PwC).
Can we make it so the NFT cannot be sold?
Yes. We can modify the smart contract so that it’s not transferable. For example, we can make it so that the NFT is only allowed to be transferred once (during minting, from PwC to the student).
What measures can we put in place to ensure the NFT is unique only for the owner / in the event their cert ID is revoked or no longer valid?
We can revoke the actual NFT from the student. To implement, we add a function in the smart contract that allows the owner to transfer the NFT back to the minter (PwC).
Accelerating humanity by educating workforces
Full-time immersive courses
Full-Stack Web Development Immersive
Immersive Data Science & Machine Learning
Full-Stack UX Design Immersive
Web Development for Absolute Beginners
Data Science & Machine Learning
Digital Marketing & Growth Hacking
Introduction to FinTech
Introduction to Python
User Experience Design (Fundamentals)
User Interface Design
Introduction to Product Management
Blockchain for Developers Course
School Ambassador Program
Future Education Foundation
COVID-19 Economic Recovery Education Fund
Women in Tech Scholarship
Hong Kong's Largest Career Switch Series 2022
Xccelerate, 3/F, Citicorp centre, 18 Whitfield Road, Tin Hau, Hong Kong
Xccelerate Global HK Limited Flat B 12/F, Wing Cheong Commercial Building, 19-25 Jervois Street, Sheung Wan, Hong Kong
10 Ubi Crescent, #05-42 Ubi Techpark, Singapore 408564