Be patient!

We are updating old articles and new articles. Hope you this of interest. Please feel free to comment on articles

SANS

Great Place to study Cyber and Network Security

SANS has been around since AL Gore invented the Internet. I spent many hours reading their materials in the past. Below is a list of courses. There is no one more knowledgeable. As a manager I always look for these kind of Skills.

  • Penetration Testing and Red TeamingSEC504: Hacker Tools, Techniques, and Incident HandlingSEC504 helps you develop the skills to conduct incident response investigations. You will learn how to apply a dynamic incident response process to evolving cyber threats, and how to develop threat intelligence to mount effective defense strategies for cloud and on-premises platforms. We’ll examine the latest threats to organizations, from watering hole attacks to cloud application service MFA bypass, enabling you to get into the mindset of attackers and anticipate their moves. SEC504 gives you the information you need to understand how attackers scan, exploit, pivot, and establish persistence in cloud and conventional systems. To help you develop retention and long-term recall of the course material, 50 percent of class time is spent on hands-on exercises, using visual association tools to break down complex topics. This course prepares you to conduct cyber investigations and will boost your career by helping you develop these in-demand skills. 30+ Hands-on LabsCertification:
    • GIAC Certified Incident Handler (GCIH)
    Course SyllabusPricing & Training Options
  • Cybersecurity and IT EssentialsSEC401: Security Essentials – Network, Endpoint, and CloudWhether you are new to information security or a seasoned practitioner with a specialized focus, SEC401 will provide the essential information security skills and techniques you need to protect and secure your critical information and technology assets, whether on-premise or in the cloud. SEC401 will also show you how to directly apply the concept learned into a winning defensive strategy, all in the terms of the modern adversary. This is how we fight; this is how we win! 18 Hands-On LabsCertification:
    • GIAC Security Essentials (GSEC)
    Course SyllabusPricing & Training Options
  • Digital Forensics and Incident ResponseFOR508: Advanced Incident Response, Threat Hunting, and Digital ForensicsThreat hunting and Incident response tactics and procedures have evolved rapidly over the past several years. Your team can no longer afford to use antiquated incident response and threat hunting techniques that fail to properly identify compromised systems. The key is to constantly look for attacks that get past security systems, and to catch intrusions in progress, rather than after attackers have completed their objectives and done worse damage to the organization. For the incident responder, this process is known as ” threat hunting “. FOR508 teaches advanced skills to hunt, identify, counter, and recover from a wide range of threats within enterprise networks, including APT nation-state adversaries, organized crime syndicates, and hactivists.Certification:
    • GIAC Certified Forensic Analyst (GCFA)
    Course SyllabusPricing & Training Options
  • New Cybersecurity and IT EssentialsSEC275: Foundations: Computers, Technology, & SecuritySANS Foundations is the best course available to learn the core knowledge and develop practical skills in computers, technology, and security foundations that are needed to kickstart a career in cybersecurity. The course features a comprehensive variety of innovative, hands-on labs, and practical exercises that go far beyond what is offered in any other foundational course in cybersecurity. These labs are developed by leading subject-matter experts, drawing on the latest technology, techniques, and concepts in cybersecurity.Certification:
    • GIAC Foundational Cybersecurity Technologies (GFACT)
    Course SyllabusPricing & Training Options
  • Penetration Testing and Red TeamingSEC560: Enterprise Penetration TestingSEC560 prepares you to conduct successful penetration testing for a modern enterprise, including on-premise systems, Azure, and Azure AD. You will learn the methodology and techniques used by real-world penetration testers in large organizations to identify and exploit vulnerabilities at scale and show real business risk to your organization. The course material is complemented with 30+ practical lab exercises concluding with an intensive, hands-on Capture-the-Flag exercise in which you will conduct a penetration test against a sample target organization and demonstrate the knowledge you have mastered.Certification:
    • GIAC Penetration Tester (GPEN)
    Course SyllabusPricing & Training Options
  • Digital Forensics and Incident ResponseFOR578: Cyber Threat IntelligenceCyber threat intelligence represents a force multiplier for organizations looking to update their response and detection programs to deal with increasingly sophisticated advanced persistent threats. Malware is an adversary’s tool but the real threat is the human one, and cyber threat intelligence focuses on countering those flexible and persistent human threats with empowered and trained human defenders. During a targeted attack, an organization needs a top-notch and cutting-edge threat hunting or incident response team armed with the threat intelligence necessary to understand how adversaries operate and to counter the threat. FOR578: Cyber Threat Intelligence will train you and your team in the tactical, operational, and strategic level cyber threat intelligence skills and tradecraft required to make security teams better, threat hunting more accurate, incident response more effective, and organizations more aware of the evolving threat landscape.Certification:
    • GIAC Cyber Threat Intelligence (GCTI)
    Course SyllabusPricing & Training Options
  • Cybersecurity and IT EssentialsSEC301: Introduction to Cyber SecurityThis introductory certification course is the fastest way to get up to speed in information security. Written and taught by battle-scarred cyber security veterans, this entry-level course covers a broad spectrum of security topics and is liberally sprinkled with real life examples. Course lecture explains terms and concepts in detail and the hands-on labs drive those concepts home. A balanced mix of technical topics explained in easy-to-understand ways makes this course appealing to attendees who need to understand the important facets of cyber security. If you need to lay your cyber security foundation quickly, SEC301’s explanations and 14 hands-on labs will have you covered!Certification:
    • GIAC Information Security Fundamentals (GISF)
    Course SyllabusPricing & Training Options
  • Security Management, Legal, and AuditMGT512: Security Leadership Essentials for ManagersSecurity leaders need both technical knowledge and leadership skills to gain the respect of technical team members, understand what technical staff are actually doing, and appropriately plan and manage security projects and initiatives.  This security managers training course will teach leaders about the key elements of any modern security program. Learn to quickly grasp critical cybersecurity issues and terminology, with a focus on security frameworks, security architecture, security engineering, computer/network security, vulnerability management, cryptography, data protection, security awareness, application security, DevSecOps, cloud security, and security operations. This is more than security training. You will learn how to lead security teams and manage programs by playing through twenty-three Cyber42 activities throughout the class, approximately 60-80 minutes daily.Certification:
    • GIAC Security Leadership (GSLC)
    Course SyllabusPricing & Training Options
  • Security Management, Legal, and AuditLDR512: Security Leadership Essentials for Managers** USE THIS VERSION FOR CLASSES AFTER DECEMBER 31, 2023 ** Security leaders need both technical knowledge and leadership skills to gain the respect of technical team members, understand what technical staff are actually doing, and appropriately plan and manage security projects and initiatives.  This security managers training course will teach leaders about the key elements of any modern security program. Learn to quickly grasp critical cybersecurity issues and terminology, with a focus on security frameworks, security architecture, security engineering, computer/network security, vulnerability management, cryptography, data protection, security awareness, application security, DevSecOps, cloud security, and security operations. This is more than security training. You will learn how to lead security teams and manage programs by playing through twenty-three Cyber42 activities throughout the class, approximately 60-80 minutes daily.Certification:
    • GIAC Security Leadership (GSLC)
    Course SyllabusPricing & Training Options
  • Cloud SecuritySEC488: Cloud Security EssentialsMore businesses than ever are moving sensitive data and shifting mission-critical workloads to the cloud, and not just to one cloud service provider (CSP). Something that is unclear to many, is that organizations are still responsible for securing their data and mission-critical applications in the cloud. The benefits in terms of cost and speed of leveraging a multi cloud platform to develop and accelerate delivery of business applications and analyze customer data can quickly be reversed if security professionals are not properly trained to secure the organization’s cloud environment and investigate and respond to the inevitable security breaches. New technologies introduce new risks. The SEC488 cloud security course helps your organization successfully navigate both the security challenges and opportunities presented by cloud services. 20 Hands-on Labs + CloudWars Capstone Challenge.Certification:
    • GIAC Cloud Security Essentials (GCLD)
    Course SyllabusPricing & Training Options
  • Digital Forensics and Incident ResponseFOR500: Windows Forensic AnalysisFOR500 builds comprehensive digital forensics knowledge of Microsoft Windows operating systems providing the means to recover, analyze, and authenticate forensic data, track user activity on the network, and organize findings for use in incident response, internal investigations, intellectual property theft inquiries, and civil or criminal litigation. Use this knowledge to validate security tools, enhance vulnerability assessments, identify insider threats, track hackers, and improve security policies. Detailed and real-world exercises teach the tools and techniques that every investigator should employ step-by-step to solve a forensic case. Newly updated to cover all Windows versions through Windows 11!Certification:
    • GIAC Certified Forensic Examiner (GCFE)
    Course SyllabusPricing & Training Options
  • Industrial Control Systems SecurityICS410: ICS/SCADA Security EssentialsICS410: ICS/SCADA Security Essentials provides a foundational set of standardized skills and knowledge for industrial cybersecurity professionals. The course is designed to ensure that the workforce involved in supporting and defending industrial control systems is trained to keep the operational environment safe, secure, and resilient against current and emerging cyber threats.Certification:
    • Global Industrial Cyber Security Professional (GICSP)
    Course SyllabusPricing & Training Options
  • New Digital Forensics and Incident Response, Cloud SecurityFOR509: Enterprise Cloud Forensics and Incident ResponseThe world is changing and so is the data we need to conduct our investigations. Cloud platforms change how data is stored and accessed. They remove the examiner’s ability to put their hands directly on the systems. Many examiners are trying to force old methods for on-premise examination onto cloud hosted platforms. Rather than resisting change, examiners must learn to embrace the new opportunities presented to them in the form of new evidence sources. FOR509: Enterprise Cloud Forensics and Incident Response addresses today’s need to bring examiners up to speed with the rapidly changing world of enterprise cloud environments by uncovering the new evidence sources that only exist in the Cloud.Certification:
    • GIAC Cloud Forensics Responder (GCFR)
    Course SyllabusPricing & Training Options
  • Security Management, Legal, and AuditMGT514: Security Strategic Planning, Policy, and LeadershipThis cybersecurity strategy training course will equip leaders with the tools and skills to bridge the gap between security staff and senior leadership by strategically planning how to build and run effective security programs. Creating a security strategy, executing a plan that includes complete and sound policy coupled with top-notch leadership is hard for IT and security professionals because we spend so much time responding and reacting. This information security course will provide you with the tools to build a cybersecurity strategic plan, an entire IT security policy, and lead your teams in the execution of your plan and policy. By the end of class you will have prepared an executive presentation, read 3 business case studies, responded to issues faced by 4 fictional companies, analyzed 15 case scenarios, and responded to 15 Cyber42 events.Certification:
    • GIAC Strategic Planning, Policy, and Leadership (GSTRT)
    Course SyllabusPricing & Training Options
  • Cyber DefenseSEC530: Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid EnterpriseThis course is designed to help students build and maintain a truly defensible security architecture, while taking them on a journey towards implementing Zero Trust principles, pillars and capabilities. There will be a heavy focus on leveraging current infrastructure and investment. Students will learn how to assess, re-configure and validate existing technologies to significantly improve their organizations’ prevention, detection and response capabilities, augment visibility, reduce attack surface, and even anticipate attacks in innovative ways. The course will also delve into some of the latest technologies and their capabilities, strengths, and weaknesses. You will come away with recommendations and suggestions that will aid in building a robust security infrastructure, layer by layer, across hybrid environments, as you embark on a journey towards Zero Trust. 23 Hands-On Labs + Capstone Secure the Flag ChallengeCertification:
    • GIAC Defensible Security Architecture (GDSA)
    Course SyllabusPricing & Training Options
  • Digital Forensics and Incident ResponseFOR610: Reverse-Engineering Malware: Malware Analysis Tools and TechniquesLearn to turn malware inside out! This popular course explores malware analysis tools and techniques in depth. FOR610 training has helped forensic investigators, incident responders, security engineers, and IT administrators acquire the practical skills to examine malicious programs that target and infect Windows systems.Certification:
    • GIAC Reverse Engineering Malware (GREM)
    Course SyllabusPricing & Training Options
  • Cyber DefenseSEC503: Network Monitoring and Threat Detection In-DepthSEC503: Network Monitoring and Threat Detection In-Depth delivers the technical knowledge, insight, and hands-on training you need to confidently defend your network, whether traditional or cloud-based. You will learn about the underlying theory of TCP/IP and the most used application protocols so that you can intelligently examine network traffic to identify emerging threats, perform large-scale correlation for threat hunting, and reconstruct network attacks. 37 Hands-on Labs + Capstone ChallengeCertification:
    • GIAC Certified Intrusion Analyst (GCIA)
    Course SyllabusPricing & Training Options
  • Penetration Testing and Red TeamingSEC542: Web App Penetration Testing and Ethical HackingSEC542 enables students to assess a web application’s security posture and convincingly demonstrate the business impact should attackers exploit the discovered vulnerabilities. You will practice the art of exploiting web applications to find flaws in your enterprise’s web apps. You’ll learn about the attacker’s tools and methods and, through detailed hands-on exercises, you will learn a best practice process for web application penetration testing, inject SQL into back-end databases to learn how attackers exfiltrate sensitive data, and utilize cross-site scripting attacks to dominate a target infrastructure. 30+ Hands-on LabsCertification:
    • GIAC Web Application Penetration Tester (GWAPT)
    Course SyllabusPricing & Training Options
  • Cloud SecuritySEC540: Cloud Security and DevSecOps AutomationOrganizations are moving to the cloud to enable digital transformation and reap the benefits of cloud computing. However, security teams struggle to understand the DevOps toolchain and how to introduce security controls in their automated pipelines responsible for delivering changes to cloud-based systems. Without effective pipeline security controls, security teams lose visibility into the changes released into production environments. SEC540 provides security professionals with a methodology to secure modern Cloud and DevOps environments. By embracing the DevOps culture, students will walk away from SEC540 battle-tested and ready to build to their organization’s Cloud & DevSecOps Security Program. 35 Unique, Immersive, Hands-On Labs 3 CI/CD security labs 16 AWS focused labs 16 Azure focused labs CloudWars Bonus ChallengesCertification:
    • GIAC Cloud Security Automation (GCSA)
    Course SyllabusPricing & Training Options
  • Cloud Security, Penetration Testing and Red TeamingSEC588: Cloud Penetration TestingSEC588 will equip you with the latest cloud-focused penetration testing techniques and teach you how to assess cloud environments. The course dives into topics like cloud-based microservices, in-memory data stores, serverless functions, Kubernetes meshes, and containers. It also looks at how to identify and test cloud-first and cloud-native applications. You will also learn specific tactics for penetration testing in Azure and Amazon Web Services, particularly important given that AWS and Microsoft account for more than half the market. It is one thing to assess and secure a data center, but it takes a specialized skill set to evaluate and report on the risks to an organization if its cloud services are left insecure. 27 Hands-on LabsCertification:
    • GIAC Cloud Penetration Tester (GCPN)
    Course SyllabusPricing & Training Options
  • New Cyber Defense, Open-Source Intelligence (OSINT)SEC497: Practical Open-Source Intelligence (OSINT)SEC497 is based on two decades of experience with open-source intelligence (OSINT) research and investigations supporting law enforcement, intelligence operations, and a variety of private sector businesses ranging from small start-ups to Fortune 100 companies. The goal is to provide practical, real-world tools and techniques to help individuals perform OSINT research safely and effectively. One of the most dynamic aspects of working with professionals from different industries worldwide is getting to see their problems and working with them to help solve those problems. SEC497 draws on lessons learned over the years in OSINT to help others. The course not only covers critical OSINT tools and techniques, it also provides real-world examples of how they have been used to solve a problem or further an investigation. Hands-on labs based on actual scenarios provide students with the opportunity to practice the skills they learn and understand how those skills can help in their research. 29 Hands-on Labs + Capstone CTFCertification:
    • GIAC Open Source Intelligence (GOSI)
    Course SyllabusPricing & Training Options
  • Penetration Testing and Red TeamingSEC660: Advanced Penetration Testing, Exploit Writing, and Ethical HackingSEC660 is designed as a logical progression point for students who have completed SEC560: Network Penetration Testing and Ethical Hacking , or for those with existing penetration testing experience. This course provides you with in-depth knowledge of the most prominent and powerful attack vectors and furnishes an environment to perform these attacks in numerous hands-on scenarios. The course goes far beyond simple scanning for low-hanging fruit and teaches you how to model the abilities of an advanced attacker to find significant flaws in a target environment and demonstrate the business risk associated with these flaws. 30+ Hands-on LabsCertification:
    • GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
    Course SyllabusPricing & Training Options
  • Security Management, Legal, and AuditMGT414: SANS Training Program for the CISSP CertificationMGT414 is fully updated for the May 2021 CISSP exam update! MGT414: SANS Training Program for CISSP Certification is an accelerated review course designed to prepare you to pass the exam. The course prepares students to navigate all types of questions included on the new version of the exam.Certification:
    • GIAC Information Security Professional (GISP)
    Course SyllabusPricing & Training Options
  • Security Management, Legal, and AuditLDR414: SANS Training Program for the CISSP Certification** USE THIS VERSION FOR CLASSES AFTER OCTOBER 31, 2023 ** MGT414 is fully updated for the May 2021 CISSP exam update! MGT414: SANS Training Program for CISSP Certification is an accelerated review course designed to prepare you to pass the exam. The course prepares students to navigate all types of questions included on the new version of the exam.Certification:
    • GIAC Information Security Professional (GISP)
    Course SyllabusPricing & Training Options
  • Cloud SecuritySEC510: Public Cloud Security: AWS, Azure, and GCPOrganizations are becoming multi cloud by choice or by chance. However, although each cloud provider is responsible for the security of the cloud, its customers are responsible for what they do in the cloud. Unfortunately, this means that security professionals must support hundreds of different services across multiple clouds. Many of these services are insecure by default, and few of them are consistent across the different clouds. Security teams need a deep understanding of the of each cloud’s services to lock them down. As the multicloud landscape rapidly evolves, security is constantly playing catch-up to avert disaster. SEC510: Public Cloud Security: AWS, Azure, and GCP solves this problem by teaching you the security nuanced differences between the Big 3 cloud providers and how to securely configure their Platform as a Service (PaaS) / Infrastructure as a Service (IaaS) offerings. 20 Hands-On Labs + Bonus ChallengesCertification:
    • GIAC Public Cloud Security (GPCS)
    Course SyllabusPricing & Training Options
  • Industrial Control Systems Security, Digital Forensics and Incident ResponseICS515: ICS Visibility, Detection, and ResponseICS515: ICS Visibility, Detection, and Response will help you gain visibility and asset identification in your Industrial Control System (ICS)/Operational Technology (OT) networks, monitor for and detect cyber threats, deconstruct ICS cyber attacks to extract lessons learned, perform incident response, and take an intelligence-driven approach to executing a world-leading ICS cybersecurity program to ensure safe and reliable operations. Note: This class was previously named ICS515: ICS Active Defense and Incident Response. The course has gone through a significant update changing much of the content, most of the labs, and adding a day in course length.Certification:
    • GIAC Response and Industrial Defense (GRID)
    Course SyllabusPricing & Training Options
  • Cyber DefenseSEC450: Blue Team Fundamentals: Security Operations and AnalysisSEC450 provides students with technical knowledge and key concepts essential for security operation center (SOC) analysts and new cyber defense team members. By providing a detailed explanation of the mission and mindset of a modern cyber defense operation, this course will jumpstart and empower those on their way to becoming the next generation of blue team members.Certification:
    • GIAC Security Operations Certified (GSOC)
    Course SyllabusPricing & Training Options
  • Cyber DefenseSEC573: Automating Information Security with PythonThe challenges faced by security professionals are constantly evolving, so there is a huge demand for those who can understand a technology problem and quickly develop a solution. If you have to wait on a vendor to develop a tool to recover a forensics artifact, or to either patch or exploit that new vulnerability, then you will always be behind. It is no longer an option for employers serious about information security to operate without the ability to rapidly develop their own tools. This course will give you the skills to develop solutions so that your organization can operate at the speed of the adversary. SEC573 is an immersive, self-paced, hands-on, and lab-intensive course. After covering the essentials required for people who have never coded before, the course will present students with real-world forensics, defensive, and offensive challenges. You will develop a malware dropper for an offensive operation; learn to search your logs for the latest attacks; develop code to carve forensics artifacts from memory, hard drives, and packets; automate the interaction with an online website’s API; and write a custom packet sniffer. Through fun and engaging labs, youll develop useful tools and build essential skills that will make you the most valuable member of your information security team. 128 Hands-on Labs + Capture-the-Flag ChallengeCertification:
    • GIAC Python Coder (GPYC)
    Course SyllabusPricing & Training Options
  • Security Management, Legal, and AuditSEC566: Implementing and Auditing Security Frameworks and ControlsHigh-profile cybersecurity attacks indicate that offensive attacks are outperforming defensive measures. Cybersecurity engineers, auditors, privacy, and compliance team members are asking how they can practically protect and defend their systems and data, and how they should implement a prioritized list of cybersecurity hygiene controls. In SANS SEC566, students will learn how an organization can defend its information by using vetted cybersecurity frameworks and standards. Students will specifically learn how to navigate security control requirements defined by the Center for Internet Security’s (CIS) Controls (v7.1 / 8.0), the NIST Cybersecurity Framework (CSF) the Cybersecurity Maturity Model Certification (CMMC), NIST SP 800-171, ISO/IEC 27000, and other frameworks into a cohesive strategy to defend their organization while complying with industry standards. 13 Hands-on ExercisesCertification:
    • GIAC Critical Controls Certification (GCCC)
    Course SyllabusPricing & Training Options
  • Purple TeamSEC599: Defeating Advanced Adversaries – Purple Team Tactics & Kill Chain DefensesDefeating Advanced Adversaries – Purple Team Tactics & Kill Chain Defenses will arm you with the knowledge and expertise you need to overcome today’s threats. Recognizing that a prevent-only strategy is not sufficient, we will introduce security controls aimed at stopping, detecting, and responding to your adversaries through a purple team strategy. 20+ Hands-on Labs & a unique APT Defender CapstoneCertification:
    • GIAC Defending Advanced Threats (GDAT)

WebsiteFlyer RSS Feeds

Comment local