Cybersecurity Training And Certifications - SANS Institute
The most trusted source forcybersecurity training, certifications,degrees, and researchCybersecurityTraining and Certifications2020 Course Catalog120 65 sesSANS Focus AreasCyber DefenseEssentialsBlue TeamOperationsPenetrationTestingDigital Forensics,Incident Response,and Threat HuntingIndustrial ControlSystemsSecurityManagement,Legal, and AuditTeam-Based TrainingDevSecOpsFALL 2019 COURSECATALOGCloud SecurityPurple Team Training“You cannot beat the quality ofSANS courses and instructors.I came back to work and was ableto implement the skills I learnedin class on day one. Invaluable.”— Melissa Sokolowski, Xerox
Table of Contents1SANS GIAC2The SANS Faculty3Build a High-Performing Security Organization4SANS Training Roadmap6SANS Training Formats7SANS Flagship Programs and Free Resources8Securing Approval and Budget for Training9SANS Voucher Program8GIAC Certifications11SANS Technology Institute12SEC401 Security Essentials Bootcamp Style1458FOR508 Advanced Incident Response, Threat Hunting, and60FOR572 Advanced Network Forensics: Threat Hunting, Analysis,62FOR500 Windows Forensic Analysis64FOR498 Battlefield Forensics & Data Acquisition NEW66FOR518 Mac and iOS Forensic Analysis and Incident Response68FOR526 Advanced Memory Forensics & Threat Detection70FOR578 Cyber Threat Intelligence72FOR585 Smartphone Forensic Analysis In-Depth74FOR610 Reverse-Engineering Malware: Malware Analysis ToolsSEC504 Hacker Tools, Techniques, Exploits, and Incident Handling76MGT512 Security Leadership Essentials for Managers16SEC503 Intrusion Detection In-Depth78SEC566 Implementing and Auditing the Critical Security18SEC51120SEC301 Introduction to Cyber Security80MGT414 SANS Training Program for CISSP Certification22SEC450 Blue Team Fundamentals: Security Operations82MGT514 Security Strategic Planning, Policy, and Leadership84MGT516 Managing Security Vulnerabilities: Enterprise24SEC487 Open-Source Intelligence (OSINT) Gathering and Analysis26SEC501 Advanced Security Essentials – Enterprise Defender86MGT525 IT Project Management, Effective Communication,28SEC505 Securing Windows and PowerShell Automation30SEC506 Securing Linux/Unix88AUD507 Auditing & Monitoring Networks, Perimeters,32SEC530 Defensible Security Architecture and Engineering90LEG523 Law of Data Security and Investigations34SEC545 Cloud Security Architecture and Operations92SEC540 Cloud Security and DevOps Automation36SEC555 SIEM with Tactical Analytics94DEV522 Defending Web Applications Security Essentials38SEC599 Defeating Advanced Adversaries – Purple Team Tactics96ICS410ICS/SCADA Security Essentials40SEC560 Network Penetration Testing and Ethical Hacking98ICS456Essentials for NERC Critical Infrastructure Protection42SEC542 Web App Penetration Testing and Ethical Hacking44SEC460 Enterprise Threat and Vulnerability Assessment46SEC573Automating Information Security with Python48SEC575Mobile Device Security and Ethical Hacking50SEC617Wireless Penetration Testing and Ethical Hacking52SEC642 Advanced Web App Penetration Testing,54SEC660 Advanced Penetration Testing, Exploit Writing,56SEC760 Advanced Exploit Development for Penetration TestersDigital Forensicsand Incident Responseand TechniquesControls – In-DepthContinuous Monitoring and Security Operationsand Analysis NEWand Kill Chain DefensesEthical Hacking, and Exploitation Techniquesand Ethical Hackingand Cloud NEWand PMP Exam Prepand Systems100 ICS515ICS Active Defense and Incident Response102 ICS612ICS Cyber Security In-Depth NEW104 Cyber Defense 2-Day Courses105 Penetration Testing Beta, 2-Day & Hosted CoursesTeam-Based Training Course106 Management Beta & 2-Day Courses107 ICS Hosted CoursesDevSecOps 2-Day Course108 SANS NetWars Experience109 Upcoming SANS Summit & Training Events“SANS gives you hands-on training you can use right away!”— Manuel Wallace, ABC Financial LLC
The most trusted source forcybersecurity training, certifications,degrees, and researchAt the SANS Institute, our mission is to deliver thecutting-edge information security knowledge and skillsthat companies, military organizations, and governmentsneed to protect their people and assets.TRAINING ON THE CUTTING EDGESANS offers more than 65 uniquecourses, all designed to align withdominant security team roles, duties,and disciplines. Our courses preparestudents to face today’s threats andtomorrow’s challenges.The SANS curriculum spans the fullrange of cybersecurity fields, includingCyber Defense, Penetration Testing &Ethical Hacking, Digital Forensics &Incident Response, Threat Hunting, Audit,Management, Critical Infrastructureand Control Systems Security, SecureSoftware Development, and more.In SANS courses, students are immersedin hands-on lab exercises designed tohelp them practice, hone, and perfectwhat they’ve learned. And we constantlyupdate and rewrite our courses to besure the tools and techniques we’reteaching are always current, and on thecutting edge.LEARN FROM THE BESTThe SANS faculty is simply unmatched.All of our instructors are active securitypractitioners who bring their extensiveknowledge and real-world experiencesdirectly to the classroom.SANS instructors work for high-profileorganizations as red team leaders,CISOs, technical directors, and researchfellows. In addition to their respectedtechnical credentials, they’re also expertteachers. Their passion for the topicsthey teach shines through, making theSANS classroom—both live and online—dynamic and effective.GIAC CERTIFICATIONGIAC certifications are designed toensure that students can apply theirknowledge and skills in a real-worldsetting. More than 30 certifications alignwith SANS training courses, validatingstudent mastery for professional use incritical, specialized InfoSec domains andjob-specific roles. See giac.org for moreinformation.A TRAINING FORMAT FOR EVERY STUDENTSANS holds more than 300 livetraining events around the world eachyear, so you can find a convenienttime and place to take your course.These events provide an engaginglearning environment and multipleopportunities to network with othersecurity professionals and with SANSinstructors and staff.SANS training is also offered online,with several convenient options to suityour learning style. All of our onlinecourses include at least four monthsof access to the course material,so students can revisit and rewindcontent anytime, anywhere.RECOGNIZED AS A SUPERIORINVESTMENTInformation security professionals fromevery member of the Fortune 100, andfrom small and mid-sized firms alike, saythey return to SANS training again andagain because they trust their trainingwill result in practical and high-qualitycapabilities. SANS training is alsoembedded in government and militaryprograms in the United States and alliesaround the world for the same reason.Customer feedback drives ourcontinuous effort to maintain the qualityand impact of SANS training, so that wecontinue to deserve your trust.THE SANS PROMISEAt the heart of everything we do is theSANS Promise: Students will be ableto use their new skills as soon as theyreturn to work.REGISTER FOR SANS TRAININGLearn more about SANS courses, andregister online, at sans.orgTest drive 45 SANS coursesFor those new to SANS or unsure of the subject area or skill levelto select for your next training course, SANS offers free one-hourcourse previews via our OnDemand platform. Preview our coursesat sans.org/demo1
SANS Faculty“ SANS instructors arethe best in the game.Their technical knowledgecombined with presentationskills and real-world examplesmake for an unparalleled trainingexperience. SANS rocks!”— Chris Gergen, Bank of North DakotaAt SANS, our course authors and instructors arerenowned cybersecurity experts who share their knowledgeby drawing on their own real-world experiences and topshelf curriculum. Industry professionals choose SANStraining again and again, year after year, for access to thesehighly regarded experts.There are only about 120 individuals in the world currentlyqualified as SANS Certified Instructors. Each is selected afterproving his or her technical and teaching expertise throughyears of work and success. The instructors are the foundersof international cybersecurity organizations, authors ofbest-selling books, and developers of the world’s mostadvanced cyber ranges and Capture-the-Flag challenges.Many are regularly called upon to share their expertise withgovernment and commercial organizations around the world.2In addition to their impressive résumés, every member ofthe SANS faculty is fully committed to providing the mostcomprehensive training possible. Our instructors do morethan just stand in front of a classroom—they’re presentfor their students every step of the way, with follow-ups,webcasts, mentoring, and more. Their goal is your success,and that dedication is what truly sets SANS training apartfrom all the rest.Whether you train with SANS online or at one of our liveevents, we promise you’ll be able to apply what you learnfrom these top-tier instructors as soon as you return to work.Meet the SANS faculty:sans.org/instructors
Build a High-PerformingSecurity OrganizationBased on our global research, SANS has identified effective strategies for building aninformation security group:The job roles and skills required ininformation security grow and changeas the organization scales. While everyprofessional needs a baseline of knowledgeand capabilities in cyber defense andincident response, over time you will developspecialized members of your team to worktogether in particular areas.Four critical job roles typically emerge:Prioritize your efforts within these areasusing the Center for Internet SecurityCritical Controls as you mature your ownorganization.Determine the number and types ofprofessionals you need to perform thehands-on work, then launch an ongoingcampaign to develop a team with theappropriate skills in mind. Cybersecurityis a specialized practice area within IT,and demands specialized training.People & Skills Size of Organization, Value at RiskAdvanced Skills & Specialized Roles, including:Blue Team Operations Threat Hunting ICS-SCADA DevSecOpsActive Defense Mobile Malware Reverse Engineering Legal & AuditValue at RiskUse practical organizing principles todesign your plan. Nearly all of the morecomplex frameworks may be reduced toa few simpler constructs, such as “Buildand Maintain Defenses – Monitor andDetect Intrusion – Proactively Self-Assess– Respond to Incidents.” Security Monitoring & DetectionProfessionals – Identifying securityanomalies within your environmentrequires an increasingly sophisticatedset of skills. All too often, vendor trainingteaches to the tool, without explaining howthe tool works or how it can be best used.To deploy detection and monitoring toolsand interpret their output, you need a morerobust understanding of tools, techniques, and analysis.Vulnerability Analysis& Pen TestingIncident Response & ForensicInvestigationsMonitoring & DetectionSecurity ManagersProfessionals with Baseline Defensive Security CapabilitiesSize of Organization Pen Testers & Vulnerability Analysts – A professional who can find weaknesses is often a different breed than one focusedexclusively on building defenses. A basic tenet of red team/blue team deployments is that finding vulnerabilities requires adifferent set of tools and a different way of thinking, but it’s still essential in improving defenses. Forensic Investigators & Incident Responders – Large organizations need specialized professionals who can move beyondfirst-level incident response. Whether you’re maintaining a trail of evidence or hunting for threats, you need the skills to analyzeattacks and develop appropriate remediation and recovery plans. Security Managers – As their staffs of talented technologists grow, organizations require effective leaders to manage them.These managers won’t necessarily perform hands-on work, but they must understand enough about underlying technologiesand frameworks to help set security strategy, develop appropriate policies, interact with their skilled practitioners, and measureoutcomes.Within (or beyond) these four areas, a high-performing security organization will develop its professional staff even further, withsome individuals covering more areas while others go deeper into just one specialty. Along the entire spectrum from active defenseto cloud defense, and from Python for InfoSec professionals to malware reengineering, SANS offers more than 30 courses to train forspecialized roles or learn about more advanced topics, meeting the needs of security professionals at every level.3
Training RoadmapSANS’ comprehensive course offerings enableprofessionals to deepen their technical skills in keypractice areas. The courses also address other topicsand audiences, such as security training for softwaredevelopers, industrial control engineers, and nontechnical personnel in management, legal, and audit.Development PathsCrucial Skills, Specialized RolesFocus Job RolesYou are experienced in security, preparingfor a specialized job role or focusNew to Cyber SecurityConcepts, Terms, & SkillsCyber SecuritySEC301 Introduction to Cyber Security GISFFundamentalsYou are experienced in technology, but needto learn hands-on, essential security skillsand techniquesCore TechniquesPrevent, Defend, MaintainEvery Security Professional Should KnowSecurityEssentialsSEC401 Security Essentials Bootcamp Style GSECHackerTechniquesSEC504 Hacker Tools, Techniques, Exploits,and Incident Handling GCIHAll professionals entrusted with hands-on cybersecurity work shouldbe trained to possess a common set of capabilities enabling them tosecure systems, practice defense-in-depth, understand how attackswork, and manage incidents when they occur. To be secure, you shouldset a high bar for the baseline set of skills in your security organization.Managing Technical Security OperationsOSINTSEC487 Open-Source Intelligence (OSINT) Gathering and AnalysisScan Packets & NetworksAdvanced GeneralistSEC501 Advanced Security Essentials – Enterprise Defender GCEDIntrusionDetectionSEC503 Intrusion Detection In-Depth GCIACloud SecuritySEC545 Cloud Security Architecture and OperationsMonitoring &OperationsSEC511 Continuous Monitoring and Security Operations GMONWindows/PowershellSEC505 Securing Windows and PowerShell Automation GCWNLinux/ Unix DefenseSEC506 Securing Linux/Unix GCUXSIEMSEC555 SIEM with Tactical Analytics GCDAIntrusion Detection, Monitoring Over TimeThe detection of what is happening in your environment requires anincreasingly sophisticated set of skills and capabilities. Identifyingsecurity anomalies requires increased depth of understanding todeploy detection and monitoring tools and to interpret their output.Penetration TestingVulnerability Analysis, Ethical HackingEvery Pen Tester Should KnowNetworksSEC560 Network Penetration Testing and Ethical Hacking GPENWeb AppsSEC542 Web App Penetration Testing and Ethical Hacking GWAPTThe professional who can find weakness is often a different breedthan one focused exclusively on building defenses. A basic tenet of redteam/blue team deployments is that finding vulnerabilities requiresa different way of thinking, and different tools, but it’s essential fordefense specialists to improve their defenses.Incident Response & Threat HuntingHost & Network ForensicsEndpointForensicsFOR500 Windows Forensic Analysis GCFEFOR508 Advanced Incident Response, Threat Hunting,and Digital Forensics GCFANetworkForensicsFOR572 Advanced Network Forensics: Threat Hunting,Analysis, and Incident Response GNFAWhether you’re seeking to maintain a trail of evidence on host ornetwork systems, or hunting for threats using similar techniques, largeorganizations need specialized professionals who can move beyondfirst-response incident handling in order to analyze an attack anddevelop an appropriate remediation and recovery plan.MGT512 Security Leadership Essentials for Managers GSLCCriticalControlsSEC566 Implementing and Auditing the Critical SecurityControls – In-Depth GCCCWith an increasing number of talented technologists, organizationsrequire effective leaders to manage their teams and processes. Thosemanagers will not necessarily perform hands-on work, but they mustknow enough about the underlying technologies and frameworks tohelp set strategy, develop appropriate policies, interact with skilledpractitioners, and measure outcomes.4Security ArchitectureSEC530 Defensible Security Architecture and Engineering GDSAAdversary EmulationSEC599 Defeating Advanced Adversaries – Purple Team Tacticsand Kill Chain Defenses GDATSpecialized Penetration TestingFocused Techniques & AreasVulnerability AssessmentEssentialsICS410 ICS/SCADA Security Essentials GICSPICS Defense &ResponseICS515 ICS Active Defense and Incident Response GRIDICS SecurityIn-DepthICS612 ICS Cyber Security In-DepthNERC ProtectionNERC SecurityEssentialsICS456 Essentials for NERC CriticalInfrastructure Protection GCIPDevSecOpsEvery Developer Should KnowSecure Web AppsDEV522 Defending Web ApplicationsSecurity Essentials GWEBSecure DevOpsSEC540 Cloud Security and DevOps Automation GCSANetworksWeb AppsSEC460 Enterprise Threat and Vulnerability Assessment GEVASEC660 Advanced Penetration Testing, Exploit Writing,and Ethical Hacking GXPNSEC760 Advanced Exploit Development for Penetration TestersSEC642 Advanced Web App Testing, Ethical Hacking, andExploitation TechniquesMobileSEC575 Mobile Device Security and Ethical Hacking GMOBWirelessSEC617 Wireless Penetration Testing and Ethical Hacking GAWNPython CodingSEC573 Automating Information Security with Python GPYCCOURSE LISTING KEY:TopicEssentialsCourse CodeGIAC CertificationICS410 ICS/SCADA Security Essentials GICSPCourse TitleSpecialized Investigative SkillsMalware AnalysisMalware AnalysisFOR610 Reverse-Engineering Malware: Malware AnalysisTools and Techniques GREMThreat IntelligenceCyber Threat IntelligenceFOR578 Cyber Threat Intelligence GCTIDigital Forensics & Media ExploitationBattlefield Forensics& Data AcquisitionFOR498 Battlefield Forensics & Data AcquisitionSmartphonesFOR585 Smartphone Forensic Analysis In-Depth GASFMemory ForensicsFOR526 Advanced Memory Forensics & Threat DetectionMac ForensicsFOR518 Mac and iOS Forensic Analysis and Incident ResponseAdvanced Leadership, Audit, LegalManagement SkillsPlanning, Policy, Leadership MGT514 Security Strategic Planning, Policy, and Leadership GSTRTMGT414 SANS Training Program for CISSP Certification GISPEvery ICS Security Professionals Should KnowIn-Depth CoverageAdvanced ManagementCISSP TrainingIndustrial ControlsOther Advanced Defense CoursesDigital Forensics, Malware Analysis, & Threat IntelEvery Security Manager Should KnowLeadershipEssentialsHarden Specific DefensesSpecialized Defensive AreaSEC450 Blue Team Fundamentals: Security Operations and AnalysisEvery Forensics and IR Professional Should KnowSecurity ManagementCyber Defense OperationsBlue TeamMonitoring & DetectionBaseline SkillsYou are a candidate for advanced or specialized trainingManaging VulnerabilitiesMGT516 Managing Security Vulnerabilities: Enterprise and CloudProject ManagementMGT525 IT Project Management, Effective Communication, andPMP Exam Prep GCPMTo learn moreabout additionalSANS courses, go to:sans.org/courses65 hands-oncoursesSee in-depth coursedescriptions and the digitalversion of this roadmap at:sans.org/roadmapAudit & LegalAudit & MonitorAUD507 Auditing & Monitoring Networks,Perimeters, and Systems GSNALaw & InvestigationsLEG523 Law of Data Security and Investigations GLEGThe most trusted source forcybersecurity training, certifications,degrees, and research5
SANS Training FormatsYou can take SANS courses when, where, and how you want—regardless of your training path.Whether you opt for a live event or one of our many online options, your SANS training experiencewill always e
THE SANS PROMISE At the heart of everything we do is the SANS Promise: Students will be able to use their new skills as soon as they return to work. REGISTER FOR SANS TRAINING Learn more about SANS courses, and register online, at sans.org Test drive 45 SANS courses For those new to SANS or unsure of the subject area or skill level
SANS 1200 A General SANS 1200 C Site Clearance SANS 1200 DB Earthworks (Pipe Trenches) SANS 1200 G Concrete Works SANS 1200 L Medium-Pressure Pipelines SANS 1200 LB Bedding (Pipes) SANS 1200 MJ Segmented Paving SANS 1200 MK Kerbing and Channeling SANS 1200 MM Ancillary Roadworks These standardised specifications are available from the South .
SANS 10400: Part W - 2011 SANS 10087: Part 1 - 2013 SANS 10087: Part 3 - 2008 SANS 10087: Part 7 - 2013 SANS 10087: Part 10 - 2012 SANS 10089: Part 1 - 2008 SANS 10089: Part 2 - 2007 SANS 10089: Part 3 - 2010 SANS
SABS 767-1 SANS 767-1 rl1: Fixed earth leakage protection cireu -breakers 1982 2 SABS 767-2 SANS 767-2 rt 2: Sing!e-phase,portable units 1983 2 SABS77D SANS 770 1982 1 SAB5776 SANS 776 valves -HeaVf duly 2000 3 SAB5777 SANS 777 1986 3 SABS778 SANS 718 2002 3,02 SABS779 SANS
Brownie Cybersecurity Explore cybersecurity by earning these three badges! Badge 1: Cybersecurity Basics Badge 2: Cybersecurity Safeguards Badge 3: Cybersecurity Investigator This Cybersecurity badge booklet for girls provides the badge requirements, background information, and fun facts about cybersecurity for all three Brownie
THE “DEEMED TO SATISFY” SANS 10400 SANS 10400 IS MADE UP OF: 1 SANS 10400-A The application of the NBR Part A: General principles and requirements 2016 Ed 3.1 2 SANS 10400-B The application of the NBR Part B: Structural design 2012 Ed 3 3 SANS 10400-C
SANS 10400-XA:2011 Edition 1 4 SANS 10254, The installation, maintenance, replacement and repair of fixed electric storage water heating systems. SANS 10400-A, The application of the National Building Regulations Part A: General principles and requirements. SANS 10400-K, The application of the National Building Regulations Part K: Walls. SANS 10400
the use of SANS 294, SANS 10403, SANS 10396 and the SANS 1914, SANS 1921 and SANS 2001 family of standards. It also provides guidance on the use of SASS 1200 where procurement documents are compiled in accor
Spring Awakening [1891/1906]. Translated by Jonathan Franzen. Faber & Faber 2007. [on loan from NYU Berlin] o Oskar Kokoschka. Murderer, Hope of Women In: Plays and Poems [1907/1910. ]. Translated by Michael Mitchell. Ariadne Press 2001. pp. 21 – 28. [course reader] o David F. Kuhns. German Expressionist Theatre: The Actor and the Stage .
