Cyber Security Courses | SANS Institute

SANS courses teach you cybersecurity skills you can use immediately, and GIAC Certifications verify your mastery in critical, specialized InfoSec domains.

Explore our extensive catalog of online courses and certifications, suitable for everyone from entry level cybersecurity professionals to CISOs, or use our training roadmap to find your preferred career path and the training and certifications necessary to succeed on that path.

Security

Course	Delivery Methods	Certification	Course Demo
SEC301: Introduction to Cyber Security	Live Online OnDemand In Person	GISF	SEC301
SEC401: Security Essentials Bootcamp Style	Live Online OnDemand In Person	GSEC	SEC401
SEC402: Cybersecurity Writing: Hack the Reader	Live Online OnDemand	—	SEC402
New SEC403: Secrets to Successful Cybersecurity Presentation	—	—	—
SEC440: Critical Security Controls: Planning, Implementing, and Auditing	Live Online OnDemand	—	SEC440
New SEC450: Blue Team Fundamentals: Security Operations and Analysis	Live Online OnDemand In Person	—	SEC450
SEC455: SIEM Design & Implementation	Live Online OnDemand	—	SEC455
SEC460: Enterprise Threat and Vulnerability Assessment	Live Online OnDemand In Person	GEVA	SEC460
SEC487: Open-Source Intelligence (OSINT) Gathering and Analysis	Live Online OnDemand In Person	GOSI	SEC487
Beta SEC488: Cloud Security Essentials	In Person	—	—
SEC501: Advanced Security Essentials - Enterprise Defender	Live Online OnDemand In Person	GCED	SEC501
SEC503: Intrusion Detection In-Depth	Live Online OnDemand In Person	GCIA	SEC503
SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling	Live Online OnDemand In Person	GCIH	SEC504
New SEC505: Securing Windows and PowerShell Automation	Live Online OnDemand In Person	GCWN	SEC505
SEC506: Securing Linux/Unix	Live Online OnDemand	GCUX	SEC506
Beta SEC510: Multicloud Security Assesment and Defense	—	—	—
SEC511: Continuous Monitoring and Security Operations	Live Online OnDemand In Person	GMON	SEC511
SEC522: Defending Web Applications Security Essentials	Live Online OnDemand In Person	GWEB	SEC522
SEC530: Defensible Security Architecture and Engineering	Live Online OnDemand In Person	GDSA	SEC530
SEC534: Secure DevOps: A Practical Introduction	Live Online OnDemand	—	SEC534
SEC540: Cloud Security and DevOps Automation	Live Online OnDemand In Person	GCSA	SEC540
SEC542: Web App Penetration Testing and Ethical Hacking	Live Online OnDemand In Person	GWAPT	SEC542
SEC545: Cloud Security Architecture and Operations	Live Online OnDemand In Person	—	SEC545
SEC546: IPv6 Essentials	Live Online SelfStudy	—	—
Beta SEC552: Bug Bounties and Responsible Disclosure	—	—	—
SEC555: SIEM with Tactical Analytics	Live Online OnDemand In Person	GCDA	SEC555
SEC560: Network Penetration Testing and Ethical Hacking	Live Online OnDemand In Person	GPEN	SEC560
SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise	—	—	—
SEC564: Red Team Exercises and Adversary Emulation	Live Online OnDemand	—	SEC564
SEC566: Implementing and Auditing the Critical Security Controls - In-Depth	Live Online OnDemand In Person	GCCC	SEC566
SEC573: Automating Information Security with Python	Live Online OnDemand In Person	GPYC	SEC573
SEC575: Mobile Device Security and Ethical Hacking	Live Online OnDemand	GMOB	SEC575
SEC580: Metasploit Kung Fu for Enterprise Pen Testing	Live Online OnDemand	—	SEC580
Beta SEC588: Cloud Penetration Testing	Live Online OnDemand In Person	—	—
SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses	Live Online OnDemand In Person	GDAT	SEC599
SEC617: Wireless Penetration Testing and Ethical Hacking	Live Online OnDemand In Person	GAWN	SEC617
SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques	Live Online OnDemand In Person	—	SEC642
SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking	Live Online OnDemand In Person	GXPN	SEC660
New SEC699: Purple Team Tactics - Adversary Emulation for Breach Prevention & Detection	In Person	—	—
SEC760: Advanced Exploit Development for Penetration Testers	In Person	—	—

Incident Response & Forensics

Course	Delivery Methods	Certification	Course Demo
Beta FOR308: Digital Forensics Essentials	In Person	—	—
New FOR498: Battlefield Forensics & Data Acquisition	Live Online OnDemand In Person	GBFA	FOR498
FOR500: Windows Forensic Analysis	Live Online OnDemand In Person	GCFE	FOR500
FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics	Live Online OnDemand In Person	GCFA	FOR508
FOR518: Mac and iOS Forensic Analysis and Incident Response	Live Online OnDemand In Person	—	FOR518
FOR526: Advanced Memory Forensics & Threat Detection	Live Online OnDemand In Person	—	FOR526
FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response	Live Online OnDemand In Person	GNFA	FOR572
FOR578: Cyber Threat Intelligence	Live Online OnDemand In Person	GCTI	FOR578
FOR585: Smartphone Forensic Analysis In-Depth	Live Online OnDemand In Person	GASF	FOR585
FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques	Live Online OnDemand In Person	GREM	FOR610

Management

Course	Delivery Methods	Certification	Course Demo
MGT414: SANS Training Program for CISSP� Certification	Live Online OnDemand In Person	GISP	MGT414
MGT415: A Practical Introduction to Cyber Security Risk Management	—	—	—
MGT433: SANS Security Awareness: How to Build, Maintain, and Measure a Mature Awareness Program	Live Online OnDemand In Person	SSAP	MGT433
MGT512: Security Leadership Essentials for Managers	Live Online OnDemand In Person	GSLC	MGT512
MGT514: Security Strategic Planning, Policy, and Leadership	Live Online OnDemand In Person	GSTRT	MGT514
New MGT516: Managing Security Vulnerabilities: Enterprise and Cloud	Live Online OnDemand In Person	—	—
New MGT521: Driving Cybersecurity Change - Establishing a Culture of Protect, Detect and Respond	In Person	—	—
MGT525: IT Project Management, Effective Communication, and PMP^� Exam Prep	Live Online OnDemand In Person	GCPM	MGT525
Beta MGT551: Building and Leading Security Operations Centers	—	—	—

Audit

Course	Delivery Methods	Certification	Course Demo
AUD507: Auditing & Monitoring Networks, Perimeters & Systems	Live Online OnDemand In Person	GSNA	AUD507
AUD566: Implementing and Auditing the Critical Security Controls - In-Depth	—	GCCC	—

Legal

Course	Delivery Methods	Certification	Course Demo
LEG523: Law of Data Security and Investigations	Live Online OnDemand In Person	GLEG	LEG523

Team Based Training

Course	Delivery Methods	Certification	Course Demo
New TBT570: Team-Based Training - Blue Team and Red Team Dynamic Workshop	—	—	—

Industrial Control Systems

Course	Delivery Methods	Certification	Course Demo
ICS410: ICS/SCADA Security Essentials	Live Online OnDemand In Person	GICSP	ICS410
ICS456: Essentials for NERC Critical Infrastructure Protection	Live Online In Person	GCIP	—
ICS515: ICS Active Defense and Incident Response	Live Online OnDemand In Person	GRID	ICS515
New ICS612: ICS Cybersecurity In-Depth	In Person	—	—

Hosted

Course	Delivery Methods	Certification	Course Demo
HOSTED: Physical Penetration Testing	—	—	—
HOSTED: Assessing and Exploiting Control Systems	—	—	—
HOSTED: Critical Infrastructure and Control System Cybersecurity	—	—	—
HOSTED: Health Care Security Essentials	—	—	—
HOSTED: Physical Security Specialist - Full Comprehensive Edition	—	—	—
HOSTED: Physical Access Control Systems: Elements of Design, Offense, and Defense	—	—	—
HOSTED: Measuring and Managing Cyber Risk Using FAIR	—	—	—
New HOSTED: ICS Cybersecurity for Managers	—	—	—
New HOSTED: Successful Infosec Consulting	—	—	—

Special

Course	Delivery Methods	Certification	Course Demo
SPECIAL: Compliance Training and Securing the Human	—	—	—
SPECIAL: Security Awareness Training for Electric Entities	—	—	—
SPECIAL: Special for HIMSS: Implementing Healthcare Cyber-Hygiene with the Critical Security Controls	—	—	—
SPECIAL: Introduction to Malware Analysis: Hands-on and Technical	—	—	—
SPECIAL: Active Defense, Offensive Countermeasures and Cyber Deception (Two-day Version)	—	—	—
SPECIAL: Lethal Threat Hunting and Incident Response Techniques	—	—	—
SPECIAL: The Essentials of Automating Information Security with Python	—	—	—

All SANS security training courses are available to be taught through our Private Training program at a customer's desired location. https://www.sans.org/private-training/

Cybersecurity Courses & Certifications

Security

Incident Response & Forensics

Management

Audit

Legal

Team Based Training

Industrial Control Systems

Hosted

Special

Latest Whitepapers

Latest Tweets @SANSInstitute

Contact Us

Cybersecurity Courses & Certifications

Security

Incident Response & Forensics

Management

Audit

Legal

Team Based Training

Industrial Control Systems

Hosted

Special

Subscribe to SANS Newsletters

Latest Whitepapers

Latest Tweets @SANSInstitute

Contact Us