Limited Time Special Offer

SANS Institute's professional, online information security training platforms OnDemand and vLive allow you to complete world-renowned courses anywhere, at any time. Get a 10.2" iPad or Samsung Galaxy Tab A or Take $250 off with OnDemand or vLive training for a limited time!

Securing Web Application Technologies (SWAT) Checklist

The SWAT Checklist provides and easy to reference set of best practices that raise awareness and help development teams create more secure applications. It's a first step toward building a base of security knowledge around web application security.

SEC540: Cloud Security and DevOps Automation Now Available OnDemand!

In addition to learning the methodology to build and deliver secure infrastructure and software using DevOps and cloud services, you'll gain access to new labs, new content and more bonus materials in our OnDemand training platform.

STH.Developer Training

Security Awareness For Developers
STH.Developer provides the most up-to-date pinpoint software security awareness training for everyone involved in the software development process, when they need it most and from the comfort of their own desks.
1 2 3 4 5
Mission Statement

SANS DevSecOps seeks to ingrain security into the minds of every developer by providing world-class educational resources to design develop, procure, deploy, and manage secure development.


We offer developers, architects, testers, managers, and security professionals an opportunity to learn, discuss, and share current developments in the field. We provide information on application security research, training, certification, and events. Application Security Survey
Secure Programming Tips

Course Overview

The majority of security vulnerabilities are found in the application layer. Our courses teach you how to develop defensible applications that are resistant to attack. Course Brochure


Our DevSecOps certifications provide assurance that an individual has practical knowledge and skills in secure coding (GSSP), web application security (GWEB), and web application penetration testing (GWAPT).