.jpg?format=png&auto=webp&height=390&crop=3:1)
Cloud Security Analyst
SEC488: Cloud Security Essentials™ (Certification: GCLD)
More businesses than ever are moving sensitive data and shifting mission-critical workloads to the cloud, and not just to one cloud service provider (CSP). Organizations are responsible for securing their data and mission-critical applications in the cloud. The benefits in terms of cost and speed of leveraging a multicloud platform to develop and accelerate delivery of business applications and analyze customer data can quickly be reversed if security professionals are not properly trained to secure the organization's cloud environment and investigate and respond to the inevitable security breaches. New technologies introduce new risks. Help your organization successfully navigate both the security challenges and opportunities presented by cloud services.
Certification: GIAC Cloud Security Essentials (GCLD)SEC510: Cloud Security Controls and Mitigations™ (Certification: GPCS)
As the landscape rapidly evolves and development teams eagerly adopt the next big thing, security is constantly playing catch-up in order to avert disaster. SEC510: Cloud Security Controls and Mitigations teaches you how the Big 3 cloud providers work and how to securely configure and use their services and PaaS / IaaS offerings. 20 Hands-On Labs + CloudWars.
Certification:
GIAC Public Cloud Security (GPCS)SEC541: Cloud Security Threat Detection™ (Certification: GCTD)
While shifting to cloud infrastructure offers many benefits, it also exposes organizations to new and continuously evolving threats. Many organizations are unaware of the critical differences between on-premises and cloud environments, leading to challenges in understanding what to log and how to detect threats effectively. Unlike other, primarily theoretical courses, SEC541: Cloud Security Threat Detection provides hands-on-keyboard experience through 21 practical labs, covering AWS, Azure, and Microsoft 365. This course empowers your team to master cloud-native logging, threat detection, and monitoring, solving hidden, low-hanging but high ROI issues. Equip your team with the skills to necessary to enhance your organization's cloud security posture and stay ahead of potential breaches with SEC541.
Certification: GIAC Cloud Threat Detection (GCTD)
Cloud Security Engineer
SEC510: Cloud Security Controls and Mitigations™ (Certification: GPCS)
As the landscape rapidly evolves and development teams eagerly adopt the next big thing, security is constantly playing catch-up in order to avert disaster. SEC510: Cloud Security Controls and Mitigations teaches you how the Big 3 cloud providers work and how to securely configure and use their services and PaaS / IaaS offerings. 20 Hands-On Labs + CloudWars.
Certification: GIAC Public Cloud Security (GPCS)SEC522: Application Security: Securing Web Apps, APIs, and Microservices™ (Certification: GWEB)
Web Applications are increasingly distributed. What used to be a complex monolithic application hosted on premise has become a distributed set of services incorporating on-premise legacy applications along with interfaces to cloud-hosted and cloud-native components. Because of this coupled with a lack of security knowledge, web applications are exposing sensitive corporate data. Security professionals are asked to provide validated and scalable solutions to secure this content in line with best industry practices using modern web application frameworks. Attending this class will not only raise awareness about common security flaws in modern web applications, but it will also teach students how to recognize and mitigate these flaws early and efficiently.
Certification: GIAC Certified Web Application Defender (GWEB)SEC540: Cloud Native Security and DevSecOps Automation™ (Certification: GCSA)
Organizations are moving to cloud native, Kubernetes, and public cloud infrastructure to enable digital transformation and reap the benefits of cloud computing. However, security teams struggle to understand the DevOps toolchain and how to introduce security controls in their automated pipelines responsible for delivering changes to cloud-based systems. Without effective pipeline security controls, security teams lose visibility into the changes released into production environments. SANS SEC540 training provides security professionals with a methodology to secure modern Cloud and DevOps environments. By embracing the DevOps culture, students will walk away from SEC540 training battle-tested and ready to build to their organization's Cloud Native & DevSecOps Security Program. 35 Unique, Immersive, Hands-On Labs: 3 CI/CD security labs followed by 16 labs running Kubernetes and cloud native tools on public cloud infrastructure (AWS and Azure tracks are available. Dozens of CloudWars Bonus Challenges available.
Certification: GIAC Cloud Security Automation (GCSA)
Cloud Security Architect
SEC488: Cloud Security Essentials™ (Certification: GCLD)
More businesses than ever are moving sensitive data and shifting mission-critical workloads to the cloud, and not just to one cloud service provider (CSP). Organizations are responsible for securing their data and mission-critical applications in the cloud. The benefits in terms of cost and speed of leveraging a multicloud platform to develop and accelerate delivery of business applications and analyze customer data can quickly be reversed if security professionals are not properly trained to secure the organization's cloud environment and investigate and respond to the inevitable security breaches. New technologies introduce new risks. Help your organization successfully navigate both the security challenges and opportunities presented by cloud services.
Certification: GIAC Cloud Security Essentials (GCLD)SEC549: Cloud Security Architecture™ (Certification: GCAD)
Organizations are migrating infrastructure and applications to the cloud at a rapid pace. As migrations take place, security architects are struggling to design hybrid and cloud-native solutions to meet their organization's security requirements. Shifting to the cloud requires a deep understanding of the threats introduced by a cloud migration, and how each provider mitigates those threats using their well-architected framework. SEC549 teaches security professionals how to design an enterprise-ready, scalable cloud organization. With nearly 20 hands-on labs, students will learn to design cloud solutions for their organization at any stage of the cloud journey, whether planning for the first workload, managing complex legacy environments, or operating in an advanced cloud-native ecosystem.
Certification: GIAC Cloud Security Architecture and Design (GCAD)
LDR520: Cloud Security for Leaders™
This cloud security strategy for leaders training course focuses on what managers, directors, and security leaders need to know about developing their plan/roadmap while managing cloud security implementation capabilities. To safeguard the organization's cloud environment and investments, a knowledgeable management team must engage in thorough planning and governance. We emphasize the essential knowledge needed to develop a cloud security roadmap and effectively implement cloud security capabilities. Making informed security decisions when adopting the cloud necessitates understanding the technology, processes, and people associated with the cloud environment.
Threat Detection & Response
SEC541: Cloud Security Threat Detection™
While shifting to cloud infrastructure offers many benefits, it also exposes organizations to new and continuously evolving threats. Many organizations are unaware of the critical differences between on-premises and cloud environments, leading to challenges in understanding what to log and how to detect threats effectively. Unlike other, primarily theoretical courses, SEC541: Cloud Security Threat Detection provides hands-on-keyboard experience through 21 practical labs, covering AWS, Azure, and Microsoft 365. This course empowers your team to master cloud-native logging, threat detection, and monitoring, solving hidden, low-hanging but high ROI issues. Equip your team with the skills to necessary to enhance your organization's cloud security posture and stay ahead of potential breaches with SEC541.
Certification: GIAC Cloud Threat Detection (GCTD)
SEC588: Cloud Penetration Testing™ (Certification: GCPN)
SEC588 will equip you with the latest in cloud-focused penetration testing techniques and teach you how to assess cloud environments. The course dives into topics like cloud-based microservices, in-memory data stores, serverless functions, Kubernetes meshes, and containers, as well as identifying and testing in cloud-first and cloud-native applications. You will also learn specific tactics for penetration testing in Azure and Amazon Web Services, particularly important given that AWS and Microsoft account for more than half the market. It's one thing to assess and secure a data center, but it takes a specialized skill-set to truly assess and report on the risk that an organization faces if its cloud services are left insecure.
Certification: GIAC Cloud Penetration Tester (GCPN)
FOR509: Enterprise Cloud Forensics and Incident Response™ (Certification: GCFR)
The world is changing and so is the data we need to conduct our investigations. Cloud platforms change how data is stored and accessed. They remove the examiner's ability to directly access systems and use classical data extraction methods. Unfortunately, many examiners are still trying to force old methods for on-premise examination onto cloud-hosted platforms. Rather than resisting change, examiners must learn to embrace the new opportunities presented to them in the form of new evidence sources. FOR509: Enterprise Cloud Forensics and Incident Response addresses today's need to bring examiners up to speed with the rapidly changing world of enterprise cloud environments by uncovering the new evidence sources that only exist in the Cloud.
Certification: GIAC Cloud Forensics Responder (GCFR)
Cloud Security Manager
SEC488: Cloud Security Essentials™ (Certification: GCLD)
More businesses than ever are moving sensitive data and shifting mission-critical workloads to the cloud, and not just to one cloud service provider (CSP). Organizations are responsible for securing their data and mission-critical applications in the cloud. The benefits in terms of cost and speed of leveraging a multicloud platform to develop and accelerate delivery of business applications and analyze customer data can quickly be reversed if security professionals are not properly trained to secure the organization's cloud environment and investigate and respond to the inevitable security breaches. New technologies introduce new risks. Help your organization successfully navigate both the security challenges and opportunities presented by cloud services.
Certification: GIAC Cloud Security Essentials (GCLD)
LDR520: Cloud Security for Leaders™
This cloud security strategy for leaders training course focuses on what managers, directors, and security leaders need to know about developing their plan/roadmap while managing cloud security implementation capabilities. To safeguard the organization's cloud environment and investments, a knowledgeable management team must engage in thorough planning and governance. We emphasize the essential knowledge needed to develop a cloud security roadmap and effectively implement cloud security capabilities. Making informed security decisions when adopting the cloud necessitates understanding the technology, processes, and people associated with the cloud environment.
Cloud Ace Journeys
Keep up with the speed of Cloud. Upskill. Reskill. Continue the journey. Multiple collections of three courses by job role to become a well-rounded, future thinking, cloud security practitioner.
SANS.edu Graduate Certificate in Cloud Security
Prepare to navigate your organization through the security risks and opportunities of cloud service.
- Designed for working InfoSec professionals
- Highly technical 12-credit-hour program
- Includes 4 industry-recognized GIAC certifications