- Training
- Training Live Events
- Training Without Travel
- Security Courses
- Security Curricula
- Certified Instructors
- Training Calendars
- SANS vLive! / SANS @Home
- SANS OnDemand
- Community SANS
- SANS Mentor Program
- Coins
- SANS Onsite
- SANS SelfStudy
- SANS Summit Series
- SANS Partnership Series
- Webcasts
- Work Study
- Events Archive
- DoD 8570
- Voucher Credit Program
- group discounts
- Certification
- Resources
- List of Resources
- Top 20 List
- Top 25 Programming Errors
- 20 Coolest Jobs
- Application Security Procurement Language
- Top 10 Security Trends
- Top 5 Essential Log Reports
- Reading Room
- Webcasts
- AudioCasts
- WhatWorks
- Newsletters
- RSS Feeds
- Calendar Feeds
- Security Thought Leaders
- Security Policy Project
- Security+ Study Guide
- SANS Buyers Guide
- Security Tool Demos
- 2008 Salary Survey
- Vendor
- Portal
- Storm Center
- College
- Developer
- About
The most trusted source for computer security training, certification and research.
New Courses - Up and Running
New Courses: Up and Running | Coming Soon | In Development
SEC 408: Computer Forensic Essentials
Master computer forensics. Learn essential investigation techniques.
SEC 440: 20 Critical Security Controls: Planning, Implementing and Auditing
This course helps you master specific, proven techniques and tools needed to implement and audit the Top Twenty Most Critical Security Controls. These Top 20 Security Controls, listed below, are rapidly becoming accepted as the highest priority list of what must be done and proven before anything else at nearly all serious and sensitive organizations. These controls were selected and defined by the US military and other government and private organizations (including NSA, DHS, GAO, and many others) who are the most respected experts on how attacks actually work and what can be done to stop them.
SEC 558: Network Forensics
Want to analyze DNS tunnel traffic? Carve cached Web pages out of central Squid proxies? Extract JPGs and GIFs from Snort packet captures for forensic investigations?
SEC 563: Mobile Device Forensics
Mobile device forensics is a rapidly evolving field, creating exciting opportunities for practitioners in corporate, criminal, and military settings. Designed for students who are both new to and already familiar with mobile device forensics, this hands-on course provides the core knowledge and skills that a Digital Forensic Investigator needs to process cell phones, PDAs, and other mobile devices.
SEC 564: Security Architecture for Systems Administrators
Systems Administrators are at the front line of any security architecture. They also know the systems that they manage on a daily basis better than anyone else. However, most Systems Administrators are NOT security professionals. Making the assumption that they are leads to many of the security related issues most organizations face today. This course is not designed to make a sysadmin into a security geek. But rather it will help them better understand what is required by security teams and auditors. We also focus strongly on developing the tools and techniques that an administrator would need to meet audit and security requirements is as efficient a manner as possible.
This class provides the tools and techniques to bridge the gap and help sysadmin teams meet the needs of security and audit teams -- and still do their day jobs.
SEC 606: Drive and Data Recovery Forensics
The data recovery world and the forensics world are very close in relation. This class discusses topics valuable to both forensic and data recovery professionals alike and touches on data recovery topics relating to forensics topics where they can be applied.
AUD 439: Using the OCTAVE Risk Assessment Methodology
The dreaded disaster that everyone discounted has happened to your organization. Your IT infrastructure has been crippled by a catastrophic event. You need to get your company's IT infrastructure back online so you can continue doing business. You're confident that you can get everything back online in a reasonable amount of time. You find your disaster recovery plan but as you go through the document, you start to realize that it doesn't mention any of the new hardware, software or personnel who have joined your company in the past 5 years. Your recovery plan is outdated. It's going to be a long day. It's not the time to think "I wish I had updated my risk assessment and DRP".
New Courses Home
Check Them Out!
Provided more depth on available tools than any other conference!
-Eric Moriak, Flowserve
- © 2000-2009 The SANS™ Institute
- Web Privacy Policy | Web Contact |
- Press Room | Trademark Usage Policy