Training
Featured CourseView All Courses
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training, Courses, and Resources
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

Inside the Most Dangerous New Attack Techniques

A SANS and RSAC collaboration revealing how the world’s most dangerous cyberattacks are advancing—and what it means for today’s security leaders.

Unlock the Latest White Paper
Typing on Computer
Jump to:

Fear the Dark: Preventing Lack of Data in Digital Forensic Incident Response

White Paper

Author: Heather Barnhart, SANS Fellow and Head of Faculty

Heather explores how gaps in forensic artifacts and logging create “dark periods” that blind defenders during critical incidents. Drawing lessons from high-profile cases and recent breaches, this research provides essential guidance for achieving forensic readiness and ensuring visibility.

Join the RSAC™ Membership for free to access this white paper and other exclusive content.

(This link will take you to our partner site, RSAC.)

Unlock Expert Insights
Eye

Explore more on this topic

Log for Normal to Find Evil: Lessons from Real Crimes and Cyber Attacks

When the logs go dark, attackers win. Heather Barnhart reveals why missing forensic artifacts leave defenders blind—and how to close those gaps before the next breach.

Read Blog

Hunt Evil Poster

Knowing what’s normal on a Windows host helps cut through the noise to quickly locate potential malware. Use this information as a reference to know what’s normal in Windows and to focus your attention on the outliers.

Download the Poster

Explore Digital Forensics and Incident Response (DFIR) Training

DFIR combines cybersecurity, threat hunting, and investigative techniques to identify, analyze, respond to, and proactively hunt cyber threats and criminal activity.

Explore Training

From Asymmetry to Parity: Building a Safe Harbor for AI-Driven Cyber Defense

White Paper

Author: Rob T. Lee, SANS Chief of Research and Chief AI Officer

Examine how privacy and AI laws constrain defenders, and why creating a cybersecurity safe harbor is essential to keep pace with adversaries.

Join the RSAC™ Membership for free to access this white paper and other exclusive content.

(This link will take you to our partner site, RSAC.)

Unlock Expert Insights
Big Eye

Explore more on this topic

5 Steps to Build Safe Harbor for AI-Driven Cyber Defense

AI makes attackers faster—automated recon, self-rewriting malware, phishing campaigns testing a thousand variants before lunch. They’re running at machine speed, not asking for permission. 

Read Blog

Own AI Securely

This blueprint turns AI chaos into secure, auditable deployment — mapped to global standards, and ready for action.

Download Blueprint

AI Security Starts Here

Backed by global standards leadership and real-world expertise, we prepare professionals at every level to lead safely and confidently in the age of AI.

Explore AI Training

Authorization Sprawl: The Vulnerability Reshaping Modern Attacks

White Paper

Author: Joshua Wright, SANS Fellow

Understand how attackers exploit identity sprawl across SSO, tokens, and SaaS to evade detection, and what defenders can do to regain visibility and control.

Join the RSAC™ Membership for free to access this white paper and other exclusive content.

(This link will take you to our partner site, RSAC.)

Unlock Expert Insights
Hand

Explore more on this topic

Authorization Sprawl: The Hidden Vulnerability Reshaping Modern Cyberattacks

Attackers aren’t breaking in—they’re logging in. Josh Wright uncovers how “authorization sprawl” is fueling major breaches, and why cloud-to-on-prem identity gaps are the hidden battleground.

Read Blog

Explore Cloud Security Training

Knowing how to safeguard sensitive information in cloud environments is crucial for preventing cyber threats, ensuring compliance, and maintaining business continuity.

Explore Training

ICS Ransomware and Attacks: Extortion and Sabotage in Critical Infrastructure

White Paper

Author: Tim Conway, SANS Fellow  From production outages to targeted sabotage, Tim Conway examines how criminal and nation-state actors exploit ICS vulnerabilities to create cascading consequences for critical infrastructure. 

Release Date: November 3

Pen and Screen

Join the Experts Live

Join us on November 13 for the exclusive launch of the Most Dangerous New Attack Techniques eBook and a live webcast with the RSAC keynote experts. We’ll connect the dots across four emerging threat domains, from forensics blind spots to AI regulations, authorization sprawl, and destructive ICS threats— and break down what they mean for today’s security leaders.

Reserve Your Spot

Access all these reports, connect with peers, and get more exclusive insights—join the RSAC™ Community.

Become a Member!