Are you familiar with the SANS Promise? "Everyone who completes SANS training can apply the skills and knowledge they’ve learned the day they return to work." The end. Mic drop. Bam!
However you want to word it, the outcome is the same. In order for us to uphold our promise, our cybersecurity training courses are constantly undergoing updates to stay current, fresh, and relevant. This is no easy task for cloud since it changes so quickly!
Our flagship course that kicks off the cloud security training journey for thousands of professionals a year has just undergone another notable update. Continue reading for details on overall updates I've made, as well as section by section adjustments. I personally invite you to take the free course demo to try it on for size.
Image of a CD/CA Cloud Diagram
Screenshot of AWS account being linked to Microsoft Defender for Cloud with some compliance results under the “Regulatory Compliance” section.
Overall Course Updates
- 9% more content
- 2 brand-new labs, 2 removed labs, and ALL remaining labs refreshed
- 35% more GCP content
- SANS will provide AWS and Azure accounts to all students, regardless of modality
- Students will also receive instructions to create their own AWS and Azure accounts for continued learning and practicing of labs.
Section 1 Updates
- Moved some of the advanced account segmentation topics out of day 4 and moved here where it makes the most sense
- Added more GCP content to even out the day amongst the big three vendors.
- Shuffled some content around so it flows more logically from topic to topic
- Moved some of the "drier" material into the notes pages for more depth—this will help keep the material exciting to teach as the drier slide content was replaced with more interesting topics
- Labs are more reliable than ever before
Section 2 Updates
- More GCP again
- Shuffled some content around so it flows better
- Added some neat security automation content that also appears in one of the labs
Section 3 Updates
- A little more GCP content
- Renamed the CASB module to "CASBs, CWPPs, and CSPMs, Oh My!" (it now includes more types of security options
- Lab 3.4 (which was problematic before) has been replaced with a Cloud Custodian lab
Section 4 Updates
- Quite a bit more logging discussions and examples
- Shuffled some content around so it flows better
Section 5 Updates
- Shuffled some content around so it flows better
- Moved some of the "drier" material into the notes pages for more depth and replaced slide content with more interesting topics
- Merged Privacy and Risk Management modules into one: "Privacy and Risk Management"
- Moved lab 5.2 to 5.1
- Created a new lab 5.2 (Fun with Functions) showing how defenders can automate some of their work
- Split penetration testing module into two: "Preparing for Cloud Penetration Tests" and "Conducting Cloud Penetration Tests"
Section 6 Updates
CloudWars has been converted to run on the SANS ranges.io platform. Why does this matter to you? Ranges.io collects a history for each student. Therefore, over time, you can access your history of various activities you’ve participated in, which you can reference (and show off) later.
Diagram of SEC488 Lab Flow by Section and by Lab
Screenshot of “Challenge 4: Test the WAF Rules”
About This Cloud Security Course | SEC488: Cloud Security Essentials
This cloud security training course is designed to be your “license to learn cloud security”, in other words, the starting point for your journey into the depths of cloud security. It covers AWS, Azure, GCP, and touches on other cloud service providers, as well. Over 6 days, you will experience 36 hours of lecture and hands-on labs that is current, relevant, and necessary to understand and support your organization’s cloud security posture. Review this entire cloud security course syllabus at sans.org/cyber-security-courses/cloud-security-essentials/
About This Cloud Security Certification | GCLD
The GCLD cloud security certification validates a practitioner's ability to implement preventive, detective, and reactionary techniques to defend valuable cloud-based workloads. The exam covers:
- Evaluation of cloud service provider similarities, differences, challenges, and opportunities
- Planning, deploying, hardening, and securing single and multi-cloud environments
- Basic cloud resource auditing, security assessment, and incident response
To learn more about the GIAC GCLD Cloud Security Certification, please visit giac.org/certifications/cloud-security-essentials-gcld/
