| SEC504: Hacker Tools, Techniques, Exploits and Incident Handling | | | | | | | | |
| SEC542: Web App Penetration Testing and Ethical Hacking | | | | | | | | |
| SEC301: Intro to Information Security | | | | | | | | |
| SEC511: Continuous Monitoring and Security Operations | | | | | | | | |
| SEC562: CyberCity Hands-on Kinetic Cyber Range Exercise | | | | | | | | |
| SEC401: Security Essentials Bootcamp Style | | | | | | | | |
| SEC560: Network Penetration Testing and Ethical Hacking | | | | | | | | |
| FOR408: Windows Forensic Analysis | | | | | | | | |
| SEC503: Intrusion Detection In-Depth | | | | | | | | |
| MGT512: SANS Security Leadership Essentials For Managers with Knowledge Compression™ | | | | | | | | |
| FOR610: Reverse-Engineering Malware: Malware Analysis Tools and Techniques | | | | | | | | |
| MGT414: SANS Training Program for CISSP® Certification | | | | | | | | |
| FOR508: Advanced Digital Forensics and Incident Response | | | | | | | | |
| SEC660: Advanced Penetration Testing, Exploit Writing, and Ethical Hacking | | | | | | | | |
| SEC505: Securing Windows with PowerShell and the Critical Security Controls | | | | | | | | |
| AUD507: Auditing & Monitoring Networks, Perimeters & Systems | | | | | | | | |
| SEC501: Advanced Security Essentials - Enterprise Defender | | | | | | | | |
| SEC566: Implementing and Auditing the Critical Security Controls - In-Depth | | | | | | | | |
| SEC617: Wireless Ethical Hacking, Penetration Testing, and Defenses | | | | | | | | |
| SEC522: Defending Web Applications Security Essentials | | | | | | | | |
| LEG523: Law of Data Security and Investigations | | | | | | | | |
| MGT525: IT Project Management, Effective Communication, and PMP® Exam Prep | | | | | | | | |
| MGT433: Securing The Human: How to Build, Maintain and Measure a High-Impact Awareness Program | | | | | | | | |
| SEC580: Metasploit Kung Fu for Enterprise Pen Testing | | | | | | | | |
| SEC546: IPv6 Essentials | | | | | | | | |
| SEC642: Advanced Web App Penetration Testing and Ethical Hacking | | | | | | | | |
| FOR526: Advanced Memory Forensics & Threat Detection | | | | | | | | |
| SEC760: Advanced Exploit Development for Penetration Testers | | | | | | | | |
| FOR572: Advanced Network Forensics and Analysis | | | | | | | | |
| FOR578: Cyber Threat Intelligence | | | | | | | | |
| FOR585: Advanced Smartphone Forensics | | | | | | | | |
| MGT415: A Practical Introduction to Cyber Security Risk Management | | | | | | | | |
| ICS410: ICS/SCADA Security Essentials | | | | | | | | |
| HOSTED: Physical Penetration Testing | | | | | | | | |
| Core NetWars Tournament | | | | | | | | |
| DFIR NetWars Tournament | | | | | | | | |
| Faster Than a Speeding Bullet: Can Geolocation Find Supervillains in Your Network? Instructor: Tim Collyer - Master's Degree Candidate | | | | | | | | |
| Insider Threat: The Enemy Within Instructor: Doug Thomas and Dr. Eric Cole | | | | | | | | |
| "Network Security as Counterinsurgency" Replacing The Art of War with FM 3-24 Instructor: Kevin Liston | | | | | | | | |
| A Special Reception for Cyber Leaders & Application Security Professionals | | | | | | | | |
| Attacks by BroBot against the US Financial Markets Instructor: Donald Smith | | | | | | | | |
| Bueller... Bueller...: Smartphone Forensics Moves Fast. Stay Current or Miss Evidence. Instructor: Heather Mahalik | | | | | | | | |
| Continuous Monitoring and Real-World Analysis Instructor: Seth Misenar | | | | | | | | |
| Creating a Baseline of Process Activity for Memory Forensics Instructor: Gordon Fraser - Master's Degree Candidate | | | | | | | | |
| Cyber Counter Intelligence and Deception: Toward Adaptive Defense Instructor: Gadi Evron | | | | | | | | |
| Debunking the Complex Password Myth Instructor: Keith Palmgren | | | | | | | | |
| Defending Control Systems in an Enterprise Environment Instructor: Robert M. Lee | | | | | | | | |
| Enterprise PowerShell for Remote Security Assessment Instructor: James Tarala | | | | | | | | |
| Evolving Threats Instructor: Paul A. Henry | | | | | | | | |
| General Session - Welcome to SANS Instructor: Johannes Ullrich | | | | | | | | |
| GIAC Program Overview Instructor: Jeff Frisk | | | | | | | | |
| How to Run Linux Malware Analysis Apps as Docker Containers Instructor: Lenny Zeltser | | | | | | | | |
| Making Awareness Stick Instructor: Lance Spitzner | | | | | | | | |
| Offensive Countermeasures, Active Defenses, and Internet Tough Guys Instructor: John Strand | | | | | | | | |
| Online Training Baseball Bash | | | | | | | | |
| Outsharing the Bad Guys. How to get involved with the InternetStorm Center Instructor: Dr. Johannes Ullrich, ISC Director | | | | | | | | |
| Practical Attack Detection using Big Data, Semantics, and Kill Chains Instructor: Brian Nafziger - Master's Degree Candidate | | | | | | | | |
| Registration Welcome Reception | | | | | | | | |
| SANS Technology Institute Information Session Instructor: Bill Lockhart | | | | | | | | |
| Securing The Kids Instructor: Lance Spitzner | | | | | | | | |
| Security Visibility in the Enterprise Instructor: Jim Hendrick - Master's Degree Candidate | | | | | | | | |
| Software Defined Networking / Attacker Defined Networking Instructor: Rob Vandenbrink | | | | | | | | |
| State of the Internet Panel Discussion Instructor: Dr. Johannes Ullrich, ISC Director and Marcus Sachs, ISC Director Emeritus | | | | | | | | |
| The 13 Absolute Truths of Security Instructor: Keith Palmgren | | | | | | | | |
| The Spy with a License to Kill Instructor: Matthew Hosburgh - Master's Degree Candidate | | | | | | | | |
| The State of the Takedown: Disrupting Online Cybercrime Instructor: John Bambenek | | | | | | | | |
| Unconventional Linux Incident Response Instructor: Tom Webb | | | | | | | | |
| Windows Exploratory Surgery with Process Hacker Instructor: Jason Fossen | | | | | | | | |
| Women in Technology Meet and Greet | | | | | | | | |
