SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsApply your credits to renew your certifications
Attend a live, instructor-led class from a location near you or virtually from anywhere
Apply what you learn with hands-on exercises and labs
Gain tactical expertise to configure, monitor, and defend cloud environments while addressing data security and compliance challenges.
SEC502: Cloud Security Tactical Defense is the updated version of SEC488: Cloud Security Essentials. If you are currently registered for SEC488 or are an alumnus of that course, please visit the SEC488 course page for relevant information regarding your course schedule, materials, and certification details.
SEC502: Cloud Security Tactical Defense equips practitioners with advanced, hands-on experience to secure modern cloud environments against evolving threats. Through live labs in real cloud environments, students will design and enforce tactical controls across identity, data, and network layers, addressing real-world risks like misconfigurations, lateral movement, and privilege escalation, credential theft, data theft, and lateral movement. With 40 immersive, live-fire labs and a competitive Capture the Flag challenge, participants gain the expertise to harden cloud infrastructure, lead incident response efforts, and implement security strategies aligned with enterprise-scale deployments and compliance frameworks.
Ryan’s extensive experience, including roles as a cybersecurity engineer for major Department of Defense cloud projects and as a lead auditor, underscores his dedication to enhancing the security posture of critical systems.
Read more about Ryan NicholsonExplore the course syllabus below to view the full range of topics covered in SEC502: Cloud Security Tactical Defense.
The first section of this cloud security course focuses on Identity and Access Management (IAM). Students will quickly understand IAM's critical role in protecting cloud accounts.
The second section will cover ways to protect the compute elements in cloud providers' Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) offerings.
The third section will first focus on the protection of data in cloud environments.
Section 4 is where many network security analysts, engineers, and architects will begin salivating as they will do a deep dive into the ins and outs of cloud networking and log generation, collection, and analysis to set themselves up for success to defend their IaaS workloads.
In the fifth section, we'll dive headfirst into compliance frameworks, audit reports, privacy, and eDiscovery to equip you with the information and references to ensure that the right questions are being asked during CSP risk assessments.
The final section is a multi-hour, self-paced CloudWars challenge completed independently after the course to reinforce key concepts and hands-on skills.
Responsible for setting up and maintaining a system or specific components of a system in adherence with organizational security policies and procedures. Includes hardware and software installation, configuration, and updates; user account management; backup and recovery management; and security control implementation.
Explore learning pathOversees full lifecycle of information systems from design through evaluation, ensuring alignment with functional and operational goals.
Explore learning pathUsing cloud security solutions to respond to incidents and enable defenses
Explore learning pathResponsible for ensuring that security requirements are adequately addressed in all aspects of enterprise architecture, including reference models, segment and solution architectures, and the resulting systems that protect and support organizational mission and business processes.
Explore learning pathDeveloping cloud security roadmaps, plans and procurement models that define policy and procedure
Explore learning pathResponsible for managing the cybersecurity of a program, organization, system, or enclave.
Explore learning pathDesigns and evaluates information system security throughout the software lifecycle to ensure confidentiality, integrity, and availability.
Explore learning pathDeploys, configures, maintains infrastructure software and hardware to support secure and effective IT operations across organizational systems.
Explore learning pathImplements and maintains network services, including hardware and virtual systems, ensuring operational support for infrastructure platforms.
Explore learning pathOversees program, system, or enclave cybersecurity, ensuring protection from cyber threats and compliance with organizational standards.
Explore learning pathDesigning the adoption of cloud services and define the tools and strategy for cloud solutions
Explore learning pathResponsible for developing and analyzing the integration, testing, operations, and maintenance of systems security. Prepares, performs, and manages the security aspects of implementing and operating a system.
Explore learning pathDesigns secure enterprise systems considering environmental constraints and translates them into enforceable security processes and protocols.
Explore learning pathResponsible for developing and conducting cybersecurity awareness, training, or education.
Explore learning pathDevelops business and IT process architectures, creating baseline and target architectures to meet mission or enterprise goals.
Explore learning pathDefines technical system specs including cloud strategy and software integration to meet business or mission-aligned system requirements.
Explore learning pathConducts research in systems/software engineering to develop capabilities and identify vulnerabilities, with security integrated throughout.
Explore learning pathAnalyzes new or existing software applications for security issues and provides actionable insights to improve protection and performance.
Explore learning pathAdd a GIAC certification attempt and receive free two practice tests. View pricing in the info icons below.
When purchasing a live instructor-led class, add an additional 4 months of online access after your course. View pricing in the info icons below.
This course is exactly what I hoped it would be. Teaching me Cloud from an IT Cloud Engineer perspective, but with a Security lens.
Real world practicality of the labs has enabled me to envision how to explore and implement cloud best practices, tests, configurations, and the like which I found to be very valuable.
The labs serve to both break up a fairly intensive academic upskilling, and also to teach you how to apply the knowledge correctly and safely, allowing you to secure your cloud environment with confidence and ease.
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources