Final Days to get an iPad Mini 4, a Galaxy Tab A, or Take $250 Off with Online Training - Register by 9/27!

Cyber Defence Courses

SANS is the world's largest provider of cyber security training. We have over 125,000 alumni and operate within more than 35 countries.

Many large organisations, military departments and government offices trust SANS to help them protect their digital assets. Our Cyber Defence training is:

  • Designed to protect - SANS focusses on sharing the skills needed to detect and respond to cutting edge threats.
  • Practical and skills-based - We teach deployable skills - not just theory.
  • Led by experts - SANS Instructors are respected authorities in Cyber Defence.
  • Accessible and flexible - Students can choose different modes of training including classroom sessions and Online learning options.
  • Updated regularly - All our training content is refreshed frequently to account for the latest threats and malicious tactics.

Click here to jump to our full Cyber Defence course list

Why SANS Cyber Defence Training?

Instructors

SANS training is designed to be hands-on. Rather than just sharing well-known theories, our courses place a high emphasis on re-enacting an attack or defence situation.

SANS Instructors are all confirmed experts in their respective fields. They're intimately acquainted with the dominant threats organisations face, and fully understand how to deploy strong defences.

To see what previous Cyber Defence students say about training, read our Testimonials.

Courseware

SANS provides students with a wide selection of courseware and supporting resources.

Highlights across the Cyber Defence Curriculum include:

Textbooks - Courseware textbooks are written by SANS security experts. They're an invaluable resource for rehearsing what's been learned, and preparing for a GIAC open-book examination.

Toolsets - Courses are hands-on and focus on using the industry's dominant tools. If a classroom session draws on an open source application, we provide students with a copy. If the tool is commercial, we provide a trial version.

Virtual machines - Many lab exercises take place in virtualised environments. We provide students with a duplicate of the environment so they can recreate the exercise.

Cheat sheets and posters - To help students deploy what they've learned, we provide additional printed resources.

All Courses - Studying for Cyber Defence

Training Delivery

To ensure our training is accessible to all, SANS offers different routes to taking a Cyber Defence Course.

We hold Training Events which are classroom style training sessions led by a SANS Instructor and open to all. Students have the additional opportunity to win a Cyber Defence Coin at a Training Event.

If flexibility is needed, students can take SANS training Online. Our learning programme allows students to study on a laptop or tablet, at their own pace, and in their own time.

If an organisation has more than 25 students who need training, we can arrange for a SANS Instructor to deliver a course in an organisation's HQ or training centre through our Private Training option.

Questions about SANS Training? Read our FAQs here.

Certification

Many SANS Cyber Defence Training courses are aligned with GIAC Certifications. The Global Information Assurance Certification is an accreditation body that certifies the skills of cyber security professionals.

GIAC Certifications are recognised globally. Professionals who possess them are actively sought by corporate, government and military employers.

SANS Cyber Defence Courses

SANS Cyber Defence Curriculum courses fall into three categories - Core, Advanced and Specialist.

SANS Core Cyber Defence Courses

For those just beginning a career in Cyber Security, SEC301 provides a focussed and efficient path to understanding the discipline's core, foundational principles.

SANS' most popular course is SEC401: Security Essentials Bootcamp. A cyber defender's core mission is protecting an organisation's critical assets and infrastructure. This course teaches these invaluable skills.

SANS Advanced Cyber Defence Courses

SANS SEC501 builds on key skills from SEC401. This course focusses on preventing, detecting and reacting to attacks - quickly. By the end of SEC501 students will be able to build a fully defensible enterprise network.

Those looking to specialise further in network protection should explore SEC502. It teaches engineering perimeter protection so a network will be better equipped to withstand attacks.

SEC503 teaches how to identify anomalous network traffic and to fix the issue before it becomes a problem.

SEC505 is for students who work in an environment where Windows is the dominant operating system. This course teaches operating system and application hardening techniques.

Linux and Unix-like operating systems often form the backbone of enterprise networks. SEC506 teaches how to reduce Linux/Unix's attack surfaces through, for example, disabling unnecessary services.

SANS Specialist Cyber Defence Courses

SEC511 teaches the current best practice in relation to modern security architectures, and the techniques used by adversaries to penetrate systems.

SEC440 is designed to help master Critical Security Controls, as outlined by the Council on CyberSecurity. These are the bedrock of a reliable audit process. Audit skills can be further enhanced by taking SEC566.

SEC550 is founded on DARPA's Active Defense Harbinger Distribution Linux environment. Using ADHD, students learn how to interfere with hackers' reconnaissance and how to retaliate and compromise an attacker.

Finally, MGT414 provides an opportunity to prepare for a CISSP Certification Examination.


Cyber Defence Curriculum
Course Certification
Level 1 SEC301: Intro to Information Security GISF
Level 2 SEC401: Security Essentials Bootcamp Style GSEC
Level 3 SEC501: Advanced Security Essentials - Enterprise Defender GCED
SEC503: Intrusion Detection In-Depth GCIA
SEC505: Securing Windows and PowerShell Automation GCWN
SEC506: Securing Linux/Unix GCUX
Specialty Courses SEC440: Critical Security Controls: Planning, Implementing, and Auditing
SEC480: Top 4 Mitigation Strategies: Implementing & Auditing
SEC511: Continuous Monitoring and Security Operations GMON
SEC550: Active Defense, Offensive Countermeasures and Cyber Deception
SEC566: Implementing and Auditing the Critical Security Controls - In-Depth GCCC
MGT414: SANS Training Program for CISSP® Certification GISP

Training Events Offering Cyber Defence Courses
Event Dates Register
SANS Copenhagen 2017 Sep 25 - Sep 30, 2017  
SANS London September 2017 Sep 25 - Sep 30, 2017  
SANS DFIR Prague Summit & Training 2017 Oct 02 - Oct 08, 2017  
SANS Brussels Autumn 2017 Oct 16 - Oct 21, 2017  
SANS Berlin 2017 Oct 23 - Oct 28, 2017  
SANS Gulf Region 2017 Nov 04 - Nov 16, 2017  
SANS Paris November 2017 Nov 13 - Nov 18, 2017  
SANS London November 2017 Nov 27 - Dec 02, 2017  
SANS Khobar 2017 Dec 02 - Dec 07, 2017  
SANS Munich December 2017 Dec 04 - Dec 09, 2017  
SANS Amsterdam January 2018 Jan 15 - Jan 20, 2018  
SANS London February 2018 Feb 05 - Feb 10, 2018  
Online Training: SANS OnDemand
Private Training
Event Dates Register
Private Training Course of Your Choice Your Choice