SEC488: Cyber Security Training at SANS Cyber Security Mountain: Mar 2025

Provided by

Enquire about this course

What You Will Learn
Essential knowledge for a secure cloud environment

Attackers are targeting everything that uses code to compute, making insecure cloud environments highly vulnerable to breaches. SEC488 is your solution for securely migrating to the cloud and continuously enhancing cloud security. This course offers comprehensive cloud security knowledge, delivering quick and powerful results in areas such as identity guardrails, cloud storage, virtual machines, automation, remote management, cloud logging, legal and contractual requirements, and more. Safeguarding critical issues like Identity and Access Management (IAM) and securing S3 Buckets are crucial for mitigating risks associated with lift-and-shift transitions.

Maximize your time and resources with this curated, hands-on course that goes beyond theory. Engage in fun, interactive, live-fire labs within actual cloud service provider (CSP) environments on both AWS and Azure. Learn to effectively limit and mitigate the impact of cloud security breaches, preventing issues like service shutdowns due to computational limits or excessive charges from unauthorized covert bitcoin mining operations. Enhance compliance, protect your organization's reputation and assets, and strengthen your security posture while boosting employee retention and team knowledge with SEC488.

"Solid content, good pace, and great explanations, plus it's helpful to see how all of these cloud and security concepts can be integrated and applied in real life."- Craig Harris, SMBC
What Is Cloud Security?

Cloud security involves adapting traditional security practices to the public cloud environment by leveraging the shared responsibility model. It requires applying vendor-provided controls to protect applications, data, and brand within the cloud environment. Effective cloud security includes Identity and Access Management (IAM), data protection, network security, and continuous monitoring to safeguard cloud resources and maintain a strong security posture.
Business Takeaways
  • Decrease your risk profile while operating in cloud environments
  • Protect your computational power and thereby your budget
  • Improve cloud security compliance
  • Become more efficient through automation
  • Improve employee retention while increasing organizational security
  • Protect your organization's brand and reputation
  • Increase customer trust
Skills Learned
  • Learn how to spot organizational deficiencies in cloud security
  • Speak the language of cloud security confidently with both technical and leadership teams
  • Navigate your organization through the current security challenges and opportunities presented by cloud services.
  • Identify risks associated with various services offered by cloud service providers (CSPs).
  • Select appropriate security controls for different cloud network security architectures.
  • Evaluate CSPs based on their documentation, security controls, and audit reports.
  • Confidently use services from leading CSPs, including AWS, Azure, and GCP.
  • Protect secrets and sensitive information within cloud environments.
  • Leverage cloud logging capabilities to establish accountability for events in the cloud.
  • Determine risk control ownership based on deployment and service delivery models of CSP products.
  • Assess the trustworthiness of CSPs using their security documentation, service features, and third-party attestations.
  • Secure access to CSP management consoles and environments.
  • Implement native network security controls in AWS and Azure.
  • Conduct penetration testing following guidelines from AWS and Azure to test full-stack cloud applications.
Hands-On Cloud Security Training

Much like advanced flight simulators to a commercial pilot, the SEC488 lab environment is designed to provide students with practical, real-world experience to practice the theory and skills learned during lecture. With 15 hours of the course dedicated entirely to hands-on keyboard experiences, students walk away capable of "flying the plane", not just reading its manual. Students love the SEC488 exercises because they WORK! Constantly maintained to keep up with vendor updates, the SEC488 labs are resilient and students receive extended access to lab content via the course lab workbook.

This multicloud, immersive lab environment includes various cloud resources such as virtual machines, storage services, and security tools, all configured to simulate real-world scenarios, which allows students to gain comprehensive exposure to different cloud service providers. Students spend about 50% of lab time in AWS and 50% in Azure environments across 20 labs and a gamified capture the flag in Section 6. Some labs do have dependencies on other labs. For more advanced students, a fast forward script is provided for Lab 1 to get past the set-up steps to dig right into the more technical experiences.

Labs provide a crucial opportunity to apply theoretical knowledge in a controlled setting, helping students to solidify their understanding of cloud security principles. By actively engaging in these repeatable labs, students can practice and refine their skills, ensuring they are well-prepared to tackle cloud security challenges in their own organizations the day the return to the office.

"As a relative cloud newb, this course has really allowed me to understand how to best secure the cloud. My day to day role doesn't allow for hands on work so I've particularly enjoyed the labs." - Will Hotard, State of Louisiana OTS

"The labs serve to both break up a fairly intensive academic upskilling, and also to teach you how to apply the knowledge correctly and safely, allowing you to secure your cloud environment with confidence and ease." - Matt Hunter, National E-Crime Team

"I appreciate the thorough information, and how it is delivered. Plus the steps are very helpful and easy to follow." - Taylor Ripplinger, Encompass Health
Syllabus Summary
  • Section 1: Utilize Identity and Access Management (IAM) to secure cloud accounts and implement least privilege access.
  • Section 2: Focus on securing compute instances and managing configurations within cloud environments.
  • Section 3: Learn to protect data through encryption and automation using Infrastructure as Code (IaC).
  • Section 4: Explore network security controls and logging to monitor and manage cloud data flows.
  • Section 5: Understand compliance requirements, perform penetration testing, and respond to incidents in the cloud.
  • Section 6: Apply all learned skills in a comprehensive CloudWars challenge to reinforce cloud security concepts.
Additional Free Resources
  • Evolution of SIEM in the Cloud, Webcast
  • Least Privilege - An Adventure in Third-Party Cloud Account Access, Hands-On Workshop
  • Cloud VM Deployment and Hardening, Hands-On Workshop
  • Protecting Cloud Assets and Improving Security, Hands-On Workshop
  • Avoiding Data Disasters: Techniques to Identify and Address Cloud Storage Misconfigurations, Hands-On Workshop
  • Cloud Attacks: What's Old is New - Part 1, Blog
  • Cloud Attacks: What's New is New - Part 2, Blog
  • Beyond the Foundations: Diving into IAM in AWS, Blog
  • Building Strong Foundations: Exploring IaC for Cloud IAM, Blog
What You Will Receive
  • AWS and Azure provisioned accounts
  • MP3 audio files of the complete course lectures
  • Printed and Electronic courseware
  • Extended access to the course's 20+ lab exercises
What Comes Next?

Depending on your professional goals and direction, SANS offers a number of follow-on courses to SEC488.

Cloud Security Analyst
  • SEC510: Cloud Security Controls and Mitigations | GPCS
  • SEC541: Cloud Security Threat Detection | GCTD
Cloud Security Engineer
  • SEC510: Cloud Security Controls and Mitigations | GPCS
  • SEC540: Cloud Security and DevSecOps Automation | GCSA
Cloud Security Architect
  • SEC549: Cloud Security Architecture | GCSA
  • LDR520: Cloud Security for Leaders
Cloud Security Management / Leadership
  • LDR520: Cloud Security for Leaders

Enquire

Start date Location / delivery
31 Mar 2025 Virtual Book now

Related article

At GIAC, we believe that hands-on testing is the future of cybersecurity certification. With five certification exams featuring CyberLive , and thr...