New SANS Courses
New Courses in Development
Cyber Defense |
---|
|
SEC547: Defending Product Supply ChainsThe threat landscape has changed, and gone are the days when erecting a strong perimeter is sufficient to keep adversaries at bay. Supply chain attacks are effective in bypassing traditional defenses because they act as a sort of “Maginot Line”, circumventing traditional controls and often inviting the adversary inside through the use of “trusted” technologies. SEC547 covers the overarching threat landscape and provides real-world examples of how these attacks work and why they are effective and outlines actionable takeaways for students to bring back to their own environments. |
Cloud Security |
---|
No courses currently in development |
Digital Forensics & Incident Response |
---|
FOR548: eDiscovery - Tactics for Conquering the Data Minefield
|
FOR577: Linux Incident Response & AnalysisLinux powers a vast range of business-critical systems across the globe. From webservers to database platforms, to network hardware to security appliances, Linux can often be found “under the hood” making sure the system just keeps working. This course gives incident responders and forensic investigators the knowledge they need to understand how the systems work, how attackers compromise environments and how to respond and investigate in an effective manner. |
FOR589: Cybercrime Intelligence
|
Industrial Control Systems |
---|
TBA |
Offensive Operations |
---|
SEC446: Hardware Assisted HackingTightly packed with tips, techniques, and hands-on procedures, this course teaches the foundations of both hardware theory and hardware practice, as well as how they relate to hardware and software security. |
SEC568: Combating Supply Chain Attacks with Product Security TestingSupply chain attacks go unnoticed on average for 235 days and do more damage as a result of not having a deep understanding of the products being used on a network. Product Security tests help obtain a comprehensive understanding of how choosing to use a particular product in your organization can increase your attack surface and how your threat model and risk posture is affected. Product security testing is vital in preparing your organization to defend and recover from software supply chain attacks. This course acts as a practical on-ramp into the world of product security testing and risk analysis through over 20 hands-on exercises. By utilizing offensive tactics with a defensive mindset students will learn how to analyze the risk of introducing desktop, mobile, proprietary protocols and hardware devices into your environment using a wide variety of technical skills to gaining a deep understanding of how a target operates. On the last day, the students will conduct a guided 5 hour exercise where they will do black box analysis on a popular commercial application. |
SEC598: Security Automation for Offense, Defense, and CloudLearn how to break down an organization's security issues and define solutions to locally automate secure configurations, set a desired state configuration, deploy infrastructure as code in different environments, and detect and respond to security incidents in an automated manner. |
SEC670: Red Teaming Tools - Developing Windows Implants, Shellcode, Command and ControlLearn the essential building blocks for developing custom offensive tools through required programming, APIs used, and mitigations for techniques. |
Security Leadership |
---|
No courses currently in development |