SANS Rocky Mountain Fall is Live Online! Join us Nov 2-7 MT for 17 interactive courses + NetWars. Save $300 thru 10/7.


Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.

SANS to Detail How to Implement and Audit the Critical Security Controls at Denver Training Event

Keynote Address to Discuss the InfoSec State of the Union

  • Bethesda, MD
  • July 24, 2017

SANS Institute, the global leader in information security training, today announced the agenda for SANS Rocky Mountain Fall 2017 taking place in Denver September 25 - 30. Randy Marchany (@randymarchany), CISO of Virginia Tech and Director of Virginia Tech's IT Security Laboratory, will teach the SEC566: Implementing and Auditing the Critical Security Controls In-Depth course. The Critical Security Controls (CSCs) are a well-known roadmap for enterprise information assurance published and maintained by the Center for Internet Security.

According to Marchany, "How do you create an operational plan to implement a high level standard such as NIST 800-53, NIST 800-171, ISO 27001, PCI, etc.? The Critical Security Controls provide a way to implement and measure your progress in creating this operational plan. The controls address 70-80% of the known attacks today. Join me at SANS Rocky Mountain Fall where I will share how to implement the controls and how to measure whether the Controls are effectively implemented."

For more information on the SEC566: Implementing and Auditing the Critical Security Controls In-Depth course or to register, visit here:

SANS Rocky Mountain Fall 2017 will feature a variety of hands-on immersion style training courses. Additional courses offered include SEC401: Security Essentials Bootcamp Style, SEC504: Hacker Tools, Techniques, Exploits, and Incident Handling, MGT517: Managing Security Operations: Detection, Response, and Intelligence, and FOR578: Cyber Threat Intelligence. Bonus evening discussions will round out the agenda, including a keynote address by malware expert Jake Williams (@MalwareJake) on the InfoSec State of the Union.

For a complete list of courses, instructors, bonus evening sessions or to register for SANS Rocky Mountain Fall 2017, please visit:

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions worldwide. Renowned SANS instructors teach more than 60 courses at In-Person and Live Online cyber security training events, and more than 50 courses are available anytime, anywhere with our OnDemand platform. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system – the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (