Cybersecurity Training Roadmap - SANS Institute

1 Cybersecurity Training RoadmapFocused Job RolesSpecific Skills, Specialized RolesBaseline SkillsEssentialsICS410 ICS/SCADA security Essentials | GICSPNEW TO CYBER security | COMPUTERS, TECHNOLOGY, & SECURITYCOMPUTER & IT FUNDAMENTALSSEC275 SANS Foundations | GFCTCYBER security FUNDAMENTALSSEC301 Introduction to Cyber security | GISFYou are an aspiring Cybersecurity professional beginning your security journey or an experienced professional who needs to learn key concepts and terminology. Foundational concepts and skills will be reinforced with hands-on labs. Your career journey will be enhanced with the essential security skills and techniques , DETECTION, AND DEFENSIVE CONTROLSF ocused Cyber Defense SkillsADVANCED GENERALISTSEC501 Advanced security Essentials Enterprise Defender | GCEDMONITORING & OPERATIONSSEC511 Continuous Monitoring and security Operations | GMONSECURITY ARCHITECTURESEC530 Defensible security Architecture and Engineering | GDSAThe detection of what is happening in your environment requires an increasingly sophisticated set of skills and capabilities.

2 Identifying security anomalies requires increased depth of understanding to deploy detection and monitoring tools and to interpret their OPERATIONS | VULNERABILITY ANALYSIS, ETHICAL HACKINGE very Offensive Professional Should KnowNETWORK PEN TESTINGSEC560 Network Penetration Testing and Ethical Hacking | GPENWEB APPSSEC542 Web App Penetration Testing and Ethical Hacking | GWAPTVULNERABILITY ASSESSMENTSEC460 Enterprise and Cloud | Threat and Vulnerability Assessment | GEVAThe professional who can find weakness is often a different breed than one focused exclusively on building defenses. A basic tenet of red team/blue team deployments is that finding vulnerabilities requires different ways of thinking and different tools. Offensive skills are essential for Cybersecurity professionals to improve their defenses. ADVANCED CYBER DEFENSE | HARDEN SPECIFIC DEFENSESP latform FocusedWINDOWS/POWERSHELLSEC505 Securing Windows and PowerShell automation | GCWNT opic FocusedTRAFFIC ANALYSISSEC503 Intrusion Detection In-Depth | GCIASIEMSEC555 SIEM with Tactical Analytics | GCDAPOWERSHELLSEC586 Blue Team Operations: Defensive PowerShellPYTHON CODINGSEC573 Automating Information security with Python | GPYCDATA SCIENCESEC595 Applied Data Science and Machine Learning for Cybersecurity ProfessionalsCORE TECHNIQUES | PREVENT, DEFEND, MAINTAINE very security Professional Should KnowSECURITY ESSENTIALSSEC401 security Essentials Bootcamp Style | GSECCore Defensive, Offensive, and Incident Response KnowledgeBLUE TEAMSEC450 Blue Team Fundamentals.

3 security Operations and AnalysisATTACKER TECHNIQUESSEC504 Hacker Tools, Techniques, Exploits, and Incident Handling | GCIHAll professionals entrusted with hands-on Cybersecurity work should be trained to possess a common set of capabilities enabling them to secure systems, practice defense in depth, understand how attacks work, and manage incidents when they occur. To be secure, you should set a high bar for the baseline set of skills in your security OFFENSIVE OPERATIONS | FOCUSED TECHNIQUES & AREASN etwork, Web & CloudEXPLOIT DEVELOPMENTSEC660 Advanced Penetration Testing, Exploit Writing, and Ethical Hacking | GXPNSEC760 Advanced Exploit Development for Penetration TestersWEB APPSSEC642 Advanced Web App Testing, Ethical Hacking, and Exploitation TechniquesSEC552 Bug Bounties and Responsible DisclosureCLOUD PEN TESTSEC588 Cloud Penetration Testing | GCPNS pecialized Penetration TestingBLOCKCHAINSEC554 Blockchain and Smart Contract SecurityRED TEAMSEC564 Red Team Exercises and Adversary EmulationMOBILESEC575 Mobile Device security and Ethical Hacking | GMOBPEN TESTSEC580 Metasploit Kung Fu for Enterprise Pen TestingWIRELESSSEC617 Wireless Penetration Testing and Ethical Hacking | GAWNP urple TeamADVERSARY EMULATIONSEC599 Defeating Advanced Adversaries Purple Team Tactics and Kill Chain Defenses | GDATSEC699 Purple Team Tactics - Adversary Emulation for Breach Prevention & DetectionINCIDENT RESPONSE & THREAT HUNTING | HOST & NETWORK FORENSICSE very Forensics and IR Professional Should KnowENDPOINT FORENSICSFOR500 Windows Forensic Analysis | GCFEFOR508 Advanced Incident Response.

4 Threat Hunting, and Digital Forensics | GCFANETWORK FORENSICSFOR572 Advanced Network Forensics: Threat Hunting, Analysis, and Incident Response | GNFAW hether you re seeking to maintain a trail of evidence on host or network systems, or hunting for threats using similar techniques, larger organizations need specialized professionals who can move beyond first-response incident handling in order to analyze an attack and develop an appropriate remediation and recovery FORENSICS, MALWARE ANALYSIS, & THREAT INTELLIGENCE | SPECIALIZED INVESTIGATIVE SKILLSS pecializationCLOUD FORENSICSFOR509 Enterprise Cloud Forensics and Incident ResponseMALWARE ANALYSISFOR610 Reverse-Engineering Malware: Malware Analysis Tools and Techniques | GREMT hreat IntelligenceCYBER THREAT INTELLIGENCEFOR578 Cyber Threat Intelligence | GCTID igital Forensics & Media ExploitationSMARTPHONESFOR585 Smartphone Forensic Analysis In-Depth | GASFMAC FORENSICSFOR518 Mac and iOS Forensic Analysis and Incident ResponseFOUNDATIONAL LEADERSHIPE very Cybersecurity Manager Should KnowCISSP TRAININGMGT414 SANS Training Program for CISSP Certification | GISPRISK MANAGEMENTMGT415 A Practical Introduction to Cyber security Risk ManagementSECURITY AWARENESSMGT433 Managing Human Risk: Mature security Awareness ProgramsCIS ControlsSEC440 CIS Critical Controls: A Practical IntroductionWith an increasing number of talented technologists, organizations require effective leaders to manage their teams and processes.

5 Those leaders will not necessarily perform hands-on work, but they must know enough about the underlying technologies and frameworks to help set strategy, develop appropriate policies, interact with skilled practitioners, and measure SPECIALIZATIONSC loud security LeadershipMANAGING VULNERABILITIESMGT516 Managing security Vulnerabilities: Enterprise and CloudDESIGN & IMPLEMENTATIONMGT520 Leading Cloud security Design and ImplementationAUTOMATION & COMPLIANCESEC557 Continuous automation for Enterprise and Cloud ComplianceManagement SpecializationAUDIT & MONITORAUD507 Auditing and Monitoring Networks, Perimeters & Systems | GSNALAW & INVESTIGATIONSLEG523 Law of Data security and Investigations | GLEGPROJECT MANAGEMENTMGT525 IT Project Management & Effective Communication | GCPMFORENSICS ESSENTIALSE very Forensics and IR Professional Should KnowFORENSICS ESSENTIALSFOR308 Digital Forensics EssentialsBATTLEFIELD FORENSICS & DATA ACQUISITIONFOR498 Battlefield Forensics & Data Acquisition | GBFAINDUSTRIAL CONTROL SYSTEMS SECURITYE very ICS security Professional Should KnowICS DEFENSE & RESPONSEICS515 ICS Active Defense and Incident Response | GRIDICS ADVANCED SECURITYICS612 ICS Cybersecurity In-DepthNERC ProtectionNERC security ESSENTIALSICS456 Essentials for NERC Critical Infrastructure Protection | GCIPCORE CLOUD SECURITYP reparation for More Focused Job FunctionsPUBLIC CLOUDSEC510 Public Cloud security .

6 AWS, Azure, and GCP | GPCSSECURE WEB APPSSEC522 Defending Web Applications security Essentials | GWEBAUTOMATION & DEVSECOPSSEC540 Cloud security and DevOps automation | GCSAWith the massive global shift to the cloud, it becomes more critical for every organization to have experts who understand the security risks and benefits that come with public cloud use, how to navigate and take full advantage of multicloud environments, and how to incorporate security from the start of all development security ESSENTIALSE very Cloud security Professional Should KnowESSENTIALSSEC488 Cloud security Essentials | GCLDDEVSECOPSSEC534 Secure DevOps: A Practical IntroductionIf you are new to Cybersecurity or looking to up-skill, cloud security essentials is a requirement for today s organizations. These courses provide the basic knowledge required to introduce students to the cloud security industry, as well as in-depth, hands-on practice in CONTROL SYSTEMS SECURITYE very ICS security Professional Should KnowESSENTIALSICS410 ICS/SCADA security Essentials | GICSPADVANCED CLOUD SECURITYS pecialization for Advanced Skills & RolesCLOUD FORENSICSFOR509 Enterprise Cloud Forensics and Incident ResponseMONITORING & DETECTIONSEC541 Cloud security Monitoring and Threat DetectionCONTAINERSSEC584 Cloud Native security .

7 Defending Containers and KubernetesCLOUD PEN TESTSEC588 Cloud Penetration Testing | GCPNL earning how to convert traditional Cybersecurity skills into the nuances of cloud security is a necessity for proper monitoring, detection, testing, and IntelligenceOSINTSEC487 Open-Source Intelligence (OSINT) Gathering and Analysis | GOSIOpen-Source IntelligenceOSINTSEC537 Practical Open-Source Intelligence (OSINT) Analysis and AutomationCORE LEADERSHIPT ransformational Cybersecurity LeaderTECHNOLOGY LEADERSHIPMGT512 security Leadership Essentials for Managers | GSLCSECURITY STRATEGYMGT514 security Strategic Planning, Policy, and Leadership | GSTRTSECURITY CULTUREMGT521 Leading Cybersecurity Change: Building a security -Based CultureOperational Cybersecurity ExecutiveMANAGING VULNERABILITIESMGT516 Managing security Vulnerabilities: Enterprise and CloudSOCMGT551 Building and Leading security Operations CentersCRITICAL CONTROLSSEC566 Implementing and Auditing CIS Critical Controls | GCCCCLOUD security LEADERSHIP AND GOVERNANCEE very Cloud security Leader Should KnowAUTOMATION & COMPLIANCESEC557 Continuous automation for Enterprise and Cloud ComplianceVULNERABILITY MANAGEMENTMGT516 Managing security Vulnerabilities: Enterprise and CloudDESIGN & IMPLEMENTATIONMGT520 Leading Cloud security Design and ImplementationV5-11-2021