homepage
Open menu
CS_Images_for_new_webpage3.jpg

SANS Cloud Security - Securing Thin Air

The most trusted source of cloud security training, certification, and research
Courses & Certifications Resources & Tools
News & UpdatesCoursesCertificationsInstructorsReviewsFree ResourcesAbout

Latest Cloud Security News & Updates

Secure Service Configuration in AWS, Azure, & GCP
Poster
Secure Service Configuration in AWS, Azure, & GCP
This poster compares and contrasts the popular security services of each major cloud provider and is based on content from SEC510: Public Cloud Security: AWS, Azure, and GCP.
Learn More
GCPN.png GCPN.png
Certification
NEW! GIAC Cloud Penetration Tester (GCPN)
The first certification in the industry focused on both cloud technologies and penetration testing disciplines. Now available for presale. Click-through to learn more!
Download Now

Featured Cloud Security Courses & Certifications

new
Cloud Security
SEC488: Cloud Security Essentials
Welcome to SANS SEC488: Cloud Security Essentials. This course covers Amazon Web Services, Azure, Google Cloud, and other cloud service providers (CSPs). Like foreign languages, cloud environments have similarities and differences, and this course will introduce you to the language of cloud...
Course Details
new
Cloud Security
SEC510: Public Cloud Security: AWS, Azure, and GCP
SEC510: Public Cloud Security: AWS, Azure, and GCP is an in-depth analysis of the security of managed services for the Big 3 cloud providers: Amazon Web Services, Azure, and Google Cloud Platform. Students will leave the course confident that they have the knowledge they need when adopting services...
Course Details
Cloud Security
SEC540: Cloud Security and DevOps Automation
SEC540 provides security professionals with a methodology for securing modern Cloud and DevOps environments. Students learn how to implement over 20 DevSecOps Security Controls for building, testing, deploying, and monitoring cloud infrastructure and services. Immersive hand-on labs ensure students...
Certification:

  • GCSA

Course Details
beta
Cloud Security, Security Management, Legal, and Audit
SEC557: Continuous Automation for Enterprise and Cloud Compliance
SEC557 teaches professionals tasked with ensuring security and compliance how to stop being a roadblock and work at the speed of the modern enterprise. You'll learn how to measure and visualize security data using the same tools that developers and engineers are using, as well as how to extract,...
Course Details
new
Cloud Security
SEC584: Cloud Native Security: Defending Containers and Kubernetes
SEC584 will perform a deep dive into defending key infrastructure deployment components, focusing on containerization and orchestration exploits. Students will be thrust directly into detailed issues related to misconfiguration and known attack patterns and will learn how to properly harden and...
Course Details
new
Security Management, Legal, and Audit, Cloud Security
MGT516: Managing Security Vulnerabilities: Enterprise and Cloud
MGT516 helps you think strategically about vulnerability management in order to mature your organization's program, but it also provides tactical guidance to help you overcome common challenges. By understanding and discussing solutions to typical issues that many organizations face across both...
Course Details
    See All Cloud Security Courses & Certifications
    Landing_Page_Cert.jpg

    Cloud Security Certifications

    Securing the cloud is now essential across our global infrastructure. GIAC's cloud security certifications are designed to help you master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. From web application security and DevOps automation to cloud-specific penetration testing - across public cloud, multi-cloud, and hybrid-cloud scenarios - we've got the credentials both professionals and organizations need to ensure cloud security at any enterprise.

    Learn More
    image001(1).jpg

    BIPOC in Cloud Security Forum

    Join us on February 18, 2021 from 8:00 am – 2:00 pm PST for this free event.
    Learn More

    To be a Cloud Ace, You Must Learn From One

    The exceptionally qualified people who author and teach SANS courses, and contribute to the GIAC Certification exams aligned with those courses, are the leaders in the field. Meet some of our instructors.
    Frank Kim is a SANS Fellow in the Cyberseurity Leadership and Cloud Security curricula.

    Frank Kim

    Fellow
    Frank Kim is the Founder of ThinkSec, a security consulting and CISO advisory firm. He leads the Cybersecurity Leadership and Cloud Security curricula at SANS, as well as authors and instructs multiple SANS courses.
    Learn Why
    View All Instructors Become an Instructor
    CS_Images_for_new_webpage17.jpg
    Job Role Flight Plan
    SANS Cloud Security Curriculum has myriad courses that map to various job roles. Whether you're just starting on your flight into cloud or have been in the clouds for decades, this flight plan will help you find your runway and heading to progress your cloud security career.
    Download PDF
    CS_Images_for_new_webpage7.jpg
    Challenge Coins
    The ultimate recognition to elite cybersecurity professionals. Hundreds of SANS Institute students have stepped up to the challenge and conquered. They've mastered the concepts and skills, beat out their classmates, and proven their prowess. These are the elite, the recipients of the SANS Challenge Coins, an award given to a select portion of the thousands of students that have taken SANS courses.
    Read Blog

    Become a SANS Cloud Ace

    Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security.

    Learn More

    Reviews

    I likely will be assessing environments that use multiple CSPs and services for one system, so this training is better for me than being certified in only AWS or only Azure.
    Margaret Ray
    - Federal Reserve Board of Dallas
    Labs were detailed and thought-provoking. Gave great thought to existing implementation and real-world examples.
    Collin Huber
    - Allstate Insurance
    I learned so much in 5 days – wish I had this a year ago when we first started getting into the Cloud!
    Thomas Buergi
    - Pacific Life Insurance Co.

      More Free Cloud Resources

      About Cloud Security

      SANS Cloud Security focuses the deep resources of SANS on the growing threats to The Cloud by providing training, GIAC certification, research, and community initiatives to help security professionals build, deploy and manage secure cloud infrastructure, platforms, and applications.

      Our curriculum provides intensive, immersion training designed to help you and your staff master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. The courses are full of important and immediately useful techniques that you can put to work as soon as you return to your office. The curriculum has been developed through a consensus process involving industry leading engineers, architects, administrators, developers, security managers, and information security professionals, and address public cloud, multicloud, and hybrid-cloud scenarios for the enterprise and developing organizations alike.

      GIAC's cloud security certifications are designed to help you master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. From web application security and DevOps automation to cloud-specific penetration testing - across public cloud, multi-cloud, and hybrid-cloud scenarios - we've got the credentials both professionals and organizations need to ensure cloud security at any enterprise.