SEC557: SANS Frankfurt May 2023

Provided by

Enquire about this course

What You Will Learn

Measure what matters, not what's easy.

Students learn to measure compliance by working with, not against, the technologies used in the modern enterprise. Working with the Cloud Compliance Roadmap, students will discover the important compliance issues which their enterprise will face. Using the command-line and web-console-based tools, students will learn to gather, analyze and visualize metrics for use by all parts of the organization: short-term tactical data for operations and strategic data for management of all levels.

SEC557 focuses on what's most important during all phases of your cloud compliance journey, utilizing a thoughtful plan for gathering the most important metrics and building compliance maturity as the organization is ready. The roadmap covers identity and access management, storage, compute, networking, infrastructure and other important compliance areas, and the course teaches students how to develop and present useful information in each of these areas.

  • Ensure compliant operations no matter where you are in your cloud journey
  • Reduce cost of compliance by leveraging the tools you already pay for
  • Receive comprehensive compliance coverage with fewer gaps than manual testing
  • Achieve high value by prioritizing measurement efforts
  • Follow a comprehensive roadmap for measuring compliance
  • Understand the important settings and metrics for AWS, Azure and Google Cloud
  • Use tools native to the major cloud providers to ensure compliant operations
  • "Live off the land" by leveraging the tools and techniques already in use in the organization
  • Measure security and compliance in cloud services and infrastructure
  • Obtain compliance data quickly using cloud provider web consoles and command-line tools
  • Gather information from web APIs and security tools
  • Build a toolkit of multi-cloud compliance tools
  • Visualize data for rapid consumption
  • Prioritize compliance efforts to deliver the most value
  • Perform compliance measurements against AWS, Azure and Google Cloud
  • Reduce the time and effort required to gather and report on security and compliance data
  • Slice and dice structured data like JSON to extract relevant data
  • Visualize data for tactical operations and strategic management consumption
  • Automate compliance data gathering
  • Know when to automate and when to perform manual analysis

SEC557 is a lab-intensive class, with a goal of having students spend 40% or more of their time at the keyboard. Using target ranges in AWS and Azure, students learn to use the cloud providers' command-line interfaces, web consoles, and APIs to gather, process and visualize important compliance data. Students will use multi-cloud-capable third party tools and cloud-native tools to perform complete assessments of the target environments and leave the class with the skills needed to assess their organizations as soon as they are back at work.

  • Quick Wins in Cloud Compliance: AWS, live stream with AJ Yawn
  • Quick Wins in Cloud Compliance: Azure, live stream with Simon Vernon
  • Quick Wins in Cloud Compliance: GCP, live stream with Kat Traxler
  • Powershell for Enterprise and Cloud Compliance, cheat sheet
  • PowerShell for Audit, Compliance and Security Automation, and Visualization: 3 Part Webcast Series. Start the webcast series here.
  • PowerShell for Audit, Compliance and Security Automation and Visualization: 3 Part Blog Series. Start the blog series here.


Start date Location / delivery
08 May 2023 Frankfurt Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...