homepage
Open menu

Information Security Resources

Information Security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption.

Wikipedia says,

"Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take: electronic, print, or other forms."

Paid SANS Information Security Resources

new
Cybersecurity and IT Essentials
SEC401: Security Essentials: Network, Endpoint, and Cloud
Whether you are new to information security or a seasoned practitioner with a specialized focus, SEC401 will provide the essential information security skills and techniques you need to protect and secure your critical information and technology assets, whether on-premise or in the cloud. SEC401...
Certification:

  • GSEC

Course Details
Penetration Testing and Ethical Hacking
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504 helps you develop the skills to conduct incident response investigations. You will learn how to apply a dynamic incident response process to evolving cyber threats, and how to develop threat intelligence to mount effective defense strategies for cloud and on-premises platforms. We'll examine...
Certification:

  • GCIH

Course Details
Penetration Testing and Ethical Hacking
SEC542: Web App Penetration Testing and Ethical Hacking
In SEC542, you will practice the art of exploiting web applications to find flaws in your enterprise's web apps. You'll learn about the attacker's tools and methods in order to be a more powerful defender. Through detailed, hands-on exercises and with guidance from the instructor, you will learn...
Certification:

  • GWAPT

Course Details
Security Management, Legal, and Audit
MGT512: Security Leadership Essentials for Managers
Security managers need both technical knowledge and management skills to gain the respect of technical team members, understand what technical staff are actually doing, and appropriately plan and manage security projects and initiatives. This is a big and important job that requires an...
Certification:

  • GSLC

Course Details
Digital Forensics and Incident Response
FOR500: Windows Forensic Analysis
FOR500 builds in-depth and comprehensive digital forensics knowledge of Microsoft Windows operating systems by analyzing and authenticating forensic data as well as track detailed user activity and organize findings. It teaches students to apply digital forensic methodologies to a variety of case...
Certification:

  • GCFE

Course Details
Security Management, Legal, and Audit, Digital Forensics and Incident Response
LEG523: Law of Data Security and Investigations
New law on privacy, e-discovery and data security is creating an urgent need for professionals who can bridge the gap between the legal department and the cybersecurity team. SANS LEG523 provides this unique professional training, including skills in the analysis and use of contracts, policies, and...
Certification:

  • GLEG

Course Details

    Free SANS Information Security Resources