Sans Security Roadmap

1
S A N S T R A I N I N G A N D Y O U R C A R E E R R O A D M A P SECURITY CURRICULUM Incident Handling SEC501 Advanced Security Essentials – Enterprise Defender GCED SEC504 Hacker Techniques, Exploits, and Incident Handling GCIH Additional Incident Handling Courses SEC517: Cutting-Edge Hacking Techniques System Administration SEC505 Securing Windows GCWN SEC509 Securing Oracle SEC501 Advanced Security Essentials – Enterprise Defender GCED SEC506 Securing Linux/Unix GCUX Additional System Administration Courses SEC434: Log Management In-Depth SEC464: Hacker Detection for Systems Administrators with Continuing Education Program SEC531: Windows Command-Line Kung Fu In-Depth for Info Sec Pros SEC546: IPv6 Essentials SEC569: Combating Malware in the Enterprise Network Security SEC501 Advanced Security Essentials – Enterprise Defender GCED SEC566 Implementing & Auditing the Twenty Critical Security Controls - In-Depth SEC401 SANS Security Essentials Bootcamp Style GSEC SEC301 Intro to Information Security GISF Beginners Additional Network Security Courses SEC440: 20 Critical Security Controls: Planning, Implementing, and Auditing SEC556: Comprehensive Packet Analysis Intrusion Analysis SEC502 Perimeter Protection In-Depth GCFW SEC501 Advanced Security Essentials – Enterprise Defender GCED SEC503 Intrusion Detection In-Depth GCIA Additional Intrusion Analysis Courses SEC577: Virtualization Security Fundamentals Penetration Testing SEC540 VoIP Security SEC504 Hacker Techniques, Exploits, and Incident Handling GCIH SEC560 Network Pen Testing and Ethical Hacking GPEN SEC542 Web App Pen Testing and Ethical Hacking GWAPT SEC617 Wireless Ethical Hacking, Pen Testing, and Defenses GAWN SEC660 Advanced Penetration Testing, Exploits, and Ethical Hacking Additional Penetration Testing Courses SEC580: Metasploit Kung Fu for Enterprise Pen Testing SEC710: Advanced Exploit Development SEC301 NOTE: If you have experience in the eld, please consider our more advanced course – SEC401. FOR508 Advanced Computer Forensic Analysis & Incident Response GCFA FOR408 Computer Forensic Investigations - Windows In-Depth GCFE FOR508 Advanced Computer Forensic Analysis & Incident Response GCFA Additional Forensics Courses FOR526: Advanced Filesystem Recovery and Memory Forensics FOR610 REM: Malware Analysis Tools & Techniques GREM Additional Audit Courses AUD305: Technical Communication & Presentation Skills AUD429: IT Security Audit Essentials Bootcamp AUD440: 20 Critical Security Controls: Planning, Implementing, and Auditing AUD521: Meeting the Minimum: PCI/DSS 2.0: Becoming and Staying Compliant AUDIT CURRICULUM LEGAL CURRICULUM MANAGEMENT CURRICULUM Additional Management Courses MGT305: Technical Communication and Presentation Skills for Security Professionals MGT405: Critical Infrastructure Protection MGT411: SANS 27000 Implementation & Management G2700 MGT421: SANS Leadership and Management Competencies MGT432: Information Security for Business Executives MGT433: Securing The Human: Building and Deploying an Eective Security Awareness Program MGT438: How to Establish a Security Awareness Program MGT442: Information Security Risk Management MGT514: Information Security Policy – In Depth MGT520: IT Security Strategic Planning FORENSICS CURRICULUM GIAC certi cation available for courses indicated with GIAC acronyms APPSEC CURRICULUM Secure Coding General / Management DEV304 Software Security Awareness Design & Test DEV522 Defending Web Applications Security Essentials GWEB SEC542 Web App Pen Testing and Ethical Hacking GWAPT FOR563 Mobile Device Forensics FOR558 Network Forensics LEG523 Law of Data Security and Investigations GLEG MGT525 Project Management and Eective Communications for Security Professionals and Managers GCPM MGT414 SANS® +S™ Training Program for the CISSP® Certication Exam GISP MGT512 SANS Security Leadership Essentials For Managers with Knowledge Compression™ GSLC SEC401 SANS Security Essentials Bootcamp Style GSEC SEC301 Intro to Information Security GISF AUD507 Auditing Networks, Perimeters, and Systems GSNA AUD566 Implementing & Auditing the Twenty Critical Security Controls – In-Depth AUD407 Foundations of Auditing Information Systems SEC401 SANS Security Essentials Bootcamp Style GSEC SEC401 SANS Security Essentials Bootcamp Style GSEC SEC301 Intro to Information Security GISF SEC301 Intro to Information Security GISF SEC301 Intro to Information Security GISF DEV530 Essential Secure Coding in Java/JEE (2-Day Course) DEV541 Secure Coding in Java/JEE (4-Day Course) GSSP-JAVA JAVA DEV543 Secure Coding in C C & C++ DEV545 Secure Coding in PHP PHP DEV536 Secure Coding for PCI Compliance PCI DEV532 Essential Secure Coding in .NET (2-Day Course) DEV544 Secure Coding in .NET (4-Day Course) GSSP-.NET .NET

Transcript of Sans Security Roadmap

Page 1: Sans Security Roadmap

S A N S T R A I N I N G A N D Y O U R C A R E E R R O A D M A PS E C U R I T Y C U R R I C U L U MIncident Handling

SEC501Advanced Security

Essentials – Enterprise Defender

GCED

SEC504Hacker Techniques,

Exploits, and Incident Handling

GCIH

Additional Incident Handling CoursesSEC517: Cutting-Edge Hacking Techniques

System AdministrationSEC505

Securing Windows

GCWN

SEC509Securing Oracle

SEC501Advanced Security

Essentials – Enterprise Defender

GCED

SEC506Securing

Linux/Unix

GCUX

Additional System Administration CoursesSEC434: Log Management In-DepthSEC464: Hacker Detection for Systems Administrators with

Continuing Education Program

SEC531: Windows Command-Line Kung Fu In-Depth for Info Sec Pros SEC546: IPv6 Essentials

SEC569: Combating Malware in the Enterprise

Network SecuritySEC501

Advanced Security Essentials –

Enterprise DefenderGCED

SEC566Implementing &

Auditing the Twenty Critical Security

Controls - In-Depth

SEC401SANS Security

Essentials Bootcamp Style

GSEC

SEC301Intro to Information

SecurityGISF

Beginners

Additional Network Security CoursesSEC440: 20 Critical Security Controls:

Planning, Implementing, and AuditingSEC556: Comprehensive Packet Analysis

Intrusion AnalysisSEC502

Perimeter Protection In-Depth

GCFW

SEC501Advanced Security

Essentials – Enterprise Defender

GCED

SEC503Intrusion Detection In-Depth

GCIA

Additional Intrusion Analysis CoursesSEC577: Virtualization Security Fundamentals

Penetration Testing

SEC540VoIP Security

SEC504Hacker Techniques,

Exploits, and Incident Handling

GCIH

SEC560Network Pen

Testing and Ethical Hacking

GPEN

SEC542Web App Pen

Testing and Ethical Hacking

GWAPT

SEC617Wireless Ethical

Hacking, Pen Testing, and Defenses

GAWN

SEC660Advanced

Penetration Testing, Exploits, and

Ethical Hacking

Additional Penetration Testing CoursesSEC580: Metasploit Kung Fu for Enterprise Pen Testing SEC710: Advanced Exploit Development

SEC301 NOTE: If you have experience in the !eld, please consider our more advanced course – SEC401.

FOR508Advanced Computer Forensic Analysis & Incident Response

GCFA

FOR408Computer Forensic

Investigations - Windows In-Depth

GCFE

FOR508Advanced Computer Forensic Analysis & Incident Response

GCFA

Additional Forensics CoursesFOR526: Advanced Filesystem Recovery and

Memory Forensics

FOR610REM: Malware

Analysis Tools & Techniques

GREM

Additional Audit CoursesAUD305: Technical Communication & Presentation Skills AUD429: IT Security Audit Essentials Bootcamp AUD440: 20 Critical Security Controls:

Planning, Implementing, and AuditingAUD521: Meeting the Minimum: PCI/DSS 2.0:

Becoming and Staying Compliant

A U D I T C U R R I C U L U M

L E G A L C U R R I C U L U M

M A N A G E M E N T C U R R I C U L U M

Additional Management CoursesMGT305: Technical Communication and Presentation Skills for Security Professionals MGT405: Critical Infrastructure Protection MGT411: SANS 27000 Implementation & Management G2700 MGT421: SANS Leadership and Management Competencies MGT432: Information Security for Business ExecutivesMGT433: Securing The Human: Building and Deploying an E!ective Security Awareness ProgramMGT438: How to Establish a Security Awareness ProgramMGT442: Information Security Risk ManagementMGT514: Information Security Policy – In Depth MGT520: IT Security Strategic Planning

F O R E N S I C S C U R R I C U L U M

GIAC certi!cation available for courses

indicated with GIAC acronyms

A P P S E C C U R R I C U L U MSecure Coding

General / Management

DEV304Software Security

Awareness

Design & TestDEV522

Defending Web Applications

Security EssentialsGWEB

SEC542Web App

Pen Testing and Ethical Hacking

GWAPT

FOR563Mobile Device

Forensics

FOR558Network Forensics

LEG523Law of Data Security

and InvestigationsGLEG

MGT525Project Management

and E!ective Communications for

Security Professionals and Managers

GCPM

MGT414SANS® +S™

Training Program for the

CISSP® Certi"cation ExamGISP

MGT512SANS Security

Leadership Essentials For Managers

with Knowledge Compression™

GSLC

SEC401SANS Security Essentials

Bootcamp StyleGSEC

SEC301Intro to

Information SecurityGISF

AUD507Auditing Networks,

Perimeters, and Systems

GSNA

AUD566 Implementing &

Auditing the Twenty Critical Security

Controls – In-Depth

AUD407Foundations of Auditing

Information Systems

SEC401SANS Security Essentials

Bootcamp StyleGSEC

SEC401SANS Security Essentials

Bootcamp StyleGSEC

SEC301Intro to

Information SecurityGISF

SEC301Intro to

Information SecurityGISF

SEC301Intro to

Information SecurityGISF

DEV530Essential Secure

Coding in Java/JEE

(2-Day Course)

DEV541Secure Coding

in Java/JEE (4-Day Course)

GSSP-JAVA

JAVA

DEV543Secure Coding

in C

C & C++

DEV545Secure Coding

in PHP

PHP

DEV536Secure Coding for

PCI Compliance

PCI

DEV532Essential

Secure Coding in .NET

(2-Day Course)

DEV544Secure Coding

in .NET (4-Day Course)

GSSP-.NET

.NET

http://www.sans.org/security-training/intro-information-security-106-mid
http://www.sans.org/security-training/intro-information-security-106-mid
http://www.sans.org/security-training/intro-information-security-106-mid
http://www.sans.org/security-training/intro-information-security-106-mid
http://www.sans.org/security-training/intro-information-security-106-mid
http://www.sans.org/security-training/security-essentials-bootcamp-style-61-mid
http://www.sans.org/security-training/security-essentials-bootcamp-style-61-mid
http://www.sans.org/security-training/security-essentials-bootcamp-style-61-mid
http://www.sans.org/security-training/security-essentials-bootcamp-style-61-mid
http://www.sans.org/security-training/hacker-techniques-exploits-incident-handling-40-mid
http://www.sans.org/security-training/hacker-techniques-exploits-incident-handling-40-mid
http://www.sans.org/security-training/advanced-security-essentials-enterprise-defender-1102-mid
http://www.sans.org/security-training/advanced-security-essentials-enterprise-defender-1102-mid
http://www.sans.org/security-training/advanced-security-essentials-enterprise-defender-1102-mid
http://www.sans.org/security-training/advanced-security-essentials-enterprise-defender-1102-mid
http://www.sans.org/security-training/advanced-computer-forensic-analysis-incident-response-98-mid
http://www.sans.org/security-training/advanced-computer-forensic-analysis-incident-response-98-mid
http://www.sans.org/security-training/network-penetration-testing-ethical-hacking-937-mid
http://www.sans.org/security-training/voip-security-917-mid
http://www.sans.org/security-training/web-app-penetration-testing-ethical-hacking-942-mid
http://www.sans.org/security-training/web-app-penetration-testing-ethical-hacking-942-mid
http://www.sans.org/security-training/wireless-ethical-hacking-penetration-testing-defenses-3-mid
http://www.sans.org/security-training/advanced-penetration-testing-exploits-ethical-hacking-1517-mid
http://www.sans.org/security-training/implementing-auditing-twenty-critical-security-controls-in-depth-1362-mid
http://www.sans.org/security-training/perimeter-protection-in-depth-17-mid
http://www.sans.org/security-training/intrusion-detection-in-depth-43-mid
http://www.sans.org/security-training/securing-windows-77-mid
http://www.sans.org/security-training/securing-linux-unix-76-mid
http://www.sans.org/security-training/securing-oracle-74-mid
http://www.sans.org/security-training/computer-forensic-investigations-windows-in-depth-1207-mid
http://www.sans.org/security-training/network-forensics-1227-mid
http://www.sans.org/security-training/mobile-device-forensics-1297-mid
http://www.sans.org/security-training/reverse-engineering-malware-malware-analysis-tools-techniques-54-mid
http://www.sans.org/security-training/defending-web-applications-security-essentials-1442-mid
http://www.sans.org/security-training/software-security-awareness-1027-mid
http://www.sans.org/security-training/secure-coding-java-jee-developing-defensible-applications-912-mid
http://www.sans.org/security-training/essential-secure-coding-java-jee-1332-mid
http://www.sans.org/security-training/secure-coding-c-plus-plus-1497-mid
http://www.sans.org/security-training/secure-coding-php-developing-defensible-applications-1117-mid
http://www.sans.org/security-training/secure-coding-net-developing-defensible-applications-1147-mid
http://www.sans.org/security-training/essential-secure-coding-aspnet-1502-mid
http://www.sans.org/security-training/secure-coding-pci-compliance-707-mid
http://www.sans.org/security-training/foundations-auditing-information-systems-1542-mid
http://www.sans.org/security-training/auditing-networks-perimeters-systems-6-mid
http://www.sans.org/security-training/implementing-auditing-twenty-critical-security-controls-in-depth-1362-mid
http://www.sans.org/security-training/law-data-security-investigations-122-mid
http://www.giac.org
http://www.sans.org/security-training/security-leadership-essentials-managers-knowledge-compression-62-mid
http://www.sans.org/security-training/project-management-effective-communications-security-professionals-managers-94-mid
http://www.sans.org/security-training/sans-plus-s-training-program-cissp-certification-exam-66-mid
http://www.sans.org/security-training/courses.php?&pcs=2
http://www.sans.org/security-training/courses.php?&pcs=2
http://www.sans.org/security-training/courses.php?&pcs=2
http://www.sans.org/security-training/courses.php?&pcs=2
http://www.sans.org/security-training/courses.php?&pcs=2
http://www.sans.org/security-training/courses.php?&pcs=2
http://www.sans.org/security-training/courses.php?&pcs=2

Web Application Security Roadmap

Web Application Security Roadmap

SANS SCADA and Process Control Security Survey...SANS SCADA and Process Control Security Survey February 2013 A SANS Whitepaper Written by: Matthew E. Luallen Advisor: Barbara Filkins

SANS SCADA and Process Control Security Survey...SANS SCADA and Process Control Security Survey February 2013 A SANS Whitepaper Written by: Matthew E. Luallen Advisor: Barbara Filkins

A.ghahrood Cert ( MS_Comptia _ SANS _ Cyber Security Org 2015)

A.ghahrood Cert ( MS_Comptia _ SANS _ Cyber Security Org 2015)

SANS Security Awareness License Agreement

SANS Security Awareness License Agreement

Food Security and Nutrition Roadmap

Food Security and Nutrition Roadmap

SANS 2017 Cyber Security Trend Report Checklist

SANS 2017 Cyber Security Trend Report Checklist

SANS 2021 Cloud Security Survey

SANS 2021 Cloud Security Survey

A New World of Endpoint Security - SANS Institute

A New World of Endpoint Security - SANS Institute

Taking Control of Your Application Security - blogs.sans.org · • Application Security Curriculum Manager, SANS Institute SANS Certified Instructor, Author • Senior Security Consultant,

Taking Control of Your Application Security - blogs.sans.org · • Application Security Curriculum Manager, SANS Institute SANS Certified Instructor, Author • Senior Security Consultant,

Sans Enterprise Security Manager

Sans Enterprise Security Manager

Security West SANS SECURITY WEST 2015 · PDF file1 All SANS attendees receive complimentary high-speed Internet when booking in the SANS block. ... SEC504 Hacker Tools, Techniques,

Security West SANS SECURITY WEST 2015 · PDF file1 All SANS attendees receive complimentary high-speed Internet when booking in the SANS block. ... SEC504 Hacker Tools, Techniques,

SANS: Roadmap to creating a World-Class Security Operations Center - Infographic

SANS: Roadmap to creating a World-Class Security Operations Center - Infographic

[TECHNOLOGY ROADMAP FOR CYBERSPACE SECURITY] · KEMENTERIAN SAINS, TEKNOLOGI & INOVASI, MALAYSIA Technology Roadmap for Cyberspace Security 1. Introduction to Cyberspace Security

[TECHNOLOGY ROADMAP FOR CYBERSPACE SECURITY] · KEMENTERIAN SAINS, TEKNOLOGI & INOVASI, MALAYSIA Technology Roadmap for Cyberspace Security 1. Introduction to Cyberspace Security

SANS Institute InfoSec Reading Room - ZenK-Security

SANS Institute InfoSec Reading Room - ZenK-Security

Routing Security Roadmap - LACNIC

Routing Security Roadmap - LACNIC

SANS European Security Awareness Summit 2017 @SecureTheHuman securingthehuman.sans.org info@securingthehuman.org SECURING THE HUMAN ENDPOINT 6˜7 DEC SANS European Security Awareness

SANS European Security Awareness Summit 2017 @SecureTheHuman securingthehuman.sans.org [email protected] SECURING THE HUMAN ENDPOINT 6˜7 DEC SANS European Security Awareness

Ten Tenets of Security Success - SANS · • 27002 –Code of practice ... •Attributed to Q4 BYOD pilot. SANS Security Leadership Summit #9 Master Your Message. SANS Security Leadership

Ten Tenets of Security Success - SANS · • 27002 –Code of practice ... •Attributed to Q4 BYOD pilot. SANS Security Leadership Summit #9 Master Your Message. SANS Security Leadership

SANS 2013 Critical Security Controls Survey

SANS 2013 Critical Security Controls Survey

Future SOC: SANS 2017 Security Operations Center Survey · SANS 2017 Security Operations Center Survey. Security operations centers (SOCs) are growing up, according to our new SANS

Future SOC: SANS 2017 Security Operations Center Survey · SANS 2017 Security Operations Center Survey. Security operations centers (SOCs) are growing up, according to our new SANS

Continuous Security: Monitoring & Active Defense in the Cloud · • Application Security Curriculum Manager, SANS Institute – SANS Certified Instructor – Contributing author

Continuous Security: Monitoring & Active Defense in the Cloud · • Application Security Curriculum Manager, SANS Institute – SANS Certified Instructor – Contributing author