SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
Major updates
LDR516: Strategic Vulnerability and Threat Management
LDR516Cybersecurity Leadership
- 5 Days (Instructor-Led)
- 30 Hours (Self-Paced)
Course authored by:
Jonathan Risto
Course authored by:Jonathan Risto
- 30 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- 11 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Integrate strategic and tactical approaches to level up enterprise vulnerability management programs while addressing infrastructure and cloud environment challenges.
Featured Quote
Excellent labs. More fun than I thought possible with vulnerability management.
Course Overview
This course equips security leaders with the strategies, tools, and insights needed to build and mature vulnerability management (VM) programs that reduce real-world risk. With a strong emphasis on business alignment, risk-based prioritization, and modern threat modeling, you’ll develop the skills to lead VM initiatives across traditional, cloud, and hybrid environments.
Through 11 artificial intelligence (AI)-powered labs and the Cyber42 simulation game, you’ll gain the hands-on and strategic experience needed to make vulnerability management work—at scale, and with impact.
What You'll Learn
- Build and evolve vulnerability management programs across traditional, cloud, IoT, and hybrid environments
- Prioritize vulnerabilities using business-aligned context and threat intelligence
- Develop and apply VM metrics to measure program maturity, demonstrate risk reduction, and drive stakeholder support
- Design remediation strategies that include patching, compensating controls, and automated tools to minimize exposure
- Communicate vulnerability risk effectively to executives, IT, and business units using tailored reporting and dashboards
- Align VM with regulatory frameworks (e.g., NIS2, NIST, HIPAA, GDPR, CRA) and board-level governance for sustainable compliance
Business Takeaways
- Assess organizational strengths, weaknesses, and maturity in vulnerability management programs
- Prepare for and respond to critical vulnerabilities and zero-day issues
- Prioritize security investments using data-driven decision-making and contextual risk models
- Translate technical VM findings into business impact to improve executive understanding and buy-in
- Uncover hidden obstacles by grouping and analyzing vulnerabilities
- Use program metrics and reporting to improve compliance posture and guide continuous improvement
- Implement proactive remediation capabilities
Meet Your Author
Jonathan Risto
Principal InstructorWith a career spanning 20+ years and has included working in-network design, IP telephony, service development, security and project management, Jonathan has a deep technical background that provides a wealth of knowledge he draws upon when teaching.
Read more about Jonathan RistoCourse Syllabus
Explore the course syllabus below to view the full range of topics covered in LDR516: Strategic Vulnerability and Threat Management.
Section 1Building the Blueprint for Vulnerability Management Success
Establish a strong foundation by understanding the VM lifecycle, aligning with business goals, and building the asset and discovery practices that power effective risk reduction.
Topics covered
- Foundation of vulnerability management (VM)
- Asset management and attack surface understanding
- Assessment techniques
- Common challenges and pitfalls
- Responding to evolving threats
Labs
- Defining VM Value
- Communicating Critical Flaws
- VM Alignment
- Cyber42 Game Round 1
Section 2Mastering the Art of Prioritization & Remediation
Learn how to move beyond CVSS and prioritize vulnerabilities using context, threat intel, and business impact—while deploying smart, scalable remediation and risk acceptance strategies.
Topics covered
- Prioritization strategies
- Remediation approaches
- Measuring and tracking success
- Risk management and documentation
- Governance and stakeholder engagement
Labs
- Scanning Techniques
- Scan Validation
- Pipeline Integration Demo
- Cyber42 Game Round 2
Section 3Communicating Risk & Driving Action in VM
Translate technical findings into business-relevant risk insights through metrics, reporting, storytelling, and executive communication that prompt real action.
Topics covered
- Risk-based and strategic metrics
- Effective reporting and communication
- Automation and efficiency
- Driving culture change and executive engagement
- Integration with incident response
Labs
- Contextual Prioritization
- Board Briefing
- Translate for Your Audience
- Cyber42 Game Round 3
Section 4Navigating Compliance, Crisis, and Governance in VM
Balance regulatory obligations and risk-based strategies, build resilient VM programs with strong policies and governance, and respond effectively to zero-day events and audit demands.
Topics covered
- Compliance and regulatory alignment
- Preparedness and response
- Post-incident and continuous improvement
- Roles, responsibilities, and risk ownership
- Evolving VM with technology
Labs
- Changing Culture
- Gold Image Pipeline
- Remediation Effectiveness
- Cyber42 Game Round 4
Section 5The Future of Vulnerability Management – Proactive Defense & Continuous Exposure Management
Explore forward-looking practices like CTEM, attack path modeling, automation, and AI as you evolve from reactive patching to continuous, business-aligned threat exposure management.
Topics covered
- Proactive VM
- CTEM (Continuous Threat Exposure Management)
- Adoption challenges and solutions
- Emerging risks and technology
- Future-ready governance
Labs
- VM Buy-In
- Attack Path Analysis
- CTEM Program Design
- Cyber42 Game Final Round
Things You Need To Know
Relevant Job Roles
Operational Leader
Cybersecurity LeadershipOperate from the point of view of an adversary in order to protect you most sensitive assets.
Explore learning pathSecurity Manager
Cybersecurity LeadershipDaily focus is on the leadership of technical teams. Includes titles such as Technical Director, Manager, and Team Lead.
Explore learning pathSenior Security Leader
Cybersecurity LeadershipDaily focus is on the leadership of technical teams. Includes titles such as Technical Director, Manager, and Team Lead.
Explore learning pathVulnerability Analysis (OPM 541)
NICE: Protection and DefenseResponsible for assessing systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.
Explore learning pathCybersecurity Researcher
European Cybersecurity Skills FrameworkResearch the cybersecurity domain and incorporate results in cybersecurity solutions.
Explore learning pathCourse Schedule & Pricing
Looking for Group Purchasing Options?Contact Us
OnDemand Bundle
When purchasing a live, instructor-led course, add 4 months of online access. View price in the info icons below.
SANS Skills Quest by NetWars Core Edition
Add 6 months of hands-on skills practice. Add to your cart when purchasing your course.
Filter by:
Location & instructorDate & TimeCourse priceRegistration Options
- Date & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price$8,260 USD*Prices exclude applicable local taxesBuy now for access on Oct 3. Use code Presale10 for 10% off course price!Registration Options
- Date & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxesRegistration Options
- Date & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxes
- Date & TimeFetching schedule..View event detailsCourse price€7,715 EUR*Prices exclude applicable local taxes
- Location & instructor
New Orleans, LA, US & Virtual (live)
Date & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxes - Location & instructor
London, GB & Virtual (live)
Date & TimeFetching schedule..View event detailsCourse price£6,715 GBP*Prices exclude applicable taxes | EUR price available during checkout
Showing 7 of 7
Learn Alongside Leading Cybersecurity Professionals From Around The World
- Slide 1 of 3It is excellent for people who are creating and implementing their VMP. The course is detailed, thorough, and sets clear expectations for a successful program.
- Slide 2 of 3Great class full of new info for beginners and experienced VM folks. Thank you!
- Slide 3 of 3I have really enjoyed the discussions around these labs and hearing similarities from other users. I think this format for labs is fun.
Slide 1 of 0
(1/0)
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources