Join us for the FREE Cyber Defense Forum | Live Online on October 9


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

Updated Security Essentials Bootcamp course helps boost adoption of critical controls

SANS' course offers diverse set of participants understanding of security fundamentals and common terminology as inter-departmental InfoSec requirements increase

  • Bethesda, MD
  • February 11, 2015

SANS Oslo 2015 this March will host a newly updated version of the popular SEC401: Security Essentials Bootcamp Style course, with an increased emphasis on implementing the critical security controls.

"SEC401 tends to attract an incredibly diverse set of participants," explains Chris Christianson, SANS instructor and course tutor at Oslo, "Alongside IT staff looking to expand skills, we tend to get people from HR, legal, financial auditors, business managers as well as law enforcement. Over the years, you can see a trend where organisations are increasingly requiring a greater level of InfoSec awareness, or organisations keen for existing departments such as HR and legal to take ownership of compliance and audit across the wider IT landscape."

The 6 day course covers a wide remit including networking concepts, internet security technologies, secure communications and core operating system security. This year also sees enhancements to the course to align the syllabus to include more material on adhering to the critical controls best practices.

"The question we often get asked is where do we start?" says Christianson, "...the recent update to the course covers more critical controls which gives students a great starting point to get back to the office on the Monday and start to make some immediate positive impact."

Christianson also believes that another key benefit is helping to create a common baseline of knowledge and terminology, "Somebody coming to the course from a HR or financial audit background may well be an expert in their respective field, but when they engage with the IT department or external service providers, everybody needs to be on the same page and this course provides that common grounding."

"401 is often the starting point for many people entering information security," says Christianson, "We touch on so many areas and have lots of hands on lab work to allow students to gain insights and also potentially plan further InfoSec education and career direction."

SANS Oslo 2015 will run from 23rd until 28th March 2015 at the Scandic Solli Hotel in Oslo, Norway. In addition to the popular SEC401 course, SANS Instructor Raul Siles will lead SEC542: Web App Penetration Testing and Ethical Hacking, which provides current and in-depth skills training for professional web application penetration testing.

Online registration is available via or contact SANS by email at

Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (