Talk With an Expert
Major updates

LDR516: Strategic Vulnerability and Threat Management

LDR516Cybersecurity Leadership
  • 5 Days (Instructor-Led)
  • 30 Hours (Self-Paced)
Course authored by:
Jonathan Risto
Jonathan Risto
LDR516: Building and Leading Vulnerability Management Programs
Course authored by:
Jonathan Risto
Jonathan Risto
  • 30 CPEs

    Apply your credits to renew your certifications

  • In-Person, Virtual or Self-Paced

    Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months

  • 11 Hands-On Lab(s)

    Apply what you learn with hands-on exercises and labs

Integrate strategic and tactical approaches to level up enterprise vulnerability management programs while addressing infrastructure and cloud environment challenges.

Course Overview

This course equips security leaders with the strategies, tools, and insights needed to build and mature vulnerability management (VM) programs that reduce real-world risk. With a strong emphasis on business alignment, risk-based prioritization, and modern threat modeling, you’ll develop the skills to lead VM initiatives across traditional, cloud, and hybrid environments.

Through 11 artificial intelligence (AI)-powered labs and the Cyber42 simulation game, you’ll gain the hands-on and strategic experience needed to make vulnerability management work—at scale, and with impact.

What You'll Learn

  • Build and evolve vulnerability management programs across traditional, cloud, IoT, and hybrid environments
  • Prioritize vulnerabilities using business-aligned context and threat intelligence
  • Develop and apply VM metrics to measure program maturity, demonstrate risk reduction, and drive stakeholder support
  • Design remediation strategies that include patching, compensating controls, and automated tools to minimize exposure
  • Communicate vulnerability risk effectively to executives, IT, and business units using tailored reporting and dashboards
  • Align VM with regulatory frameworks (e.g., NIS2, NIST, HIPAA, GDPR, CRA) and board-level governance for sustainable compliance

Business Takeaways

  • Assess organizational strengths, weaknesses, and maturity in vulnerability management programs
  • Prepare for and respond to critical vulnerabilities and zero-day issues
  • Prioritize security investments using data-driven decision-making and contextual risk models
  • Translate technical VM findings into business impact to improve executive understanding and buy-in
  • Uncover hidden obstacles by grouping and analyzing vulnerabilities
  • Use program metrics and reporting to improve compliance posture and guide continuous improvement
  • Implement proactive remediation capabilities

Course Syllabus

Explore the course syllabus below to view the full range of topics covered in LDR516: Strategic Vulnerability and Threat Management.

Section 1Vulnerability Management Design and Planning

This section introduces the strategic role of vulnerability management and lays the foundation for building effective, business-aligned programs. You’ll explore how asset inventory, contextual data, and cloud architecture influence risk visibility and program design.

Topics covered

  • Foundation of vulnerability management (VM)
  • Asset management and attack surface understanding
  • Assessment techniques
  • Common challenges and pitfalls
  • Responding to evolving threats

Labs

  • Defining VM Value
  • Communicating Critical Flaws
  • VM Alignment
  • Cyber42 Game Round 1

Section 2Vulnerability Identification

This section addresses the technical and organizational challenges of identifying vulnerabilities across infrastructure, applications, and cloud-native services. You’ll examine discovery architecture, scan methods, and third-party coordination for responsible disclosure.

Topics covered

  • Prioritization strategies
  • Remediation approaches
  • Measuring and tracking success
  • Risk management and documentation
  • Governance and stakeholder engagement

Labs

  • Scanning Techniques
  • Scan Validation
  • Pipeline Integration Demo
  • Cyber42 Game Round 2

Section 3Vulnerability Analysis, Metrics, and Communication

This section focuses on interpreting vulnerability data, correcting inaccuracies, and turning technical risk into actionable insights. You’ll learn to prioritize vulnerabilities, measure program maturity, and communicate risk effectively across the business.

Topics covered

  • Risk-based and strategic metrics
  • Effective reporting and communication
  • Automation and efficiency
  • Driving culture change and executive engagement
  • Integration with incident response

Labs

  • Contextual Prioritization
  • Board Briefing
  • Translate for Your Audience
  • Cyber42 Game Round 3

Section 4Driving Remediation and Automation

This section explores how organizations treat vulnerabilities effectively across hybrid environments. You’ll examine patching, compensating controls, automation techniques, and how to align remediation with change and configuration management.

Topics covered

  • Compliance and regulatory alignment
  • Preparedness and response
  • Post-incident and continuous improvement
  • Roles, responsibilities, and risk ownership
  • Evolving VM with technology

Labs

  • Changing Culture
  • Gold Image Pipeline
  • Remediation Effectiveness
  • Cyber42 Game Round 4

Section 5Collaboration and Continuous Improvement

This final section synthesizes course themes and focuses on advancing vulnerability management maturity. You'll explore stakeholder mapping, continuous improvement strategies, and program design aligned with business goals and future-readiness.

Topics covered

  • Proactive VM
  • CTEM (Continuous Threat Exposure Management)
  • Adoption challenges and solutions
  • Emerging risks and technology
  • Future-ready governance

Labs

  • VM Buy-In
  • Attack Path Analysis
  • CTEM Program Design
  • Cyber42 Game Final Round

Things You Need To Know

Relevant Job Roles

Operational Leader

Cybersecurity Leadership

Operate from the point of view of an adversary in order to protect you most sensitive assets.

Explore learning path

Security Manager

Cybersecurity Leadership

Daily focus is on the leadership of technical teams. Includes titles such as Technical Director, Manager, and Team Lead.

Explore learning path

Senior Security Leader

Cybersecurity Leadership

Daily focus is on the leadership of technical teams. Includes titles such as Technical Director, Manager, and Team Lead.

Explore learning path

Vulnerability Analysis (OPM 541)

NICE: Protection and Defense

Responsible for assessing systems and networks to identify deviations from acceptable configurations, enclave policy, or local policy. Measure effectiveness of defense-in-depth architecture against known vulnerabilities.

Explore learning path

Cybersecurity Researcher

European Cybersecurity Skills Framework

Research the cybersecurity domain and incorporate results in cybersecurity solutions.

Explore learning path

Course Schedule & Pricing

Looking for Group Purchasing Options?Contact Us
Filter by:
  • Location & instructor

    Virtual (OnDemand)

    Instructed by Jonathan Risto
    Date & Time
    OnDemand (Anytime)Self-Paced, 4 months access
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Las Vegas, NV, US & Virtual (live)

    Instructed by Jonathan Risto
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Virtual (live)

    Instructed by Jonathan Risto
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Washington, DC, US & Virtual (live)

    Instructed by Jonathan Risto
    Date & Time
    Fetching schedule..View event details
    Course price
    $8,260 USD*Prices exclude applicable local taxes
    Registration Options
  • Location & instructor

    Amsterdam, NL & Virtual (live)

    Instructed by Kevin Garvey
    Date & Time
    Fetching schedule..View event details
    Course price
    €7,715 EUR*Prices exclude applicable local taxes
    Registration Options
Showing 5 of 5

Benefits of Learning with SANS

Instructor teaching to a class

Get feedback from the world’s best cybersecurity experts and instructors

OnDemand Mobile App

Choose how you want to learn - online, on demand, or at our live in-person training events

Resources

Get access to our range of industry-leading courses and resources