ＨｉｄｅＺｅｒｏＯｎｅ

SEC554 will teach you all topics relevant to securing, hacking, and using blockchain and smart contract technology. The course takes a detailed look at the technology that underpins multiple implementations of blockchain, the cryptography and transactions behind them, the various smart contract languages like Solidity and Rust, and the protocols built with them like NFTs, DeFi, and Web3. The labs in the course provide the hands-on training and tools needed to deploy, audit, scan, and exploit blockchain and smart contract assets, as well as actively learn how to defend them and identify threats and threat actors using them for malicious purposes.

SEC554.1: Blockchain and Smart Contract Fundamentals
SEC554.2: Smart Contract Hacking – Solidity
SEC554.3: Smart Contract Hacking – Rust
SEC554.4: Exploiting DeFi Protocols
SEC554.5: Cross-Chain, Defense, and Compliance

SEC554: Blockchain and Smart Contract Security

This course is designed to help students build and maintain a truly defensible security architecture, while taking them on a journey towards implementing Zero Trust principles, pillars and capabilities. There will be a heavy focus on leveraging current infrastructure and investment. Students will learn how to assess, re-configure and validate existing technologies to significantly improve their organizations’ prevention, detection and response capabilities, augment visibility, reduce attack surface, and even anticipate attacks in innovative ways. The course will also delve into some of the latest technologies and their capabilities, strengths, and weaknesses. You will come away with recommendations and suggestions that will aid in building a robust security infrastructure, layer by layer, across hybrid environments, as you embark on a journey towards Zero Trust. 23 Hands-On Labs + Capstone Secure the Flag Challenge

SEC530.1: Defensible Security Architecture and Engineering: A Journey Towards Zero Trust
SEC530.2: Network Security Architecture and Engineering
SEC530.3: Network-Centric Application Security Architecture
SEC530.4: Data-Centric Application Security Architecture
SEC530.5: Zero-Trust Architecture: Addressing the Adversaries Already in Our Networks
SEC530.6: Hands-On Secure the Flag Challenge

SEC530: Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid Enterprise

Organizations are becoming multi cloud by choice or by chance. However, although each cloud provider is responsible for the security of the cloud, its customers are responsible for what they do in the cloud. Unfortunately, this means that security professionals must support hundreds of different services across multiple clouds. Many of these services are insecure by default, and few of them are consistent across the different clouds. Security teams need a deep understanding of each cloud’s services to lock them down. As the multicloud landscape rapidly evolves, security is constantly playing catch-up to avert disaster. SEC510: Public Cloud Security: AWS, Azure, and GCP solves this problem by teaching you the security nuances between the Big 3 cloud providers and how to securely configure their Platform as a Service (PaaS) / Infrastructure as a Service (IaaS) offerings. 20 Hands-On Labs + Bonus Challenges

SEC510.1: Cloud Identity and Access Management
SEC510.2: Cloud Virtual Networks
SEC510.3: Cloud Data Security
SEC510.4: Cloud Application Services and User Security
SEC510.5: Multicloud and Cloud Security Posture Management

SEC510: Public Cloud Security: AWS, Azure, and GCP

Have fun learning Windows security and PowerShell scripting at the same time in course SEC505 at SANS. No prior PowerShell scripting experience is required. Attendees will have fun using generative AI to help write PowerShell scripts, including a fully functional ransomware script that attendees will write and unleash in their training virtual machines in order to learn about defenses against PowerShell malware. This is a course mainly for on-premises Windows environments, such as for GOV and MIL networks, but PowerShell is popular for Azure and AWS too. The course author, Jason Fossen, is a Faculty Fellow who has taught Windows security at SANS for more than 25 years and PowerShell for more than 15 years. Jason gives away his PowerShell scripts for free at https://BlueTeamPowerShell.com.

SEC505.1: Learn PowerShell Scripting for Security
SEC505.2: You Don’t Know THE POWER!
SEC505.3: PowerShell for WMI and Active Directory
SEC505.4: PowerShell DevOps and AI-Generated Code
SEC505.5: Certificates and Multifactor Authentication
SEC505.6: PowerShell Ransomware and Security

SEC505: Securing Windows and PowerShell Automation

Become an Enterprise Defender! Enhance your knowledge and skills in the specific areas of network architecture defense, penetration testing, security operations, digital forensics and incident response, and malware analysis. SEC501: Advanced Security Essentials – Enterprise Defender is an essential course for members of security teams of all sizes. That includes smaller teams where you wear several (or all) hats and need a robust understanding of many facets of cybersecurity, and larger teams where your role is more focused, and gaining skills in additional areas adds to your flexibility and opportunities. This course concentrates on showing you how to examine the traffic that is flowing on your networks, look for indications of an attack, and perform penetration testing and vulnerability analysis against your enterprise to identify problems and issues before a compromise occurs. When a compromise does occur – and it will – you’ll be able to eradicate it because you will have already scoped your adversaries activities by collecting digital artifacts of their actions and analyzing malware they have installed on your systems. That done, you can then undertake the recovery and remediation steps that would have been pointless if your adversary had persisted on your network. 26 Hands-on Labs + Capstone CTF

SEC501.1: Defensible Network Architecture
SEC501.2: Penetration Testing
SEC501.3: Security Operations Foundations
SEC501.4: Digital Forensics and Incident Response
SEC501.5: Malware Analysis
SEC501.6: Enterprise Defender Capstone

SEC501: Advanced Security Essentials – Enterprise Defender