ＨｉｄｅＺｅｒｏＯｎｅ

Organizations are becoming multi cloud by choice or by chance. However, although each cloud provider is responsible for the security of the cloud, its customers are responsible for what they do in the cloud. Unfortunately, this means that security professionals must support hundreds of different services across multiple clouds. Many of these services are insecure by default, and few of them are consistent across the different clouds. Security teams need a deep understanding of each cloud’s services to lock them down. As the multicloud landscape rapidly evolves, security is constantly playing catch-up to avert disaster. SEC510: Public Cloud Security: AWS, Azure, and GCP solves this problem by teaching you the security nuances between the Big 3 cloud providers and how to securely configure their Platform as a Service (PaaS) / Infrastructure as a Service (IaaS) offerings. 20 Hands-On Labs + Bonus Challenges

SEC510.1: Cloud Identity and Access Management
SEC510.2: Cloud Virtual Networks
SEC510.3: Cloud Data Security
SEC510.4: Cloud Application Services and User Security
SEC510.5: Multicloud and Cloud Security Posture Management

SEC510: Public Cloud Security: AWS, Azure, and GCP

Have fun learning Windows security and PowerShell scripting at the same time in course SEC505 at SANS. No prior PowerShell scripting experience is required. Attendees will have fun using generative AI to help write PowerShell scripts, including a fully functional ransomware script that attendees will write and unleash in their training virtual machines in order to learn about defenses against PowerShell malware. This is a course mainly for on-premises Windows environments, such as for GOV and MIL networks, but PowerShell is popular for Azure and AWS too. The course author, Jason Fossen, is a Faculty Fellow who has taught Windows security at SANS for more than 25 years and PowerShell for more than 15 years. Jason gives away his PowerShell scripts for free at https://BlueTeamPowerShell.com.

SEC505.1: Learn PowerShell Scripting for Security
SEC505.2: You Don’t Know THE POWER!
SEC505.3: PowerShell for WMI and Active Directory
SEC505.4: PowerShell DevOps and AI-Generated Code
SEC505.5: Certificates and Multifactor Authentication
SEC505.6: PowerShell Ransomware and Security

SEC505: Securing Windows and PowerShell Automation

Become an Enterprise Defender! Enhance your knowledge and skills in the specific areas of network architecture defense, penetration testing, security operations, digital forensics and incident response, and malware analysis. SEC501: Advanced Security Essentials – Enterprise Defender is an essential course for members of security teams of all sizes. That includes smaller teams where you wear several (or all) hats and need a robust understanding of many facets of cybersecurity, and larger teams where your role is more focused, and gaining skills in additional areas adds to your flexibility and opportunities. This course concentrates on showing you how to examine the traffic that is flowing on your networks, look for indications of an attack, and perform penetration testing and vulnerability analysis against your enterprise to identify problems and issues before a compromise occurs. When a compromise does occur – and it will – you’ll be able to eradicate it because you will have already scoped your adversaries activities by collecting digital artifacts of their actions and analyzing malware they have installed on your systems. That done, you can then undertake the recovery and remediation steps that would have been pointless if your adversary had persisted on your network. 26 Hands-on Labs + Capstone CTF

SEC501.1: Defensible Network Architecture
SEC501.2: Penetration Testing
SEC501.3: Security Operations Foundations
SEC501.4: Digital Forensics and Incident Response
SEC501.5: Malware Analysis
SEC501.6: Enterprise Defender Capstone

SEC501: Advanced Security Essentials – Enterprise Defender

More businesses than ever are moving sensitive data and shifting mission-critical workloads to the cloud, and not just to one cloud service provider (CSP). Something that is unclear to many, is that organizations are still responsible for securing their data and mission-critical applications in the cloud. The benefits in terms of cost and speed of leveraging a multi cloud platform to develop and accelerate delivery of business applications and analyze customer data can quickly be reversed if security professionals are not properly trained to secure the organization’s cloud environment and investigate and respond to the inevitable security breaches. New technologies introduce new risks. The SEC488 cloud security course helps your organization successfully navigate both the security challenges and opportunities presented by cloud services. 20 Hands-on Labs + CloudWars Capstone Challenge.

SEC488.1: Identity and Access Managment (IAM)
SEC488.2: Compute and Configuration Management
SEC488.3: Data Protection and Automation
SEC488.4: Networking and Logging
SEC488.5: Compliance, Incident Response, and Penetration Testing
SEC488.6: CloudWars

SEC488: Cloud Security Essentials

SEC575 will prepare you to effectively evaluate the security of iOS and Android mobile devices, assess and identify flaws in mobile applications, and conduct a mobile device penetration test, which are all critical skills required to protect and defend mobile device deployments. You will learn how to pen test the biggest attack surface in your organization; dive deep into evaluating mobile apps and operating systems and their associated infrastructure; and better defend your organization against the onslaught of mobile device attacks.

SEC575.1: iOS
SEC575.2: Android
SEC575.3: Static Application Analysis
SEC575.4: Dynamic Mobile Application Analysis and Manipulation
SEC575.5: Penetration Testing
SEC575.6: Hands-on Capture-the-Flag Event

SEC575: iOS and Android Application Security Analysis and Penetration Testing