SANS Introduces New Vulnerability Assessment Security Training Course

Bethesda, Md. – SANS Institute, the global leader in cyber security training, today announced a new vulnerability assessment course, SEC460: Enterprise Threat and Vulnerability Assessment. This is the first class of its kind to offer a hands-on approach for performing vulnerability assessments - correctly - in addition to engagement planning, threat modeling, and proper risk assessments. SANS SEC460 will debut at SANS Pittsburgh 2018 taking place in Pennsylvania July 30 - August 4.

"More than a checklist, this course gives students a tour of the attacker perspective, which is crucial to discovering where strikes will land. SEC460 was designed to be the optimal point of entry for anyone in an IT role given Information Security responsibility or considering a transition to careers focused on computer attack and defense," said Adrien de Beaupre, a certified SANS instructor and track lead for the SEC460 course.

SEC460: Enterprise Threat and Vulnerability Assessment covers threat management and introduces core components of comprehensive vulnerability assessment. Assessments of networks, operating systems, and web applications are detailed using a blended toolkit of commercial, free, and open source tools. For example, the inclusion of Acunetix Web Vulnerability scanner will add value to security professionals looking to automate aspects of their software implementation and software development life cycles.

According to Matthew Toussain, a co-author of Enterprise Threat and Vulnerability Assessment, "SEC460 was designed by taking the very best government and private sector strategies and tactics, including those observed from government Cyber Protection Teams and other major vulnerability assessment and management engagements like the Olympics. The foremost objective of this learning experience is to arm students with lessons learned in the field and empower them to be agents for continuous security improvement."

For additional information on the SEC460: Enterprise Threat and Vulnerability Assessment course, or to register, visit:

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. Today, SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals in government and commercial institutions world-wide. Renowned SANS instructors teach more than 60 courses at in-person and virtual cyber security training events and on demand. GIAC, an affiliate of the SANS Institute, validates practitioner skills through more than 35 hands-on, technical certifications in cyber security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers a master’s degree, graduate certificates, and an undergraduate certificate in cyber security. SANS Security Awareness, a division of SANS, provides organizations with a complete and comprehensive security awareness solution, enabling them to easily and effectively manage their ‘human’ cybersecurity risk. SANS also delivers a wide variety of free resources to the InfoSec community including consensus projects, research reports, webcasts, podcasts, and newsletters; it also operates the Internet's early warning system–the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to support and educate the global information security community. (