SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
Protect Your Organization With Cybersecurity Training
Confront emerging threats, secure your environment, and strengthen cyber resilience with world-class, expert-led training
Cybersecurity Courses
Equip yourself or your team with comprehensive hands-on cybersecurity training. Explore 85+ courses covering technical skills, leadership, and real-world defense against evolving cyber threats.
- Slide 1 of 4
SEC401: Security Essentials - Network, Endpoint, and Cloud
Essentials SEC401Cyber Defense
- GIAC Security Essentials (GSEC)
- 6 Days (Instructor-Led)
- 46 CPEs / 46 Hours (Self-Paced)
- Labs: 20 Hours of hands-on instruction
- Slide 2 of 4
FOR528: Ransomware and Cyber Extortion
Intermediate FOR528Digital Forensics and Incident Response
- 4 Days (Instructor-Led)
- 24 CPEs / 24 Hours (Self-Paced)
- Labs: 13 Hours of hands-on instruction
- Slide 3 of 4
ICS613: ICS/OT Penetration Testing & Assessments
betaAdvanced ICS613Industrial Control Systems Security
- 5 Days (Instructor-Led)
- 30 CPEs / 30 Hours (Self-Paced)
- Labs: 27 Hours of hands-on instruction
- Slide 4 of 4
FOR498: Digital Acquisition and Rapid Triage
Essentials FOR498Digital Forensics and Incident Response
- GIAC Battlefield Forensics and Acquisition (GBFA)
- 6 Days (Instructor-Led)
- 36 CPEs / 36 Hours (Self-Paced)
- Labs: 20 Hours of hands-on instruction
- Slide 1 of 4SANS Network Security 2025
Las Vegas, NV
Experience high-impact cybersecurity training on September 22-27 in Las Vegas—where the lights never dim and innovation never sleeps. Learn from real-world practitioners by day, then enjoy top-tier dining, shows, and entertainment every evening. Keynote Announced: Dr. Nikki Robinson, Dsc, PHDTalk: Vulnerability Chaining - An Exploration into Mapping Vulnerabilities for Effective Vulnerability Management. Date: September 23, 2025 | 6:30pm – 7:30pm PT (UTC-7)
- Slide 2 of 4
IDC "The Business Value of SANS" Campaign White Paper - 2025
Evolving threats demand evolving strategies. Join SANS Principal Instructor Chris Dale to explore how Continuous Penetration Testing (CPT) closes gaps, scales with your operations, and keeps your organization ahead of attackers. Register now for this free webcast!
- Slide 3 of 4SANS DFIR Summit 2025
Salt Lake City, UT & Live Online
Join us for the DFIR event of the year to get up-to-speed on the latest digital forensics and incident response open-source tools, effective investigative strategies, and to hear from the top practitioners in the industry. Summit: July 24-25 | Training: July 26-31
- Slide 4 of 4
Strengthen the Human Layer of ICS Defense
Your ICS security tools are strong, but can they stop human error? The latest SANS ICS training helps your workforce catch what tools can’t. Role-based modules for leaders, engineers, and frontline personnel cover real threats like AI, cloud, and malware.
_-_Concept_1.jpg&w=3840&q=75)
Explore Your Cybersecurity Journey
Whether you're getting started or advancing your skills, choose from world-class training, industry-recognized certifications, or explore with free course demos. Start building your path with SANS.
Ways to Train
Learn your way, whether in person, live instruction delivered in an online format, or self-paced, on your own schedule, with cybersecurity courses from top industry experts.
Certifications
Master the skills to earn GIAC certifications, the industry's most rigorous credentials, with expert exam preparation from SANS.
Free Course Previews
Preview 70+ SANS courses, assess course difficulty, watch expert instructors, and experience the SANS OnDemand training platform firsthand.
Trusted by Global Governments and Leading Industries
- Slide 1 of 4Can't say it enough. Thank you for having these courses. Without them I'd be feeling my way in the dark for a year plus, trying to get to where I am now. I feel like it accelerates the speed of learning so someone can make progress in the field faster.
- Slide 2 of 4The real value of this training lies at the intersection of quality content and delivery by a subject-matter expert actively working in the field, making it incredibly relevant and immediately applicable to my job.
- Slide 3 of 4You cannot beat the quality of SANS classes and instructors. I came back to work and was able to implement my skills learned in class on day one. Invaluable.
- Slide 4 of 4SANS is the best information security training you’ll find anywhere. World-class instructors, hands-on instruction, actionable information you can really use, and NetWars.
Slide 1 of 0
(1/0)
Cybersecurity Focus Areas
Effective cybersecurity operations rely on layers of offensive testing, defensive architecture and monitoring, forensics and incident response, cloud security, and leadership. Advancing your capabilities in these focus areas is our mission because it furthers your ability to protect us all.
Offensive Operations, Pen Testing and Red Teaming Training
Training in penetration testing, red teaming, purple teaming, and exploit development, provides the skills needed to simulate real-world attacks, evade defenses, and enhance security through adversary emulation and improving defense strategies.
Learn moreCyber Defense Training
Effective Cyber Defense enables organizations to anticipate, withstand, and recover from cyber-attacks through proactive monitoring, threat detection, and incident response. It combines security operations, automation, and resilient architecture to reduce risk and minimize attack impact.
Learn moreCloud Security Training
Cloud security encompasses technologies, policies, and controls that protect data, applications, and infrastructure in cloud environments. Knowing how to safeguard sensitive information in cloud environments is crucial for preventing cyber threats, ensuring compliance, and maintaining business continuity.
Learn more- Slide 1 of 4
Learning with SANS
159
Trusted globally by 159 country governments
Learn moreGovernments around the world rely on SANS for best-in-class training, equipping local and international cybersecurity teams with the skills necessary to protect critical infrastructure and stay ahead of adversaries
- Slide 2 of 4
Learning with SANS
400k
400k cybersecurity practitioners train with SANS
Learn MoreCybersecurity professionals of all skill levels train with SANS to learn from industry experts and gain hands-on, practical knowledge that can be applied immediately, effectively preparing them for real-world threats.
- Slide 3 of 4
Learning with SANS
230k
230k+ certifications granted by GIAC
Learn MoreSANS Institute is GIAC’s preferred partner for exam preparation, offering focused curriculums that help individuals pass with confidence and validate their expertise in various cybersecurity domains.
- Slide 4 of 4
Learning with SANS
492
492 Fortune 500 companies enlist SANS training solutions
Learn more >Fortune 500 companies partner with SANS to recruit, build, and retain high-performing, outcome-driven teams through industry-leading training solutions that bolster cyber resilience.
Secure Your Organization
Team Development
Equip your team with cutting-edge cybersecurity skills, designed to address your organization’s most critical security needs.
Leadership Development
Empower your leaders with strategies that drive better decision-making, stronger risk management, and improved cyber resilience.
Workforce Security and Compliance
Mitigate human risk and ensure compliance with advanced training that addresses evolving threats and security regulations.
Navigate Compliance with Confidence: Security Essentials for Business Leaders
Adapt to new SEC mandates with a 10-module training course designed to expand cyber literacy and help leaders facilitate an engaged, united cybersecurity culture.
CISO Network
Join the SANS CISO network, exclusively for senior security executives. Connect with experts and thought leaders, share ideas and lessons learned and help drive industry breakthroughs.
Join the SANS Community
Become a Member Today
Gain exclusive access to free resources, tools, and expert content—news, training, podcasts, whitepapers, and more. Explore unique member benefits designed for cybersecurity professionals that you won’t find anywhere else.
Upcoming Webcasts
When you join the SANS community, you gain access to free cybersecurity resources, including free training, 150+ instructor-developed tools, the latest industry updates, and more.
- Slide 1 of 20
How to Make a Mission & Vision for Your Security Team in 60 Minutes or Less
A strong mission and vision provide security teams with clarity, direction, and purpose-but too often, they are overlooked or overly complicated. The good news? You don't need weeks of brainstorming to create a powerful, actionable mission and vision for your security team. Whether leading a new security team or refining an existing strategy, this session will provide a practical, repeatable framework to define and implement your team's mission and vision in an hour or less.
WebinarCybersecurity Leadership
- 25 Jun 2025
- 13:00 UTC
- Russell Eubanks
- Slide 2 of 20
Supply Chain Cybersecurity Forum
As software and hardware supply chains grow more complex and globally interconnected, they have also become prime targets for attackers.
WebinarCyber Defense
- 26 Jun 2025
- 09:00 UTC
- Douglas McKee & Tony Turner
- Slide 3 of 20
Drip, Drip, Drop: Confronting Data Attacks in ICS/OT Systems
Environments that leverage Industrial Control Systems (ICS) or Operational Technology (OT) infrastructure are not impervious to data attacks or breaches that contaminate data sources. In industrial systems, system and data integrity are inherently connected to process safety, with the potential to impact human life and the environment directly.
WebinarIndustrial Control Systems Security- 26 Jun 2025
- 18:00 AEST
- Mike Hoffman
- Slide 4 of 20
Data Analytics for Continuous Risk Management
In this presentation, James Tarala, Senior Faculty at the SANS Institute and Principal Consultant at Cyverity, will introduce an automated cybersecurity risk management model that integrates data analytics with existing security infrastructures.
WebinarArtificial Intelligence
- 30 Jun 2025
- 17:30 AST
- James Tarala
- Slide 5 of 20
SANS Skills Quest – The New Online Cyber Range
Join SANS for a special webcast introducing and demonstrating the New SANS Skills Quest powered By NetWars. SANS experts will provide an overview of this new and improved set of online range challenges that organizations can use to support continuous knowledge and skill development.
WebinarCybersecurity and IT Essentials- 1 Jul 2025
- 14:00 UTC
- Christopher Elgee
- Slide 6 of 20
OSINT In The Malware Ecosystem
Open Source Intelligence plays a critical role in malware analysis, especially in understanding the broader context of the attack, enriching findings, and speeding up attribution. In this talks, we will cover many examples about useful information found in malware samples, how to access them and enrich them. I promise, no assembly!
WebinarOpen-Source Intelligence
- 3 Jul 2025
- 19:00 SGT
- Xavier Mertens
- Slide 7 of 20
SANS 2025 SOC Survey Webcast & Forum
In 2025, the SANS SOC Survey will extend its detailed inspection of cybersecurity operations centers. By exploring the capabilities and outsourcing; architectures and cloud use; technologies; hiring and staffing; metrics and funding; threat intel; and automation we develop a global picture of the state of SOCs.
WebinarSecurity Awareness
- 9 Jul 2025
- 10:30 UTC
- Christopher Crowley, Matt Muller & James Spiteri
- Slide 8 of 20
Inside ICS613: Building A Strong Offense for ICS/OT
Industrial environments are different—and so is the approach required to assess them safely and effectively.
WebinarIndustrial Control Systems Security- 9 Jul 2025
- 13:00 UTC
- Jason Dely, Don C. Weber & Tyler Webb
- Slide 9 of 20
How to Easily Secure Every Connected Device with Enterprise IoT & Industrial OT Security
Connected devices are transforming business operations — from streamlined workflows to increased automation and convenience. But with this growing connectivity comes increased exposure to cyber threats. Every unsecured device is a potential entry point for attackers, putting your operations, data, and reputation at risk.
WebinarIndustrial Control Systems Security- 9 Jul 2025
- 15:30 UTC
- Slide 10 of 20
Comparing OT Perimeters in Defensible Security Architectures
There are many ways to create a security perimeter around your IT infrastructure. This presentation will compare and contrast various strategies companies take when building these perimeters and discuss the benefits and disadvantages of each.
WebinarIndustrial Control Systems Security- 9 Jul 2025
- 17:00 CST
- Justin Searle
- Slide 11 of 20
Defense in Depth: Multiple Layers of Protection Fortifying Your Cyber Defenses
Webcast 4 of 5 in our Special Series—Explore the full lineup here. In today’s complex threat landscape, no single security solution is enough. A modern cybersecurity strategy requires layered, overlapping defenses to detect, prevent, and respond to both external threats and insider risks.
WebinarCyber Defense- 10 Jul 2025
- 15:30 UTC
- Ted Demopoulos
- Slide 12 of 20
AI & Cybercrime: How Criminals Are Weaponizing AI
This talk will look at how attackers are actually making use of artificial intelligence to attack organizations through social engineering attacks, and what organizations can do to try and actually address these threats.
WebinarArtificial Intelligence- 14 Jul 2025
- 17:30 AST
- Jason Jordaan
- Slide 13 of 20
SANSFIRE 2025: SANS@Night - Back to Basics (and Having a Blast): Why Cybersecurity Fundamentals Still Rule in a High-Tech World
In this upbeat, interactive session, we’ll dive into why the tried-and-true fundamentals (think password hygiene, patch management, and access controls) are the secret sauce to surviving and thriving in the age of ever-evolving cyber threats. Prepare for real-life “oops” moments, plenty of laughs, and hands-on tips you can actually use.
WebinarCybersecurity and IT Essentials- 17 Jul 2025
- 18:00 UTC
- Rich Greene
- Slide 14 of 20
SANSFIRE 2025: SANS@Night - Unlocking Secrets: Keypad Safe Attack Using Side-Channel Timing And Pulseview
In this demo of hardware hacking, we'll introduce PulseView - the 'Wireshark of hardware hacking' - and demonstrate a technique to unlock a keypad safe. Our method? A Side-Channel Timing Attack, which relies on the timing discrepancies in the user interface.
WebinarCybersecurity and IT Essentials- 18 Jul 2025
- 18:00 UTC
- Monta Elkins
- Slide 15 of 20
SANS 2025 Government Security Forum
Join us at the 2025 Government Security Forum on July 22nd at 10:00 AM ET to gain intelligence, tools, and real-world strategies needed to defend your agency against next-generation cyber threats. Register for free today!
WebinarCybersecurity Leadership
- 22 Jul 2025
- 10:00 EDT
- Matt Bromiley
- Slide 16 of 20
Risk Rules Everything Around Me: Making Smart VM Decisions Without the Guesswork
Not all vulnerabilities are created equal—and fixing everything just isn’t realistic. This session shows how to align vulnerability prioritization with real-world risk.
WebinarCybersecurity Leadership- 23 Jul 2025
- 12:00 UTC
- Jonathan Risto
- Slide 17 of 20
SANS DFIR Summit Solutions Track 2025
We continue to see the effects of living in an interconnected, digital world, which results in a rise in the number of cyber-attacks with each new year. Malware/Ransomware, Email Compromise, Distributed Denial of Service attacks, and Data Breaches continue to plague some of the largest industries and small businesses alike, and the cost of these damages is on pace to exceed 10 trillion dollars by 2025. As managers, consultants, and examiners, we know there is no silver bullet to thwart all attacks, and we realize that we must continue to improve our tools and practices to keep attackers at bay. Weeding through the various tools and free solutions and then implementing best practices for your workplace is often just as challenging as defending your resources in this constantly evolving landscape. Join us for this year’s DFIR Summit Solutions Track 2025 as invited speakers and subject matter experts walk through lessons learned and best practices on uncovering threats, identifying attacker activity, confirming data loss and what was compromised, and discuss ways to better secure your organizational assets moving forward.
WebinarDigital Forensics and Incident Response- 25 Jul 2025
- 10:00 MT
- Domenica Lee Crognale
- Slide 18 of 20
Navigating the Challenges of Securing Hybrid Environments
Webcast 3 of 5 in our Special Series—Explore the full lineup here. With 78% of organizations now operating in hybrid or multi-cloud setups, traditional security approaches are falling short. When systems span cloud, on-prem, and endpoints, it becomes harder to maintain visibility, enforce consistent policies, and ensure resilience under pressure.
WebinarCloud Security- 29 Jul 2025
- 13:00 UTC
- Matt Bromiley
- Slide 19 of 20
How to Attract, Hire, and Retain Top-Tier Cybersecurity Talent: Key Insights from the 2025 Cybersecurity Workforce Research Report
Join us for a research-driven webcast that unveils and explores the key findings of the 2025 Cybersecurity Workforce Research Report by SANS | GIAC. This comprehensive, global study delivers unparalleled insights into the cybersecurity talent landscape, highlighting the essential strategies for building and maintaining high-performing teams.
WebinarCybersecurity Leadership- 29 Jul 2025
- 10:00 UTC
- Rob Lee & Lynn Dohm
- Slide 20 of 20
SANS Huntsville 2025: SANS@Night - How I've Changed the Way I Use AI in 2025
I've been a heavy user of AI since the beginning, but the way that I use AI has recently shifted. In this fast-paced, fun talk, we'll cover the top ways that I've improved my efficiency and productivity by changing the way I interact with AI so far in 2025.
WebinarArtificial Intelligence- 30 Jul 2025
- 18:00 UTC
- Matt Edmondson
Featured free resources
When you join the SANS community, you gain access to free cybersecurity resources, including free training, 150+ instructor-developed tools, the latest industry updates, and more.