Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training, Courses, and Resources
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

SANS Cyber Threat Intelligence Summit & Training 2026

  • Mon, Jan 26 - Mon, Feb 2, 2026
  • 12 Courses
  • English
Hilton Arlington Rosslyn The Key & Virtual (ET)
1900 Fort Myer Drive, Arlington, VA 22209
Cyber Threat Intelligence Summit & Training
Jump to:

Summit: January 26-27 | Training: January 28 – February 2

If You Work in Cyber Threat Intelligence, This is The Must-Attend Event of the Year

  • Slide 1 of 2
    Cyber Threat Intelligence Summit 2026: Summit Chairs
  • Slide 2 of 2
    Cyber Threat Intelligence Summit 2026: Summit Room

Join us for our 14th Annual SANS Cyber Threat Intelligence Summit – an event devoted solely to the tradecraft of cyber threat analysis and intelligence.

Gain fresh perspectives and insights from leading practitioners who will share the latest real-world case studies, innovative techniques, and practical solutions designed to challenge CTI assumptions and deepen your understanding.

A key highlight of the Summit is the curated networking, offering CTI professionals opportunities to connect, share ideas, and build lasting relationships. Don't just take our word for it – see what past attendees say about the CTI Summit below.

This summit is critical for anyone in CTI regardless of experience level. The various elements required to be successful are presented and thoroughly discussed. - Robert Morgan, LANL

What Attendees Say

  • Slide 1 of 4
    SANS consistently delivers the most exclusive, up-to-date content in the industry and the SANS CTI Summit 2025 is no exception.
    Philip-Andrei G.
  • Slide 2 of 4
    I left the Summit with an entire list of important action items. Incredible content overall!
    Ken Hensley
  • Slide 3 of 4
    The knowledge and insights I gained from this summit were outstanding. This is such a valuable event!
    Hiren Parekh
  • Slide 4 of 4
    The quality of the presentations at the SANS CTI Summit continues to be of the highest caliber each year, providing fresh, relevant, and valuable insights. Furthermore, the passion and commitment of the Summit Chairs, Board, and Selection Committee is evident, making the Summit the top convention and at the greatest value of the entire year for CTI Professionals.
    Alex A.
Slide 1 of 0
Early Bird Offer

Save $750 USD using the code "EarlyBirdNA" and pay for any 4-6 day course (excluding Beta Courses) by October 7, 2025.

Register

Summit and Course Registration

from $8,260 USD
In personIncludes
  • Course: Live Instructor Training with Hands-on Exercises
  • Course: DFIR NetWars Tournament with purchase of a course
  • Summit: Talks, Presentations and Workshops
  • Summit: Unmatched Networking
  • Summit: Evening Receptions
  • Summit: Access to Summit Exhibit Hall
  • Summit: Light Breakfast, Lunch, and Breaks with Snacks and Beverages
Select course to Enroll
Live onlineIncludes
  • Course: Virtual Live Instructor Training with Hands-On Exercises
  • Summit: Access to Select Talks
  • Summit: Interactive Chat on Slack
  • First Access to Approved Recordings and Decks
Select course to Enroll

Summit Registration Only

from Free
$525 USD*Prices exclude applicable local taxes
In personIncludes
  • Talks, Presentations and Workshops
  • Unmatched Networking
  • Evening Receptions
  • Access to Summit Exhibit Hall
  • Light Breakfast, Lunch, and Breaks with Snacks and Beverages
  • First Access to Approved Recordings and Decks
Attend In PersonLogin to register
Free
Live onlineIncludes
  • Access to Select Talks
  • Interactive Chat on Slack
  • First Access to Approved Recordings and Decks
Login to register
Important Dates
Refund Deadline:
Hotel Group Discount Deadline:

Courses

Looking for Group Purchasing? Contact Us

GIAC Certifications

2 Free practice tests when you add a certification exam attempt to your course. Available for select courses below.

Extra 4 Months of Course Access

Add OnDemand access for 4 months to help you prepare for your GIAC exam. Available for select courses below.

NetWars Tournament

Play two evenings of the DFIR NetWars Tournament. Free with purchase of a 4, 5, or 6 day course

Showing 9 of 12
Filter by:

SEC401: Security Essentials - Network, Endpoint, and Cloud

Essentials
SEC401Cyber Defense
SEC401: Security Essentials - Network, Endpoint, and Cloud
  • Starts 28 Jan 2026 at 8:30 AM ET
  • $8,780 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

SEC504: Hacker Tools, Techniques, and Incident Handling

Essentials
SEC504Offensive Operations
SEC504: Hacker Tools, Techniques, and Incident Handling
  • Starts 28 Jan 2026 at 8:30 AM ET
  • $8,780 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics

Intermediate
FOR508Digital Forensics and Incident Response
FOR508: Advanced Incident Response, Threat Hunting, and Digital Forensics
  • Starts 28 Jan 2026 at 8:30 AM ET
  • $8,780 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR500: Windows Forensic Analysis

Essentials
FOR500Digital Forensics and Incident Response
FOR500: Windows Forensic Analysis
  • Starts 28 Jan 2026 at 8:30 AM ET
  • $8,780 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response

Advanced
FOR572Digital Forensics and Incident Response
FOR572: Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response
  • Starts 28 Jan 2026 at 8:30 AM ET
  • $8,780 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR578: Cyber Threat Intelligence

Intermediate
FOR578Digital Forensics and Incident Response
FOR578: Cyber Threat Intelligence
  • Starts 28 Jan 2026 at 8:30 AM ET
  • $8,780 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR498: Digital Acquisition and Rapid Triage

Essentials
FOR498Digital Forensics and Incident Response
FOR498: Digital Acquisition and Rapid Triage
  • GIAC Battlefield Forensics and Acquisition
  • 6 Days
  • 36 CPEs
  • Eric Zimmerman
  • Starts 28 Jan 2026 at 8:30 AM ET
  • $8,780 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

SEC541: Cloud Security Threat Detection

Advanced
SEC541Cloud Security
SEC541: Cloud Security Attacker Techniques, Monitoring, and Threat Detection
  • Starts 28 Jan 2026 at 8:30 AM ET
  • $8,260 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

FOR608: Enterprise-Class Incident Response & Threat Hunting

Intermediate
FOR608Digital Forensics and Incident Response
FOR608: Enterprise-Class Incident Response & Threat Hunting
  • Starts 28 Jan 2026 at 8:30 AM ET
  • $8,780 USD (Course)
  • $999 USD (Certification)
  • *Prices exclude applicable local taxes

View course details
Log in to register:In-PersonVirtual

Advisory Board

Rebekah Brown

Rebekah Brown

Senior Researcher

Rebekah Brown has been instrumental in advancing cyber threat intelligence, serving as a network warfare analyst at the NSA, Operations Chief of a U.S. Marine Corps cyber unit, and training lead at U.S. Cyber Command.

Learn more
Rick Holland

Rick Holland

VP, CISO, Office of the CISO

Rick is a seasoned cybersecurity leader with a unique background as a practitioner, vendor executive, and Forrester Research industry analyst. Rick supports ReliaQuest's Office of the CISO and manages the global team responsible for ReliaQuest's threat intelligence and research efforts.

Learn more
Katie Nickels

Katie Nickels

Director of Intelligence

Katie is the Director of Intelligence at Red Canary. She has worked on cyber threat intelligence, network defense, and incident response for nearly a decade for the U.S. Department of Defense, MITRE, Raytheon, and ManTech.

Learn more

Hilton Arlington Rosslyn The Key

Hotel Special Rates and Reservations

A special discounted rate of $249.00 S/D plus applicable taxes will be honored based on space availability.

A limited number of Government Per Diem rooms at the prevailing rate are available with proper ID.

These rates include Internet in your room and are only available through Saturday, January 3, 2026.

SANS attendees will also receive a discounted parking rate of $20 per overnight with in-and-out privileges.

Book Reservation at Special Discounted RateBook A Per Diem Government Reservation
Hilton Arlington Rosslyn The Key

3 Reasons To Stay At The Event Venue

  • Ultimate Convenience

    Eliminate the hassle of daily commutes and wasted travel time. You’ll have everything you need—from your training to dining and amenities - all in one centralized, convenient location.

  • Seamless Networking Opportunities

    Stay where the action is! Maximize your chances to connect with fellow cybersecurity professionals and industry leaders - from impromptu conversations in the lobby to exclusive after-hours events.

  • All Day, All Event Access

    SANS live training events include bonus sessions exclusively at the venue. Staying on-site ensures you won’t miss these opportunities to grow your network and engage with peers beyond the conference agenda.

People Shaking Hands

More Information

test

Hilton Arlington Rosslyn The Key

The hotel is located just one mile from Georgetown and Georgetown Waterfront Park. The Arlington National Cemetery and shopping at The Crossing Clarendon are six minutes away. Washington DC and Ronald Reagan Washington National Airport are within eight miles. Enjoy views of DC and Potomac River, and on-site dining.

Hotel Check In
View Hotel

Venue Parking Rates

- Self-Parking: $45 per day Rates listed are prevailing and subject to change Alternative Parking Options - SANS recommends researching nearby parking facilities for more options. Some popular parking apps that can help you locate and reserve space during your training are SpotHero, ParkMobile, ParkWhiz Distances from Nearby Airports - Ronald Reagan Washington National Airport (DCA): Approximately 4 miles - Dulles International Airport (IAD): Approximately 2.8 miles

Travel Arrangements and Parking
Google Maps