homepage
Open menu
Go one level top
  • Train and Certify
    Train and Certify

    Immediately apply the skills and techniques learned in SANS courses, ranges, and summits

    • Overview
    • Courses
      • Overview
      • Full Course List
      • By Focus Areas
        • Cloud Security
        • Cyber Defense
        • Cybersecurity and IT Essentials
        • DFIR
        • Industrial Control Systems
        • Offensive Operations
        • Management, Legal, and Audit
      • By Skill Levels
        • New to Cyber
        • Essentials
        • Advanced
        • Expert
      • Training Formats
        • OnDemand
        • In-Person
        • Live Online
      • Course Demos
    • Training Roadmaps
      • Skills Roadmap
      • Focus Area Job Roles
        • Cyber Defence Job Roles
        • Offensive Operations Job Roles
        • DFIR Job Roles
        • Cloud Job Roles
        • ICS Job Roles
        • Leadership Job Roles
      • NICE Framework
        • Security Provisionals
        • Operate and Maintain
        • Oversee and Govern
        • Protect and Defend
        • Analyze
        • Collect and Operate
        • Investigate
        • Industrial Control Systems
    • GIAC Certifications
    • Training Events & Summits
      • Events Overview
      • Event Locations
        • Asia
        • Australia & New Zealand
        • Latin America
        • Mainland Europe
        • Middle East & Africa
        • Scandinavia
        • United Kingdom & Ireland
        • United States & Canada
      • Summits
    • OnDemand
    • Get Started in Cyber
      • Overview
      • Degree and Certificate Programs
      • Scholarships
    • Cyber Ranges
  • Manage Your Team
    Manage Your Team

    Build a world-class cyber team with our workforce development programs

    • Overview
    • Why Work with SANS
    • Group Purchasing
    • Build Your Team
      • Team Development
      • Assessments
      • Private Training
      • Hire Cyber Professionals
      • By Industry
        • Health Care
        • Industrial Control Systems Security
        • Military
    • Leadership Training
  • Security Awareness
    Security Awareness

    Increase your staff’s cyber awareness, help them change their behaviors, and reduce your organizational risk

    • Overview
    • Products & Services
      • Security Awareness Training
        • EndUser Training
        • Phishing Platform
      • Specialized
        • Developer Training
        • ICS Engineer Training
        • NERC CIP Training
        • IT Administrator
      • Risk Assessments
        • Knowledge Assessment
        • Culture Assessment
        • Behavioral Risk Assessment
    • OUCH! Newsletter
    • Career Development
      • Overview
      • Training & Courses
      • Professional Credential
    • Blog
    • Partners
    • Reports & Case Studies
  • Resources
    Resources

    Enhance your skills with access to thousands of free resources, 150+ instructor-developed tools, and the latest cybersecurity news and analysis

    • Overview
    • Webcasts
    • Free Cybersecurity Events
      • Free Events Overview
      • Summits
      • Solutions Forums
      • Community Nights
    • Content
      • Newsletters
        • NewsBites
        • @RISK
        • OUCH! Newsletter
      • Blog
      • Podcasts
      • Summit Presentations
      • Posters & Cheat Sheets
    • Research
      • White Papers
      • Security Policies
    • Tools
    • Focus Areas
      • Cyber Defense
      • Cloud Security
      • Digital Forensics & Incident Response
      • Industrial Control Systems
      • Cyber Security Leadership
      • Offensive Operations
  • Get Involved
    Get Involved

    Help keep the cyber community one step ahead of threats. Join the SANS community or begin your journey of becoming a SANS Certified Instructor today.

    • Overview
    • Join the Community
    • Work Study
    • Teach for SANS
    • CISO Network
    • Partnerships
    • Sponsorship Opportunities
  • About
    About

    Learn more about how SANS empowers and educates current and future cybersecurity practitioners with knowledge and skills

    • SANS
      • Overview
      • Our Founder
      • Awards
    • Instructors
      • Our Instructors
      • Full Instructor List
    • Mission
      • Our Mission
      • Diversity
      • Scholarships
    • Contact
      • Contact Customer Service
      • Contact Sales
      • Press & Media Enquiries
    • Frequent Asked Questions
    • Customer Reviews
    • Press
    • Careers
  • Contact Sales
  • SANS Sites
    • GIAC Security Certifications
    • Internet Storm Center
    • SANS Technology Institute
    • Security Awareness Training
  • Search
  • Log In
  • Join
    • Account Dashboard
    • Log Out
  1. Home >
  2. Blog >
  3. SANS Cloud Security Curriculum
370x370_Frank-Kim.jpg
Frank Kim

SANS Cloud Security Curriculum

The SANS Cloud Security Curriculum is growing fast – like the Cloud itself.

January 5, 2023

SANS believes that the cloud is a transformative technology that will define the technology landscape for many years to come. Given the unmitigated growth of Cloud, we have launched the Cloud Security Curriculum to give you the training and skills you need to become a cloud security expert.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Download the SANS Cloud Security Curriculum Brochure here.

Description of a SANS Cloud Ace

Security Focused | Technically Capable | Forward Thinking | Aware of Bigger Picture | Knowledgeable | Confident

Slide_Cloud-Curriculum-Roadmap.jpg

CURRENT SANS CLOUD SECURITY CURRICULUM

New Courses & Certifications in 2023

  • SEC549: Enterprise Cloud Security Architecture - 4 Days!
  • GIAC Cloud Threat Detection | GCTD - Coming Q1 2023

New Courses & Certifications in 2022

  • GIAC Public Cloud Security | GPCS
  • GIAC Cloud Forensics Responder | GCFR
  • SEC388: Introduction to Cloud Computing and Security
  • SEC549: Enterprise Cloud Security Architecture - 5 Days

Review the entire list of SANS In-development courses here. You may choose to sign up to stay informed on your specific interests.

Cloud Ace Podcast

Season 1 with host, Brandon Evans, now available wherever you get your podcasts. Learn more here.

Cloud_Ace_Podcast_-_Season_1_-_Generic_-_Guest_Collection.jpg

Cloud Job Roles Simplified

In the Cloud, all things are dependent on applications, code, and automation. As such, our curriculum takes a holistic approach to Cloud Security. Courses range in complexity for those new to Cloud as well as those who have been around for the block a few times. If you are a developer, an architect, an engineer, an analyst, or a manger, the SANS Cloud Security Curriculum has training for you. If you are ready for deep, hands-on, highly technical, skill-specific training, we’re there for you. If you’re new to cybersecurity as a whole and want to start a journey in Cloud Security, we have you covered. Working with AWS? Azure? GCP? Multicloud? No problem, we’ve got the training you need.

With the development of the larger curriculum, SANS has conscientiously looked at job roles, training needs within those roles, and how we help students progress along their professional cloud security journey. 

  • DevOps Professional – responsible for building applications and systems
  • Cloud Security Analyst – responsible for enabling defenses and analyzing issues
  • Cloud Security Engineer- responsible for building security capabilities
  • Cloud Security Architecture – responsible for designing
  • Cloud Security Manager – responsible for leading

The flight plan below shows a natural progression for a professional to follow within a specific job role from baseline to advanced, specialized topics.

Slide_Cloud-Flight-Plan_230105.jpg

SANS CLOUD SECURITY CURRICULUM FLIGHT PLAN BY JOB ROLE

To help students find the best starting point, we have defined each level.

Baseline – Courses that impart the baseline skills required of any information security professional involved in Cloud Security, whether active practitioner or manager

Foundational – Courses that provide the basic knowledge to introduce students to a required skill set for the Cloud Security industry as a whole.

Core – Courses that prepare professionals for more focused job functions in Cloud Security, including manager, architect, engineer, analyst, and developer.

Specialization – Courses for critical, advanced skills, or specialized roles in Cloud Security

Management - Courses for leaders, managers, directors developing a cloud security roadmap, plan, procurement models, and ensuring policy and procedure are defined to support cloud

Download the Flight Plan here. 

Why Take Cloud Security Training & Certification with SANS | GIAC?

  • Security-focused – technical training to properly secure services and workloads in the cloud
  • Holistic, Curated Curriculum – based on various job roles and focus areas
  • Multicloud Approach – training & comparisons on the Big 3 public cloud providers
  • Hands-On Labs – extensively focused on “the how” to properly deploy & secure a cloud environment using virtual machines, lab environments, and repeatable exercises
  • World-Class Instructors – versatile, real-world security practitioners authoring & instructing
  • Comprehensive Courseware – access to slides, notes, audio files, and labs for future reference
  • Certification Prep – specialized training that will help you prepare for a GIAC certification attempt

Providing Intensive, Immersion Training That is Immediately Applicable
We are here to help you get your hands dirty in cloud security training with re-deployable labs and a wealth of free training resources. Our curriculum has been developed through an industry consensus process and is a holistic approach to address public cloud. This includes multicloud, and hybrid-cloud scenarios for the enterprise and developing organizations alike. Don’t merely learn the ins-and-outs of one platform, as the future demands in-depth technical abilities coupled with security knowledge for each big cloud service provider.

GIAC Cloud Security Certifications

Cloud_Security_GIAC_1245x705.png

In addition to courses, we offer six GIAC certifications with plans for more in 2023.

  • COMING SOON! GCTD: GIAC Cloud Threat Detection
  • GCLD: GIAC Cloud Security Essentials
  • GPCS: GIAC Public Cloud Security
  • GCSA: GIAC Cloud Security Automation
  • GCPN: GIAC Cloud Penetration Tester
  • GWEB: GIAC Certified Web Application Defender
  • GCFR: GIAC Cloud Forensics Responder

Cloud Security CyberTalent Assessment

Whether you are looking to hire new employees for cybersecurity positions or creating opportunities for your existing talent, SANS CyberTalent can help ensure you find the right skills match for the job. According to the U.S. Department of Labor, the cost of a bad hire is at least 30 percent of the employee's first-year earnings - for a security analyst, that's $27,000+. You can't afford to get hiring wrong at a time when talent is increasingly difficult to find. SANS CyberTalent Assessments measure the aptitude and skills of cybersecurity professionals, allowing employers to create professional development and retention programs for existing employees or test and rank the skill sets of candidates to fill open positions.

Cloud_CyberTalent.png

Graduate Certificate Program in Cloud Security

Large and critical segments of enterprise networks are outsourced to cloud service providers (CSPs) such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). This creates new types of vulnerabilities and incredible opportunities for cybersecurity professionals with specialized skills. Designed for working information security professionals, the highly technical 12-credit-hour graduate certificate in Cloud Security prepares you to navigate your organization through the security challenges and opportunities presented by cloud service, and identify the risks of the various services offered by CSPs. You'll learn from some of the world's top cybersecurity experts, gain hands-on technical experience you can apply immediately on the job, and emerge with 4 industry-recognized GIAC certifications. This program is pending approval by the Maryland Higher Education Commission. A 100% online option is available.

370x200_Red_STI.jpg

Challenge Coins

Hundreds of SANS Institute students have stepped up to the challenge and conquered. They’ve mastered the concepts and skills, beat out their classmates, and proven their prowess. These are the elite, the recipients of a SANS Challenge Coin, an award given to a select portion of the thousands of students that have taken any of theSANS courses.

Coins_Cloud-Security-.1245x705jpg.jpg


The following Cloud Security courses have Challenge Coins, with more to come in 2023!

  • SEC488: Cloud Security Essentials
  • SEC510: Public Cloud Security: AWS, Azure, & GCP
  • SEC522: Application Security: Securing Web Apps, APIs, and Microservices
  • SEC540: Cloud Security and DevSecOps Automation
  • SEC541: Cloud Security Attacker Techniques, Monitoring, and Threat Detection
  • SEC588: Cloud Penetration Testing

Free Resources

  • Cloud Security Curriculum Brochure
  • Tools
  • Posters & Cheat Sheets
  • Webcasts
  • Blogs
  • SWAT Checklist
  • sans.org/free

Join Us On Social

  • @SANSCloudSec
  • linkedin.com/showcase/sanscloudsec
  • YouTube.com/c/SANSCloudSecurity
  • sansurl.com/cloud-discord

Purchase SANS Cloud Security Ace Gear!

www.sansgear.com

Press Releases

  • SANS Cloud Security Curriculum Gaining Altitude, April 2021
  • GIAC GCLD: New Cloud Security Essentials Certification, April 2021
  • GIAC GCPN: New Cloud Penetration Tester Certification, Feb 2021
  • SANS Cloud Security Curriculum Takes Flight, Dec 2020
  • GIAC GCSA: New Cloud Security Automation Certification, April 2020

Share:
TwitterLinkedInFacebook
Copy url Url was copied to clipboard
Subscribe to SANS Newsletters
Receive curated news, vulnerabilities, & security awareness tips
United States
Canada
United Kingdom
Spain
Belgium
Denmark
Norway
Netherlands
Australia
India
Japan
Singapore
Afghanistan
Aland Islands
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belize
Benin
Bermuda
Bhutan
Bolivia
Bonaire, Sint Eustatius, and Saba
Bosnia And Herzegovina
Botswana
Bouvet Island
Brazil
British Indian Ocean Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Cape Verde
Cayman Islands
Central African Republic
Chad
Chile
China
Christmas Island
Cocos (Keeling) Islands
Colombia
Comoros
Cook Islands
Costa Rica
Croatia (Local Name: Hrvatska)
Curacao
Cyprus
Czech Republic
Democratic Republic of the Congo
Djibouti
Dominica
Dominican Republic
East Timor
East Timor
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Falkland Islands (Malvinas)
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern Territories
Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guernsey
Guinea
Guinea-Bissau
Guyana
Haiti
Heard And McDonald Islands
Honduras
Hong Kong
Hungary
Iceland
Indonesia
Iraq
Ireland
Isle of Man
Israel
Italy
Jamaica
Jersey
Jordan
Kazakhstan
Kenya
Kiribati
Korea, Republic Of
Kosovo
Kuwait
Kyrgyzstan
Lao People's Democratic Republic
Latvia
Lebanon
Lesotho
Liberia
Liechtenstein
Lithuania
Luxembourg
Macau
Macedonia
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia, Federated States Of
Moldova, Republic Of
Monaco
Mongolia
Montenegro
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands Antilles
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
Northern Mariana Islands
Oman
Pakistan
Palau
Palestine
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Reunion
Romania
Russian Federation
Rwanda
Saint Bartholemy
Saint Kitts And Nevis
Saint Lucia
Saint Martin
Saint Vincent And The Grenadines
Samoa
San Marino
Sao Tome And Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Sint Maarten
Slovakia
Slovenia
Solomon Islands
South Africa
South Georgia and the South Sandwich Islands
South Sudan
Sri Lanka
St. Helena
St. Pierre And Miquelon
Suriname
Svalbard And Jan Mayen Islands
Swaziland
Sweden
Switzerland
Taiwan
Tajikistan
Tanzania
Thailand
Togo
Tokelau
Tonga
Trinidad And Tobago
Tunisia
Turkey
Turkmenistan
Turks And Caicos Islands
Tuvalu
Uganda
Ukraine
United Arab Emirates
United States Minor Outlying Islands
Uruguay
Uzbekistan
Vanuatu
Vatican City
Venezuela
Vietnam
Virgin Islands (British)
Virgin Islands (U.S.)
Wallis And Futuna Islands
Western Sahara
Yemen
Yugoslavia
Zambia
Zimbabwe

By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Recommended Training

  • SEC401: Security Essentials - Network, Endpoint, and Cloud
  • SEC541: Cloud Security Attacker Techniques, Monitoring, and Threat Detection
  • SEC540: Cloud Security and DevSecOps Automation

Tags:
  • Cloud Security

Related Content

Blog
CD_Blog_HowtoautomateinAzure_Part1_2.jpg
Cyber Defense, Cloud Security
October 11, 2022
How to Automate in Azure Using PowerShell - Part 1
In this post, we’ll cover how to automate the assessment and reporting of your cloud security configuration opportunities.
370x370_josh-johnson.jpg
Josh Johnson
read more
Blog
Penetration Testing and Red Teaming, Cloud Security
January 7, 2022
Password Hash Cracking in Amazon Web Services: Burning Your Way to Success
This article will discuss the use of cracking cloud computing resources in Amazon Web Services (AWS) to crack password hashes.
370x370_Michiel-Lemmens.jpg
Michiel Lemmens
read more
Blog
CloudSecNext_Ashton.png
Cloud Security
June 4, 2021
A Visual Summary of SANS CloudSecNext Summit
The SANS CloudSecNext was a free, global, virtual event for the community. Check out these graphic recordings created in real-time throughout the even
370x370-person-placeholder.png
Emily Blades
read more
  • Register to Learn
  • Courses
  • Certifications
  • Degree Programs
  • Cyber Ranges
  • Job Tools
  • Security Policy Project
  • Posters & Cheat Sheets
  • White Papers
  • Focus Areas
  • Cyber Defense
  • Cloud Security
  • Cybersecurity Leadership
  • Digital Forensics
  • Industrial Control Systems
  • Offensive Operations
Subscribe to SANS Newsletters
Receive curated news, vulnerabilities, & security awareness tips
United States
Canada
United Kingdom
Spain
Belgium
Denmark
Norway
Netherlands
Australia
India
Japan
Singapore
Afghanistan
Aland Islands
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belize
Benin
Bermuda
Bhutan
Bolivia
Bonaire, Sint Eustatius, and Saba
Bosnia And Herzegovina
Botswana
Bouvet Island
Brazil
British Indian Ocean Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Cape Verde
Cayman Islands
Central African Republic
Chad
Chile
China
Christmas Island
Cocos (Keeling) Islands
Colombia
Comoros
Cook Islands
Costa Rica
Croatia (Local Name: Hrvatska)
Curacao
Cyprus
Czech Republic
Democratic Republic of the Congo
Djibouti
Dominica
Dominican Republic
East Timor
East Timor
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Falkland Islands (Malvinas)
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern Territories
Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guernsey
Guinea
Guinea-Bissau
Guyana
Haiti
Heard And McDonald Islands
Honduras
Hong Kong
Hungary
Iceland
Indonesia
Iraq
Ireland
Isle of Man
Israel
Italy
Jamaica
Jersey
Jordan
Kazakhstan
Kenya
Kiribati
Korea, Republic Of
Kosovo
Kuwait
Kyrgyzstan
Lao People's Democratic Republic
Latvia
Lebanon
Lesotho
Liberia
Liechtenstein
Lithuania
Luxembourg
Macau
Macedonia
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia, Federated States Of
Moldova, Republic Of
Monaco
Mongolia
Montenegro
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands Antilles
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
Northern Mariana Islands
Oman
Pakistan
Palau
Palestine
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Reunion
Romania
Russian Federation
Rwanda
Saint Bartholemy
Saint Kitts And Nevis
Saint Lucia
Saint Martin
Saint Vincent And The Grenadines
Samoa
San Marino
Sao Tome And Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Sint Maarten
Slovakia
Slovenia
Solomon Islands
South Africa
South Georgia and the South Sandwich Islands
South Sudan
Sri Lanka
St. Helena
St. Pierre And Miquelon
Suriname
Svalbard And Jan Mayen Islands
Swaziland
Sweden
Switzerland
Taiwan
Tajikistan
Tanzania
Thailand
Togo
Tokelau
Tonga
Trinidad And Tobago
Tunisia
Turkey
Turkmenistan
Turks And Caicos Islands
Tuvalu
Uganda
Ukraine
United Arab Emirates
United States Minor Outlying Islands
Uruguay
Uzbekistan
Vanuatu
Vatican City
Venezuela
Vietnam
Virgin Islands (British)
Virgin Islands (U.S.)
Wallis And Futuna Islands
Western Sahara
Yemen
Yugoslavia
Zambia
Zimbabwe

By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
  • © 2023 SANS™ Institute
  • Privacy Policy
  • Contact
  • Careers
  • Twitter
  • Facebook
  • Youtube
  • LinkedIn