SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Experience SANS training through course previews.
Learn MoreLet us help.
Contact usBecome a member for instant access to our free resources.
Sign UpWe're here to help.
Contact UsAdvance your skills with hands-on training in SIEM, detection engineering, and threat visibility. Courses and certifications built by, for defenders.
Get practical insight from SANS instructors and experienced defenders as they share what it really takes to run a successful Security Operations Center (SOC). From tooling and workflows to challenges and lessons learned—this video covers the key elements shaping today’s SOCs.
Build hands-on skills to detect, investigate, and respond to threats as a security operations analyst in real-world environments.
Learn MoreLearn to design and run effective security operations by combining network monitoring, endpoint visibility, and alert validation.
Learn MoreGain the knowledge and tools needed to lead cybersecurity teams, align security with business goals, and manage security operations effectively.
Learn MoreDevelop deep packet inspection and network traffic analysis skills to uncover threats and uncover malicious activity in your environment.
Learn MoreLearn how to fine-tune your SIEM, correlate alerts, and apply analytics to detect and respond to real-world attacks.
Learn MoreApply data science and machine learning techniques to enhance threat detection, automate analysis, and improve SOC decision-making.
Learn MoreUnderstand attacker tactics and build your response capabilities through hands-on incident handling and threat detection labs.
Learn MoreStrengthen your ability to detect and respond to threats in cloud environments using native tools and cloud-specific monitoring techniques.
Learn MoreSummit: Oct 28-29 | Training: Oct 30 – Nov 4 Austin, TX & Live Online The Hack & Defend Summit will bring Blue and Red together to learn from each other and build better protection strategies. By working together instead of separately, we can create stronger defenses against real threats. With two simultaneous tracks — Defense and Offense — you can choose your mission.
Explore SummitIf you work in or lead a SOC role then the SANS Guide To Security Operations is for you. This booklet distills the core lessons from LDR551: Building and Leading Security Operations Centers and SEC450: Blue Team Fundamentals: Security Operations and Analysis, into an easy to digest list of defense functions, tools, key data, metrics, and models your team needs to know to be successful.
Improving security operations using open source tools
The most important skills for working in a security operations center
Learn how to reduce false positives into a methodical approach that can work for anyone
Arm yourself with the most valuable and actionable content for advancing cyber defense skills. Hear from some truly interesting people changing the game in the blue teaming field, and ultimately learn actionable ways to take your cyber defense skills to the next level.
One year ago I became a SOC team lead and this [SOC training] course adds to my knowledge and puts a more structured approach on what a SOC I am running should look like.
SEC511 is really interesting and full of useful information. I can see it adding a lot of value to our current setup.
From a heavy background in host forensics and limited knowledge in network analysis and forensics, SEC503 has filled in a lot of the gaps in knowledge I have had throughout my career.