SANS Cloud Security Curriculum

According to AppDeveloper Magazine, 75% of tech leaders are building all new products and features in the cloud moving forward, but only 8% of technologists have significant cloud-related skills and experience. Enterprises must invest as much effort in migrating their talent to the cloud as they are in migrating their applications. SANS Cloud Security Curriculum is here to give you the knowledge and hands-on skills necessary to become the highly sought after cloud security expert in order to secure your organization's most precious assets.

Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

Download the SANS Cloud Security Curriculum Brochure here.

Description of a SANS Cloud Ace

Security Focused | Technically Capable | Forward Thinking | Aware of Bigger Picture | Knowledgeable | Confident

CURRENT SANS CLOUD SECURITY CURRICULUM

New Courses and Certifications in 2025

• SECC545: GenAI and LLM Application Security™
• AWS Secure Builder Micro-Credential

New Courses & Certifications in 2024

• SEC480: AWS Secure Builder
• GIAC Cloud Security Architecture & Design | GCAD

New Courses & Certifications in 2023

• SEC549: Cloud Security Architecture
• GIAC Cloud Threat Detection | GCTD

Review the entire list of SANS In-development courses here. You may choose to sign up to stay informed on your specific interests.

Cloud Job Roles Simplified

In the Cloud, all things are dependent on applications, code, and automation. As such, our curriculum takes a holistic approach to Cloud Security. Courses range in complexity for those new to Cloud as well as those who have been around for the block a few times. If you are a developer, an architect, an engineer, an analyst, or a manger, the SANS Cloud Security Curriculum has training for you. If you are ready for deep, hands-on, highly technical, skill-specific training, we’re there for you. If you’re new to cybersecurity as a whole and want to start a journey in Cloud Security, we have you covered. Working with AWS? Azure? GCP? Multicloud? No problem, we’ve got the training you need.

With the development of the larger curriculum, SANS has conscientiously looked at job roles, training needs within those roles, and how we help students progress along their professional cloud security journey.

• Cloud Security Analyst - I use cloud security solutions to enable defenses and detect attacks. I can secure the foundation (488 | GCLD), prevent cloud attacks (510 | GPCS), and detect cloud attacks (541 | GCTD)
• Cloud Security Architect - I design secure cloud architecture. I can design cohesive architecture (549 | GCAD), secure multicloud environments (488 | GCLD), and align cloud design with larger business strategies (520)
• Cloud Security Engineer - I build security solutions for cloud workflows. I can fortify multicloud controls & mitigations (510 | GPCS) maximize automation (540 | GCSA), and defend Applications (522 | GWEB)
• Cloud Detection & Response - I monitor and test cloud environments to detect and investigate threats. I can monitor and detect attacks (541 | GCTD), pen test cloud environments (588 | GCPN), and Investigate cloud threats (509 | GCFR)

The flight plan below shows a natural progression for a professional to follow within a specific job role from baseline to advanced, specialized topics.

SANS CLOUD SECURITY CURRICULUM FLIGHT PLAN BY JOB ROLE

To help students find the best starting point, we have defined each level.

Baseline – Courses that impart the baseline skills required of any information security professional involved in Cloud Security, whether active practitioner or manager

Foundational – Courses that provide the basic knowledge to introduce students to a required skill set for the Cloud Security industry as a whole.

Core – Courses that prepare professionals for more focused job functions in Cloud Security, including manager, architect, engineer, analyst, and developer.

Specialization – Courses for critical, advanced skills, or specialized roles in Cloud Security

Management - Courses for leaders, managers, directors developing a cloud security roadmap, plan, procurement models, and ensuring policy and procedure are defined to support cloud

Download the Flight Plan here. 

Why Take Cloud Security Training & Certification with SANS | GIAC?

• Security-focused – technical training to properly secure services and workloads in the cloud
• Holistic, Curated Curriculum – based on various job roles and focus areas
• Multicloud Approach – training & comparisons on the Big 3 public cloud providers
• Hands-On Labs – extensively focused on “the how” to properly deploy & secure a cloud environment using virtual machines, lab environments, and repeatable exercises
• World-Class Instructors – versatile, real-world security practitioners authoring & instructing
• Comprehensive Courseware – access to slides, notes, audio files, and labs for future reference
• Certification Prep – specialized training that will help you prepare for a GIAC certification attempt

Providing Intensive, Immersion Training That is Immediately Applicable
We are here to help you get your hands dirty in cloud security training with re-deployable labs and a wealth of free training resources. Our curriculum has been developed through an industry consensus process and is a holistic approach to address public cloud. This includes multicloud, and hybrid-cloud scenarios for the enterprise and developing organizations alike. Don’t merely learn the ins-and-outs of one platform, as the future demands in-depth technical abilities coupled with security knowledge for each big cloud service provider.

GIAC Cloud Security Certifications

In addition to courses, we offer seven GIAC certifications with plans for more in 2024.

• GCTD: GIAC Cloud Threat Detection
• GCLD: GIAC Cloud Security Essentials
• GPCS: GIAC Public Cloud Security
• GCSA: GIAC Cloud Security Automation
• GCPN: GIAC Cloud Penetration Tester
• GWEB: GIAC Certified Web Application Defender
• GCFR: GIAC Cloud Forensics Responder

Cloud Ace Podcast

Cloud Ace is back for season 2, featuring both new guests and a new host. Frank Kim, a SANS Fellow and CISO-in-Residence at YL Ventures, will sit in as host this season as a wide range of guests join him in exploring the full gamut of cloud topics from multi-cloud and public cloud, to containers, threat detection, cloud pen testing, DevSecOps, automation and everything in between. Season 2 with host, Frank Kim, now available wherever you get your podcasts. Learn more here.

Cloud Security CyberTalent Assessment

Whether you are looking to hire new employees for cybersecurity positions or creating opportunities for your existing talent, SANS CyberTalent can help ensure you find the right skills match for the job. According to the U.S. Department of Labor, the cost of a bad hire is at least 30 percent of the employee's first-year earnings - for a security analyst, that's $27,000+. You can't afford to get hiring wrong at a time when talent is increasingly difficult to find. SANS CyberTalent Assessments measure the aptitude and skills of cybersecurity professionals, allowing employers to create professional development and retention programs for existing employees or test and rank the skill sets of candidates to fill open positions.

Graduate Certificate Program in Cloud Security

Large and critical segments of enterprise networks are outsourced to cloud service providers (CSPs) such as Amazon Web Services (AWS), Azure, and Google Cloud Platform (GCP). This creates new types of vulnerabilities and incredible opportunities for cybersecurity professionals with specialized skills. Designed for working information security professionals, the highly technical 12-credit-hour graduate certificate in Cloud Security prepares you to navigate your organization through the security challenges and opportunities presented by cloud service, and identify the risks of the various services offered by CSPs. You'll learn from some of the world's top cybersecurity experts, gain hands-on technical experience you can apply immediately on the job, and emerge with 4 industry-recognized GIAC certifications. A 100% online option is available.

Challenge Coins

Hundreds of SANS Institute students have stepped up to the challenge and conquered. They’ve mastered the concepts and skills, beat out their classmates, and proven their prowess. These are the elite, the recipients of a SANS Challenge Coin, an award given to a select portion of the thousands of students that have taken any of theSANS courses.

The following Cloud Security courses have Challenge Coins:

• SEC488: Cloud Security Essentials
• SEC510: Cloud Security Controls and Mitigations
• SEC522: Application Security: Securing Web Apps, APIs, and Microservices
• SEC540: Cloud Security and DevSecOps Automation
• SEC541: Cloud Security Threat Detection
• SEC549: Cloud Security Architecture
• SEC588: Cloud Penetration Testing
• FOR509: Enterprise Cloud Forensics and Incident Response
• LDR520: Cloud Security for Leaders

Free Resources

• Cloud Security Curriculum Brochure
• Tools
• Posters & Cheat Sheets
• Blogs
• SWAT Checklist
• sans.org/free
  

Join Us on Social

• @SANSCloudSec
• linkedin.com/showcase/sanscloudsec
• YouTube.com/c/SANSCloudSecurity
• sansurl.com/cloud-discord

Press Releases

• SANS Cloud Security Curriculum Gaining Altitude, April 2021
• GIAC GCLD: New Cloud Security Essentials Certification, April 2021
• GIAC GCPN: New Cloud Penetration Tester Certification, Feb 2021