Planning to come to SANS? Use this brief guide to help understand how the right training can benefit your career. These in-depth training programs, vary from 1-6 days long and are consistent across all conferences.

For a complete description of the courses below, please visit our SANS Courses page.

AUDIT

AUDIT 507: Auditing Networks, Perimeters & Systems

This hands-on course is the most comprehensive, most technically advanced audit course on planet earth. This course helps you become part of a highly sought after elite group of very technical, security-savvy auditors capable of doing an effective job on critical security assessments.

AUDIT 410: Audit Essentials

The right track for people who are just entering the security field, and who will be responsible for auditing organizational policy, procedure, risk, or policy conformance. Gain a firm grasp of information security principles and issues and be equipped to develop best practice audit checklists. Prepares you for Audit 507, Auditing Networks, Perimeters and Systems.

Linking Risk Analysis to Checklists: Unix & Windows

Learn how to perform an IT risk analysis and the mechanics of creating an operational security checklist based on the risk analysis.

Securing and Auditing Cisco Routers

In this course, you will use the hacker tools that are being used against routers, and learn how to configure Cisco IOS to defend against these attacks.

LEGAL

Legal Issues in Information Technology: InfoSec

Provides attorneys and technicians with in-depth knowledge of the major legal issues raised by Information Security.

Business Law and Computer Security

Learn about the laws governing a corporation or government entity, as those laws apply to the protection of information and computer systems.

Contracting for Data Security

Prepared primarily for non-lawyers, this course focuses on practical lessons rather than theory. But many corporate lawyers will find this course rewarding because it will introduce the waterfront of practical issues involved in technology negotiations.

The Law of Fraud

This course surveys white collar fraud, with an emphasis on the role of technology in the commission and prevention of that fraud.

SECURITY

SECURITY 309: Intro to Information Security

Entry-level course gets you up to speed, fast! It starts with terminology and concepts and then blasts straight into applications and security management problem solving.

SECURITY 401: SANS Security Essentials Bootcamp Style

SANS Flagship course covers the most important topics and skills of an information security team and prepares you for our advanced hands on courses.

Please note that some course material for SEC 401 and MGT 512 may overlap. We recommend SEC 401 for those interested in a more technical course of study, and MGT 512 for those primarily interested in a leadership-oriented but less technical learning experience.

SECURITY 502: Firewalls, Perimeter Protection & VPNs

Covers the most important topics and skills of an information security team and prepares you for advanced courses. Organizations give perimeter security high priority, making this a fantastic track for auditors and consultants.

SECURITY 503: Intrusion Detection In-Depth

Do more than watch for alerts. An advanced, hands-on, and challenging training program that ensures you know how to identify and decipher the signatures of network-based attacks. GCIA (GIAC Certified Intrusion Analyst) certification, the industry's most challenging credential, earns top recognition from employers.

SECURITY 504: Hacker Techniques, Exploits & Incident Handling

Learn to detect malicious code and respond on the fly. Recommended for professionals, this challenging course teaches the proven six-step process for incident handling, qualifying you to lead your organization's incident handling team as well as serve as the technical leader.

SECURITY 505: Securing Windows

Rapidly paced, jam-packed course for Windows administrators with security responsibilities. Teaches you the risks to your systems that Microsoft doesn't tell you about, making you the key player on a Windows administration team.

SECURITY 506: Securing Unix/Linux

An advanced, step-by-step course that prepares Unix/Linux system administrators to take full responsibility for securing those systems. The GCUX (GIAC Certified Unix/Linux Administrator) credential proves to organizations that you know how to secure those systems and applications.

SECURITY 508: Systems Forensics, Investigations & Response

The most advanced and challenging course in the field of information security forensics. It gets you ready to serve as a valued member or leader of a forensics team. People with GCFA (GIAC Certified Forensics Analyst) certifications are sought after in law enforcement, government and large organizations and often land some of the most demanding jobs in information security.

Cutting-Edge Hacking Techniques Hands-On

This action-packed course describes the latest attack trends and what you can do to thwart the bad guys.

Web Application Security Workshop

Covers the techniques and challenges of securing web applications and presents a hands-on approach to the latest practices and tools in design and security.

Intrusion Prevention Hands-On

Covers advanced material on the design, construction, pros and cons of running an Intrusion Prevention System (IPS).

System Log Aggregation & Analysis Hands-On

Learn how to run your networks more effectively while dramatically improving your security awareness and ability to detect attacks.

Reverse-Engineering Malware

If your organization is looking to expand its capacity to fight malicious code, be sure to sign up for this hands-on class.

Honeypots: Tracking Hackers

Gives you a full understanding of what honeypots are, how they work, their value, the different types, and which ones are best for your organization.

Auditing Wireless Networks

Discover the techniques used to audit and map the topology of wireless networks with hands-on exercises using Kismet and popular wireless attack tools.

MANAGERIAL

MANAGEMENT 512: SANS Security Leadership Essentials for Managers

Leadership Essentials is written and taught MBA style by senior IT and Security Managers for Managers. Managing the security function is challenging; you will learn technology, including the latest security trends, project and people management and how to apply this knowledge in the work place. This is the perfect course for managers who want to improve their effectiveness in designing and guiding a security program.

Please note that some course material for SEC 401 and MGT 512 may overlap. We recommend SEC 401 for those interested in a more technical course of study, and MGT 512 for those primarily interested in a leadership-oriented but less technical learning experience.

MANAGEMENT 513: Security Consultant

Geared for security practitioners who need to learn the "business" of security and provides foundational survival skills. It is a challenging course designed for students who possess strong technical skills in Unix and Windows Operating systems, networking and perimeter security.

MANAGEMENT 414: CISSP 10 Domains +STM

SANS CISSP® Review covers the security concepts required for the CISSP® exam and will get you up to speed fast! Employers and consulting clients value CISSP® certification because it demonstrates that industry professionals have mastered the ten domains of knowledge. The +S in its name means it translates much of the theoretical information tested in the CISSP® exam into practical guidance you can put to work the day you return to your office.

Ethics in IT

Covers the thorny ethical issues we have each encountered; the issue is described, a conservative and liberal approach are shown, then the issue is summarized.

Cyber Warrior

Provides detailed explanations of specific pervasive Internet technical problems, and in-depth examinations of the types of harmful attacks.

SANS Awareness Training - Train the Trainer

This one-day six-step program walks trainers and security managers through the architecture and design of a successful security awareness program.