SEC598: SANS October Singapore 2024

Provided by

Enquire about this course

What You Will Learn

Our virtual organization, GLOBEX, is struggling with typical cybersecurity challenges. The organization is growing, moving towards multiple cloud environments, and supporting continuous deployment. You just got hired as a security expert and your manager tells you that our environment is increasingly complex and we are facing more and more cyber threats. We need you to focus on and improve our core security services with a limited security team.

SEC598: Security Automation for Offense, Defense, and Cloud will equip you with the expertise to apply automated solutions to prevent, detect, and respond to security incidents. The cybersecurity skill gap continues to push organizations to adopt automation to deal with security operations, so most automation training focuses exclusively on DevSecOps and automation tools/scripting. SEC598 takes another approach: students first train to understand the concept of automation, then learn how existing technologies can be best leveraged to build automation stories that translate repeatable problems to automated scripts.

SEC598 gives students real-world examples of how to automate tasks within complex environments. The course features more than 15 labs plus a capstone exercise where students develop automation stories to attack and defend a simulated organization. The six-part course starts with an introduction to security automation, describing concepts such as infrastructure as code, configuration management tooling, emulations, and playbook development. Students will then apply these concepts starting with the engineering process within hybrid environments. You will learn how to use different technologies to assess, deploy, and monitor environments, combining configuration management tools, infrastructure as code, security orchestration, automation and response (SOAR) engines, and cloud native services for automation. You will then learn how to use this automation specifically for offense and defensive by looking at certain techniques being used to emulate adversaries and automate security testing.

You will see how infrastructure as code enables red teamers to become more efficient and stealthier before we turn to a discussion of how certain defense techniques can be automated. There is no other training that offers such a comprehensive understanding and application of security automation to the spectrum of cyber security teams
You Will Learn
  • Prevention, detection, and response for specific attack techniques used by real-world adversaries and penetration testers
  • Offensive and defensive perspectives of these attack techniques through hands-on exercises
  • How to translate repeatable activities into automated tasks
  • How to improve the efficiency and effectiveness of a security operations team
  • Cloud security automation in AWS and Azure
  • Where to apply security automation and how to properly engineer your environment for automation
  • The power of leveraging automation in purple team exercises
You Will Be Able To
  • Understand the security issues that most organizations are facing today.
  • Translate security issues into smaller problems, define automated solutions for those specific problems, and then fully chain features that can be used to tackle multiple issues in an automated manner.
  • Use tools like Terraform, Ansible, CHEF Puppet, and many more to locally automate secure configurations, set a desired-state configuration, deploy infrastructure as code in different environments, and detect and respond to security incidents in an automated manner.
  • Evaluate real-world scenarios within a combination of on-premise and cloud environments using a reference framework that can be immediately used and implemented in your organization.


Start date Location / delivery
21 Oct 2024 Virtual Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...