Embed Size (px)
Citation preview
You are experienced in security, preparing for a specialized job role or focus2
1 You are experienced in technology, but need to learn hands-on, essential security skills and techniques
3 You are a candidate for specialized or advanced training
Training Roadmap | Development Paths
Baseline Skills Focus Job Roles Crucial Skills, Specialized RolesSANS’s comprehensive course offerings enable professionals to deepen their technical skills in key practice areas. The courses also address other topics and audiences, such as security training for software developers, industrial control engineers, and non-technical personnel in management, legal, and audit.
1b You will be responsible for managing security teams or implementations, but you do not require hands-on skills
All professionals entrusted with hands-on cybersecurity work should be trained to possess a common set of capabilities enabling them to secure systems, practice defense-in-depth, understand how attackers work, and manage incidents when they occur. To be secure, you should set a high bar for the baseline set of skills in your security organization.
Core Techniques
Every Security Professional Should KnowSecurity Essentials Bootcamp Style SEC401Security
EssentialsGSECCertification
Hacker Tools, Techniques, Exploits, and Incident Handling SEC504Hacker
TechniquesGCIHCertification
Prevent, Defend, Maintain
With an increasing number of talented technologists, organizations require effective leaders to manage their teams and processes. Those managers will not necessarily perform hands-on work, but they must know enough about the underlying technologies and frameworks to help set strategy, develop appropriate policies, interact with skilled practitioners, and measure outcomes.
Every Security Manager Should Know
Security ManagementManaging Technical Security Operations
SANS Security Leadership Essentials for Managers with Knowledge Compression™ MGT512Leadership
EssentialsGSLCCertification
Implementing and Auditing the Critical Security Controls – In-Depth SEC566Critical Controls GCCC
Certification
The detection of what is happening in your environment requires an increasingly sophisticated set of skills and capabilities. Identifying security anomalies requires increased depth of understanding to deploy detection and monitoring tools and to interpret their output.
Scan Packets & NetworksMonitoring & Detection Intrusion Detection, Monitoring
Over Time
Intrusion Detection In-Depth SEC503Intrusion Detection
GCIACertification
Continuous Monitoring and Security Operations SEC511Monitoring &
OperationsGMONCertification
The professional who can find weakness is often a different breed than one focused exclusively on building defenses. A basic tenet of red team/blue team deployments is that finding vulnerabilities requires a different way of thinking, and different tools, but is essential for defense specialists to improve their defenses.
Every Pen Tester Should KnowVulnerability Analysis, Ethical Hacking
Network Penetration Testing and Ethical Hacking SEC560Networks GPEN
CertificationWeb App Penetration Testing and Ethical Hacking SEC542Web Apps GWAPT
Certification
In-Depth Coverage
Other Advanced Pen Testing Courses
Advanced Penetration Testing, Exploit Writing, and Ethical Hacking SEC660
NetworksGXPNCertification
Advanced Exploit Development for Penetration Testers SEC760Advanced Web App Testing, Ethical Hacking, and Exploitation Techniques SEC642Web Apps
Mobile Device Security and Ethical Hacking SEC575Mobile GMOB
CertificationWireless Penetration Testing and Ethical Hacking SEC617Wireless GAWN
Certification
Advanced Penetration TestingAdvanced Techniques & Areas
Immersive Hands-on Hacking Techniques SEC561Hands-On
Ranges CyberCity Hands-on Kinetic Cyber Range Exercise SEC562Automating Information Security with Python SEC573Python for Pen
TestersGPYCCertification
Advanced ManagementAdvanced Leadership, Audit, LegalManagement Skills
IT Security Strategic Planning, Policy, and Leadership MGT514Planning, Policy,
LeadershipGSTRTCertification
Managing Security Operations: Detection, Response, and Intelligence MGT517Managing
OperationsIT Project Management, Effective Communication, and PMP® Exam Prep MGT525Project
ManagementGCPMCertification
Auditing and Monitoring Networks, Perimeters & Systems AUD507Audit & Monitor GSNA
CertificationLaw of Data Security and Investigations LEG523Law &
InvestigationsGLEGCertification
Audit & Legal
Intro to Information Security SEC301New to Cybersecurity
GISFCertification
MGT414CISSP® Training GISPCertification
SANS Training Program for CISSP® Certification
Penetration Testing
Advanced Security Essentials - Enterprise Defender SEC501Advanced Security
EssentialsGCEDCertification
Course Code
Course Title
GIAC CertificationQuick Summary
Industrial Control SystemsICS Security Professionals Need
NERC Protection
ICS/SCADA Security Essentials ICS410Essentials GICSPCertification
ICS Active Defense and Incident Response ICS515ICS Defense &
ResponseGRIDCertification
Essentials for NERC Critical Infrastructure Protection ICS456NERC Security
EssentialsGCIPCertification
Development & Secure CodingEvery Developer Should Know
Language-Specific Courses
Defending Web Applications Security Essentials DEV522Secure
Web AppsGWEBCertification
Secure Coding in Java/JEE: Developing Defensible Applications DEV541JAVA/JEE GSSP-JAVA
Certification
Secure Coding in .NET: Developing Defensible Applications DEV544.NET GSSP-.NET
Certification
Secure DevOps and Cloud Application Security DEV540Secure DevOps
Specialized Defensive Area
Cyber Defense OperationsHarden Specific Defenses
Other Advanced Defense Courses
Advanced Security Essentials – Enterprise Defender SEC501Advanced
GeneralistGCEDCertification
Cloud Security Architecture and Operations SEC545Cloud Security
Securing Windows and PowerShell Automation SEC505Windows/
PowershellGCWNCertification
Securing Linux/Unix SEC506Linux/ Unix Defense
GCUXCertification
Virtualization and Software-Defined Security SEC579Virtualized
Data Centers
SIEM with Tactical Analytics SEC555SIEM
Implementing and Auditing the Critical Security Controls – In-Depth SEC566Critical Controls GCCC
CertificationDefeating Advanced Adversaries -Implementing Kill Chain Defenses SEC599Threat Defense
Other Advanced Defense Courses
Whether you’re seeking to maintain a trail of evidence on host or network systems, or hunting for threats using similar techniques, larger organizations need specialized professionals who can move beyond first-response incident handling in order to analyze an attack and develop an appropriate remediation and recovery plan.
Incident Response & Threat HuntingEvery Forensics and IR Professional Should Know
Host & Network Forensics
Advanced Network Forensics and Analysis FOR572Network Forensics
GNFACertification
Adv. Incident Response & Threat Hunting FOR508Endpoint
ForensicsGCFEWindows
Forensics FOR500 GCFA|
Digital Forensics, Malware Analysis, & Threat IntelSpecialized Investigative SkillsMalware Analysis
Reverse-Engineering Malware: Malware Analysis Tools and Techniques FOR610Malware
AnalysisGREMCertification
Cyber Threat Intelligence FOR578Cyber Threat Intelligence
GCTICertification
Threat Intelligence
Memory Forensics In-Depth FOR526Memory Forensics
Mac Forensic Analysis FOR518Mac Forensics
Advanced Smartphone Forensics FOR585Smartphones GASFCertification
Digital Forensics & Media Exploitation
Certifications
http://www.sans.org/SEC401http://www.sans.org/SEC504
http://www.sans.org/SEC503http://www.sans.org/SEC511
http://www.sans.org/SEC560http://www.sans.org/SEC542
http://www.sans.org/FOR500
http://www.sans.org/MGT512http://www.sans.org/SEC566
http://www.sans.org/FOR572
http://www.sans.org/MGT414
http://www.sans.org/SEC301
http://www.sans.org/SEC501http://www.sans.org/SEC545http://www.sans.org/SEC505http://www.sans.org/SEC506http://www.sans.org/SEC579http://www.sans.org/SEC555
http://www.sans.org/SEC566http://www.sans.org/SEC599
http://www.sans.org/SEC660http://www.sans.org/SEC760
http://www.sans.org/SEC642http://www.sans.org/SEC575http://www.sans.org/SEC617
http://www.sans.org/SEC573
http://www.sans.org/SEC561http://www.sans.org/SEC562
http://www.sans.org/FOR610
http://www.sans.org/FOR578
http://www.sans.org/FOR585http://www.sans.org/FOR526http://www.sans.org/FOR518
http://www.sans.org/MGT514http://www.sans.org/MGT517http://www.sans.org/MGT525
http://www.sans.org/AUD507http://www.sans.org/LEG523
http://www.sans.org/DEV522http://www.sans.org/DEV540
http://www.sans.org/DEV541http://www.sans.org/DEV544
http://www.sans.org/ICS410http://www.sans.org/ICS515
http://www.sans.org/ICS456
http://www.sans.org/FOR508
https://www.giac.org/GCIPhttps://www.giac.org/GRIDhttps://www.giac.org/GICSP
https://www.giac.org/GSSP-.NEThttps://www.giac.org/GSSP-JAVA
https://www.giac.org/GWEBhttps://www.giac.org/GCED
https://www.giac.org/GCWNhttps://www.giac.org/GCUX
https://www.giac.org/GCCC
https://www.giac.org/GXPN
https://www.giac.org/GMOBhttps://www.giac.org/GAWN
https://www.giac.org/GPYC
https://www.giac.org/GREMhttps://www.giac.org/GCTI
https://www.giac.org/GASF
https://www.giac.org/GSTRT
https://www.giac.org/GCPMhttps://www.giac.org/GSNAhttps://www.giac.org/GLEG
https://www.giac.org/GPENhttps://www.giac.org/GWAPT
https://www.giac.org/GCFE
https://www.giac.org/GNFA
https://www.giac.org/GISPhttps://www.giac.org/GSLChttps://www.giac.org/GCCC
https://www.giac.org/GISF
https://www.giac.org/GSEChttps://www.giac.org/GCIH
https://www.giac.org/GCIAhttps://www.giac.org/GMON
https://www.giac.org/GCFA
