New SANS Course Provides a Faster Way to Onboard Cyber Defenders

Bethesda, Md. – Starting a career in cyber defense can quickly become overwhelming given the seemingly infinite amount of information one is required to learn. SANS Institute, the global leader in cyber security training and certifications, today announced a new course—SEC450 Blue Team Fundamentals: Security Operations and Analysis—that greatly shortens the time required to become a member of the blue team. SEC450 squarely addresses this information overload by focusing on specific central concepts that, when explained systematically, enable aspiring blue team members to step into a security operations center or cyber defense role with confidence.

According to SEC450 course author and dedicated blue-teamer John Hubbard (@SecHubb), “SEC450 addresses a critical industry issue—getting and keeping new defenders. Security operations and cyber defense can become monotonous leading to high turnover. We preemptively tackle this problem by teaching concepts that keep defenders and their colleagues challenged and happy, with plenty of room for career growth on the blue team.”

A live webcast will be held on May 15th offering a sneak peak of this course. The hour-long event hosted by Hubbard will include a Q&A session. For more information on the webcast, or to register, visit:

SEC450 Blue Team Fundamentals: Security Operations and Analysis provides a detailed explanation of the mission and mindset of a modern cyber defense operation. In addition to an introduction to all of the tools common to a defender's work environment, students will learn all the stages of security operations; how data is collected, where it is collected, and how threats are identified within that data.

The class dives deep into tactics for triage and investigation of events that are identified as malicious. Students learn how to avoid common mistakes and perform continual high-quality analysis. They will also learn the inner workings of the most popular protocols and how to identify weaponized files and attacks within the hosts and data on their network. The course employs a practical, hands-on style of instruction that uses a simulated SOC environment with a real, fully-integrated toolset that includes Security Information and Event Management (SIEM), an incident tracking and management system, a threat intelligence platform, packet capture, and automation tools.

To learn more about SEC450 Blue Team Fundamentals: Security Operations and Analysis course, visit:

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cyber security training events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (