Courses

Courses

Core


SEC534: Secure DevOps: A Practical Introduction

This course, Secure DevOps: A Practical Introduction (SEC534) explains the fundamentals of DevOps, and how DevOps teams can build and deliver secure software. It will explain the principles and practices and tools in DevOps and how they can be leveraged to improve the reliability, integrity and security of systems.

Learn More


SEC540: Cloud Security and DevOps Automation

SANS SEC540 teaches developers and security professionals how to build secure software using DevOps and cloud application services like Amazon Web Services (AWS).

Learn More


Specialization

SEC542: Web App Penetration Testing and Ethical Hacking

In SEC542, you will practice the art of exploiting web applications to find flaws in your enterprise's web apps. You'll learn about the attacker's tools and methods in order to be a more powerful defender. Through detailed, hands-on exercises and with guidance from the instructor, you will learn the four-step process for web application penetration testing; inject SQL into back-end databases to learn how attackers exfiltrate sensitive data; and utilize cross-site scripting attacks to dominate a target infrastructure. You will also explore various other web app vulnerabilities in-depth using proven techniques and a structured testing regimen.

Learn More


SEC642: Advanced Web App Penetration Testing, Ethical Hacking, and Exploitation Techniques

SEC642 will teach you the advanced skills and techniques required to test modern web applications and next-generation technologies. In this course, you will learn through a combination of lectures, real-world experiences, and hands-on exercises that will teach you the techniques to test the security of tried-and-true internal enterprise web technologies, as well as cutting-edge Internet-facing applications. On the final day of the course, you will apply the knowledge you have acquired in a Capture-the-Flag competition, a fun environment based on real-world technologies.

Learn More