Training
Featured CourseView All Courses
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training, Courses, and Resources
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

SANS 2025 AI Survey: Measuring AI’s Impact on Security Three Years Later

Login to download
SANS 2025 AI Survey: Measuring AI’s Impact on Security Three Years Later (PDF, 2.52MB)Published: 03 Sep, 2025
Created by:
Ahmed Abugharbia
Ahmed Abugharbia

AI is not on the horizon. It is here. It has been here. Generative AI (GenAI) and large language models (LLM) entered the cybersecurity zeitgeist nearly three years ago when ChatGPT became available to the public. Business leaders are clearly interested in using GenAI. They are scrambling to incorporate it in any way that makes sense—and many ways that might not make sense.

SANS 2025 AI Survey Webcast & Forum: Measuring AI's Impact on Security Three Years Later

Related Webcast

This webcast is built on insights from one of our most anticipated cybersecurity surveys of the year—offering an in-depth look at how the community is adopting, adapting to, and defending against artificial intelligence in all its forms.

Read more
Man presenting webcast

Meet the Author

Ahmed Abugharbia
Ahmed Abugharbia

Ahmed Abugharbia

Certified Instructor

Ahmed Abugharbia is a SANS Certified Instructor and founder of Cyberdojo, focusing on GenAI and Cloud Security. With over 17 years of experience in security, Ahmed has worked and led projects in cloud security, network and application security, as well as incident handling.

Read more about Ahmed Abugharbia

Additional resources

Own AI Securely: The SANS Secure AI Blueprint

WhitepaperArtificial Intelligence
  • 9 Sep 2025
  • Rob T. Lee

Securing The Cloud: Persistent Challenges, Emerging Threats, and The Rise of AI Defense

WhitepaperArtificial Intelligence
  • 9 Sep 2025
  • Dr. Anton Chuvakin, Dr. Paul Vixie, Frank Kim, Simon Vernon, Brandon Evans, Dave Shackleford, Wesley Kuzma

Fixing What You Broke: Can AI Be Used to Thwart AI-Generated Malware?

WhitepaperArtificial Intelligence
  • 3 Sep 2025

AI-Driven SecOps: Unifying Controls, Automating Response, and Advancing the Modern SOC Using Cortex XSIAM

WhitepaperArtificial Intelligence
  • 29 Jul 2025
  • Dave Shackleford

Trust But Verify: Evaluating the Accuracy of LLMs in Normalizing Threat Data Feeds

WhitepaperArtificial Intelligence
  • 16 Jul 2025

Do AI Coding Assistants Make Bad Coders Worse? A Security Evaluation of GitHub Copilot

WhitepaperArtificial Intelligence
  • 11 Jul 2025

Related courses

  • Slide 1 of 13

    SEC503: Network Monitoring and Threat Detection In-Depth

    Intermediate
    SEC503Cyber Defense
    SEC503: Network Monitoring and Threat Detection In-Depth
    • GIAC Certified Intrusion Analyst (GCIA)
    • 6 Days (Instructor-Led)
    • 46 CPEs / 46 Hours (Self-Paced)
    • Labs: 37 Hands-On Labs

    View course detailsRegister
  • Slide 2 of 13

    LDR512: Security Leadership Essentials for Managers

    Intermediate
    LDR512Cybersecurity Leadership
    LDR512: Security Leadership Essentials for Managers
    • GIAC Security Leadership (GSLC)
    • 5 Days (Instructor-Led)
    • 30 CPEs / 30 Hours (Self-Paced)
    • Labs: 22 Hands-On Labs

    View course detailsRegister
  • Slide 3 of 13

    SEC497: Practical Open-Source Intelligence (OSINT)

    Intermediate
    SEC497Cyber Defense
    SEC497: Practical Open-Source Intelligence (OSINT)
    • GIAC Open Source Intelligence (GOSI)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 29 Hands-On Labs

    View course detailsRegister
  • Slide 4 of 13

    SEC450: SOC Analyst Training – Applied Skills for Cyber Defense Operations

    Major UpdatesIntermediate
    SEC450Cyber Defense
    SEC450: Blue Team Fundamentals: Security Operations and Analysis
    • GIAC Security Operations Certified (GSOC)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 22 Hands-On Labs

    View course detailsRegister
  • Slide 5 of 13

    SEC545: GenAI and LLM Application Security

    newAdvanced
    SEC545Cloud Security
    SEC545: GenAI and LLM Application Security
    • 3 Days (Instructor-Led)
    • 18 CPEs / 18 Hours (Self-Paced)
    • Labs: 11 Hands-On Labs

    View course detailsRegister
  • Slide 6 of 13

    SEC587: Advanced Open-Source Intelligence (OSINT) Gathering and Analysis

    Advanced
    SEC587Cyber Defense
    SEC587
    • GIAC Strategic OSINT Analyst (GSOA)
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 28 Hands-On Labs

    View course detailsRegister
  • Slide 7 of 13

    SEC511: Cybersecurity Engineering: Advanced Threat Detection and Monitoring

    Intermediate
    SEC511Cyber Defense
    SEC511: Continuous Monitoring and Security Operations
    • GIAC Continuous Monitoring Certification (GMON)
    • 6 Days (Instructor-Led)
    • 46 CPEs / 46 Hours (Self-Paced)
    • Labs: 18 Hands-On Labs

    View course detailsRegister
  • Slide 8 of 13

    AIS247: AI Security Essentials for Business Leaders

    Essentials
    AIS247Cybersecurity Leadership
    LDR414: SANS Training Program for CISSP® Certification
    • 2 CPEs / 2 Hours (Self-Paced)

    View course detailsRegister
  • Slide 9 of 13

    LDR514: Security Strategic Planning, Policy, and Leadership

    Advanced
    LDR514Cybersecurity Leadership
    LDR514: Security Strategic Planning, Policy, and Leadership
    • GIAC Strategic Planning, Policy, and Leadership (GSTRT)
    • 5 Days (Instructor-Led)
    • 30 CPEs / 30 Hours (Self-Paced)
    • Labs: 32 Hands-On Labs

    View course detailsRegister
  • Slide 10 of 13

    SEC495: Leveraging LLMs: Building & Securing RAG, Contextual RAG, and Agentic RAG

    Essentials
    SEC495Cyber Defense
    SEC495: Leveraging LLMs: Building & Securing RAG, Contextual RAG, and Agentic RAG
    • 7 CPEs / 7 Hours (Self-Paced)

    View course detailsRegister
  • Slide 11 of 13

    FOR563: Applied AI for Digital Forensics and Incident Response: Leveraging Local Large Language Models

    newIntermediate
    FOR563Digital Forensics and Incident Response
    FOR509: Enterprise Cloud Forensics and Incident Response
    • 1 Day (Instructor-Led)
    • 6 CPEs / 6 Hours (Self-Paced)
    • Labs: 4 Hands-On Labs

    View course detailsRegister
  • Slide 12 of 13

    SEC598: AI and Security Automation for Red, Blue, and Purple Teams

    Major UpdatesIntermediate
    SEC598Offensive Operations
    SEC598: AI and Security Automation for Red, Blue, and Purple Teams
    • 6 Days (Instructor-Led)
    • 36 CPEs / 36 Hours (Self-Paced)
    • Labs: 25 Hands-On Labs

    View course detailsRegister
  • Slide 13 of 13

    SEC535: Offensive AI - Attack Tools and Techniques

    newIntermediate
    SEC535Offensive Operations
    SEC535: Offensive AI - Attack Tools and Techniques
    • 3 Days (Instructor-Led)
    • 18 CPEs / 18 Hours (Self-Paced)
    • Labs: 14 Hands-On Labs

    View course detailsRegister