homepage
Open menu

Information Security Resources

Information Security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption.

Wikipedia says,

"Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The terms information security, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Information security is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take: electronic, print, or other forms."

Paid SANS Information Security Resources

Cybersecurity and IT Essentials
SEC401: Security Essentials: Network, Endpoint, and Cloud
Whether you are new to information security or a seasoned practitioner with a specialized focus, SEC401 will provide the essential information security skills and techniques you need to protect and secure your critical information and technology assets, whether on-premise or in the cloud. SEC401...
Certification:

  • GSEC

Course Details
Penetration Testing and Red Teaming
SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504 helps you develop the skills to conduct incident response investigations. You will learn how to apply a dynamic incident response process to evolving cyber threats, and how to develop threat intelligence to mount effective defense strategies for cloud and on-premises platforms. We'll examine...
Certification:

  • GCIH

Course Details
Penetration Testing and Red Teaming
SEC542: Web App Penetration Testing and Ethical Hacking
SEC542 enables students to assess a web application's security posture and convincingly demonstrate the business impact should attackers exploit the discovered vulnerabilities. You will practice the art of exploiting web applications to find flaws in your enterprise's web apps. You'll learn about...
Certification:

  • GWAPT

Course Details
Security Management, Legal, and Audit
MGT512: Security Leadership Essentials for Managers
Security leaders need both technical knowledge and leadership skills to gain the respect of technical team members, understand what technical staff are actually doing, and appropriately plan and manage security projects and initiatives. This is a big and important job that requires an understanding...
Certification:

  • GSLC

Course Details
Digital Forensics and Incident Response
FOR500: Windows Forensic Analysis
FOR500 builds in-depth and comprehensive digital forensics knowledge of Microsoft Windows operating systems by analyzing and authenticating forensic data as well as track detailed user activity and organize findings. It teaches students to apply digital forensic methodologies to a variety of case...
Certification:

  • GCFE

Course Details
Security Management, Legal, and Audit, Digital Forensics and Incident Response
LEG523: Law of Data Security and Investigations
New law on privacy, e-discovery and data security is creating an urgent need for professionals who can bridge the gap between the legal department and the cybersecurity team. SANS LEG523 provides this unique professional training, including skills in the analysis and use of contracts, policies, and...
Certification:

  • GLEG

Course Details

    Free SANS Information Security Resources