Frameworks
Every one of the 7 modules maps to real framework controls — NIST CSF 2.0, MITRE ATT&CK, PCI-DSS v4.0, SOC 2 CC6/CC7, OWASP Top 10, and DCWF/NICE work roles. Framework chips render on every lesson inside the product.
SQL Security Sandbox renders PCI-DSS v4.0 requirement chips on every lesson — not as a badge, but as direct evidence. Module B alone covers Req 10.2, 10.3, 10.5, 10.6, and 12.10. Module A covers Req 7 and 10 for access-control auditing. Module C maps to Req 6.2 and 6.4 for application security testing. This is the compliance evidence your QSA expects — built into the lab.
Crosswalk
7 modules · 35 lessons · 142 exercises
| Module | NIST CSF 2.0 | MITRE ATT&CK | PCI-DSS v4.0 | SOC 2 | OWASP Top 10 | DCWF / NICE |
|---|---|---|---|---|---|---|
| Module 1 — SQL Fundamentals (4 lessons · Beginner) | ||||||
| SELECT, WHERE, ORDER BY, LIMIT | DE.AE-1DE.AE-2 | T1078T1133 | Req 6 | CC6.1 | — | WR 511WR 111 |
| Module 2 — Filtering & Aggregation (4 lessons · Intermediate) | ||||||
| AND/OR, wildcards, GROUP BY, HAVING, COUNT/SUM/AVG | DE.AE-3DE.CM-1 | T1078T1110 | Req 10 | CC6.1CC7.2 | A07 | WR 511 |
| Module 3 — Joins & Subqueries (4 lessons · Advanced) | ||||||
| INNER/LEFT JOIN, subqueries, multi-table analysis | DE.CM-7DE.AE-4 | T1078.003T1021 | Req 10Req 12 | CC6.7CC7.2 | A01 | WR 511WR 421 |
| Module 4 — Window Functions & CTEs (5 lessons · Expert) | ||||||
| OVER(), LAG(), LEAD(), WITH, impossible-travel detection | DE.AE-5DE.CM-4 | T1078.004T1550 | Req 7Req 10 | CC7.2CC7.3 | A09 | WR 511WR 531 |
| Module A — Privilege Auditing (6 lessons · Expert) | ||||||
| Access reviews, least-privilege, db_permissions, access_policy tables | PR.AC-1PR.AC-4DE.CM-3 | T1078T1098 | Req 7Req 10 | CC6.1CC6.3 | A01 | WR 511WR 531WR 541 |
| Module B — Logging Failure Analysis (6 lessons · Expert) | ||||||
| Log integrity, gap detection, suppression patterns, log_config table | DE.CM-1DE.CM-3RS.AN-1 | T1070T1070.001T1565 | Req 10.2Req 10.3Req 10.5Req 10.6Req 12.10 | CC7.2CC7.3 | A09 | WR 511WR 531 |
| Module C — SQL Injection Anatomy for Defenders (6 lessons · Expert) | ||||||
| Pattern detection, forensics, endpoint_sensitivity table, exfiltration scope | ID.RA-1DE.CM-8RS.AN-2 | T1190T1059.004 | Req 6.2Req 6.4Req 10.2Req 12.10 | CC6.8CC7.1 | A03A09 | WR 511WR 521WR 541 |
Framework chips render inline on every lesson within the product. PCI-DSS v4.0 requirement numbers reference the January 2025 v4.0.1 update.
Why It Matters
Every module maps to Detect (DE) and Protect (PR) functions. Modules A–C extend into Identify (ID) and Respond (RS). Teams using CSF 2.0 as their primary framework can use completion evidence directly in their Tier assessment.
Technique IDs map to real attacker behavior — T1078 (Valid Accounts), T1070 (Indicator Removal), T1190 (Exploit Public-Facing App). Analysts learn to recognize these signatures in raw query output, not just in an EDR alert.
Module B alone satisfies the core Requirement 10 sub-controls (10.2, 10.3, 10.5, 10.6, 12.10) for log integrity and retention. Module A maps to Req 7 access-control reviews. Module C supports Req 6.2 / 6.4 application security testing evidence. QSA-ready documentation.
SOC 2 CC6/CC7 controls for logical access and anomaly detection. OWASP A01/A03/A09 for injection and security misconfiguration. DCWF/NICE work roles 111, 421, 511, 521, 531, 541 for federal training-budget owners aligning to DoD 8140.
Framework-mapped training across 7 modules, 35 lessons, and 142 exercises. 30-day money-back guarantee.