نویسنده: Admin

This course is designed to help students build and maintain a truly defensible security architecture, while taking them on a journey towards implementing Zero Trust principles, pillars and capabilities. There will be a heavy focus on leveraging current infrastructure and investment. Students will learn how to assess, re-configure and validate existing technologies to significantly improve their organizations’ prevention, detection and response capabilities, augment visibility, reduce attack surface, and even anticipate attacks in innovative ways. The course will also delve into some of the latest technologies and their capabilities, strengths, and weaknesses. You will come away with recommendations and suggestions that will aid in building a robust security infrastructure, layer by layer, across hybrid environments, as you embark on a journey towards Zero Trust. 23 Hands-On Labs + Capstone Secure the Flag Challenge

Syllabus

SEC530.1: Defensible Security Architecture and Engineering: A Journey Towards Zero Trust
SEC530.2: Network Security Architecture and Engineering
SEC530.3: Network-Centric Application Security Architecture
SEC530.4: Data-Centric Application Security Architecture
SEC530.5: Zero-Trust Architecture: Addressing the Adversaries Already in Our Networks
SEC530.6: Hands-On Secure the Flag Challenge

SEC530: Defensible Security Architecture and Engineering: Implementing Zero Trust for the Hybrid Enterprise

ادامه مطلب

Organizations are becoming multi cloud by choice or by chance. However, although each cloud provider is responsible for the security of the cloud, its customers are responsible for what they do in the cloud. Unfortunately, this means that security professionals must support hundreds of different services across multiple clouds. Many of these services are insecure by default, and few of them are consistent across the different clouds. Security teams need a deep understanding of each cloud’s services to lock them down. As the multicloud landscape rapidly evolves, security is constantly playing catch-up to avert disaster. SEC510: Public Cloud Security: AWS, Azure, and GCP solves this problem by teaching you the security nuances between the Big 3 cloud providers and how to securely configure their Platform as a Service (PaaS) / Infrastructure as a Service (IaaS) offerings. 20 Hands-On Labs + Bonus Challenges

Syllabus

SEC510.1: Cloud Identity and Access Management
SEC510.2: Cloud Virtual Networks
SEC510.3: Cloud Data Security
SEC510.4: Cloud Application Services and User Security
SEC510.5: Multicloud and Cloud Security Posture Management

SEC510: Public Cloud Security: AWS, Azure, and GCP

ادامه مطلب

Have fun learning Windows security and PowerShell scripting at the same time in course SEC505 at SANS. No prior PowerShell scripting experience is required. Attendees will have fun using generative AI to help write PowerShell scripts, including a fully functional ransomware script that attendees will write and unleash in their training virtual machines in order to learn about defenses against PowerShell malware. This is a course mainly for on-premises Windows environments, such as for GOV and MIL networks, but PowerShell is popular for Azure and AWS too. The course author, Jason Fossen, is a Faculty Fellow who has taught Windows security at SANS for more than 25 years and PowerShell for more than 15 years. Jason gives away his PowerShell scripts for free at https://BlueTeamPowerShell.com.

Syllabus

SEC505.1: Learn PowerShell Scripting for Security
SEC505.2: You Don’t Know THE POWER!
SEC505.3: PowerShell for WMI and Active Directory
SEC505.4: PowerShell DevOps and AI-Generated Code
SEC505.5: Certificates and Multifactor Authentication
SEC505.6: PowerShell Ransomware and Security

SEC505: Securing Windows and PowerShell Automation

ادامه مطلب

Become an Enterprise Defender! Enhance your knowledge and skills in the specific areas of network architecture defense, penetration testing, security operations, digital forensics and incident response, and malware analysis. SEC501: Advanced Security Essentials – Enterprise Defender is an essential course for members of security teams of all sizes. That includes smaller teams where you wear several (or all) hats and need a robust understanding of many facets of cybersecurity, and larger teams where your role is more focused, and gaining skills in additional areas adds to your flexibility and opportunities. This course concentrates on showing you how to examine the traffic that is flowing on your networks, look for indications of an attack, and perform penetration testing and vulnerability analysis against your enterprise to identify problems and issues before a compromise occurs. When a compromise does occur – and it will – you’ll be able to eradicate it because you will have already scoped your adversaries activities by collecting digital artifacts of their actions and analyzing malware they have installed on your systems. That done, you can then undertake the recovery and remediation steps that would have been pointless if your adversary had persisted on your network. 26 Hands-on Labs + Capstone CTF

Syllabus

SEC501.1: Defensible Network Architecture
SEC501.2: Penetration Testing
SEC501.3: Security Operations Foundations
SEC501.4: Digital Forensics and Incident Response
SEC501.5: Malware Analysis
SEC501.6: Enterprise Defender Capstone

SEC501: Advanced Security Essentials – Enterprise Defender

ادامه مطلب

More businesses than ever are moving sensitive data and shifting mission-critical workloads to the cloud, and not just to one cloud service provider (CSP). Something that is unclear to many, is that organizations are still responsible for securing their data and mission-critical applications in the cloud. The benefits in terms of cost and speed of leveraging a multi cloud platform to develop and accelerate delivery of business applications and analyze customer data can quickly be reversed if security professionals are not properly trained to secure the organization’s cloud environment and investigate and respond to the inevitable security breaches. New technologies introduce new risks. The SEC488 cloud security course helps your organization successfully navigate both the security challenges and opportunities presented by cloud services. 20 Hands-on Labs + CloudWars Capstone Challenge.

Syllabus

SEC488.1: Identity and Access Managment (IAM)
SEC488.2: Compute and Configuration Management
SEC488.3: Data Protection and Automation
SEC488.4: Networking and Logging
SEC488.5: Compliance, Incident Response, and Penetration Testing
SEC488.6: CloudWars

SEC488: Cloud Security Essentials

ادامه مطلب

SEC575 will prepare you to effectively evaluate the security of iOS and Android mobile devices, assess and identify flaws in mobile applications, and conduct a mobile device penetration test, which are all critical skills required to protect and defend mobile device deployments. You will learn how to pen test the biggest attack surface in your organization; dive deep into evaluating mobile apps and operating systems and their associated infrastructure; and better defend your organization against the onslaught of mobile device attacks.

Syllabus

SEC575.1: Device Architecture and Application Interaction

SEC575.2: The Stolen Device Threat and Mobile Malware

SEC575.3: Static Application Analysis

SEC575.4: Dynamic Mobile Application Analysis and Manipulation

SEC575.5: Mobile Penetration Testing

SEC575.6: Hands-on Capture-the-Flag Event

SEC575: iOS and Android Application Security Analysis and Penetration Testing

ادامه مطلب