Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

sec488-major-update

MAJOR UPDATE just launched for SEC488: Cloud Security Essentials cloud security course.

Authored byRyan Nicholson
Ryan Nicholson

Are you familiar with the SANS Promise? "Everyone who completes SANS training can apply the skills and knowledge they’ve learned the day they return to work." The end. Mic drop. Bam!

However you want to word it, the outcome is the same. In order for us to uphold our promise, our cybersecurity training courses are constantly undergoing updates to stay current, fresh, and relevant. This is no easy task for cloud since it changes so quickly!

Our flagship course that kicks off the cloud security training journey for thousands of professionals a year has just undergone another notable update. Continue reading for details on overall updates I've made, as well as section by section adjustments. I personally invite you to take the free course demo to try it on for size.

Image of a CD/CA Cloud Diagram

Screenshot of AWS account being linked to Microsoft Defender for Cloud with some compliance results under the “Regulatory Compliance” section.

Overall Course Updates

  • 9% more content
  • 2 brand-new labs, 2 removed labs, and ALL remaining labs refreshed
  • 35% more GCP content
  • SANS will provide AWS and Azure accounts to all students, regardless of modality
  • Students will also receive instructions to create their own AWS and Azure accounts for continued learning and practicing of labs.

Section 1 Updates

  • Moved some of the advanced account segmentation topics out of day 4 and moved here where it makes the most sense
  • Added more GCP content to even out the day amongst the big three vendors.
  • Shuffled some content around so it flows more logically from topic to topic
  • Moved some of the "drier" material into the notes pages for more depth—this will help keep the material exciting to teach as the drier slide content was replaced with more interesting topics
  • Labs are more reliable than ever before

Section 2 Updates

  • More GCP again
  • Shuffled some content around so it flows better
  • Added some neat security automation content that also appears in one of the labs

Section 3 Updates

  • A little more GCP content
  • Renamed the CASB module to "CASBs, CWPPs, and CSPMs, Oh My!" (it now includes more types of security options
  • Lab 3.4 (which was problematic before) has been replaced with a Cloud Custodian lab

Section 4 Updates

  • Quite a bit more logging discussions and examples
  • Shuffled some content around so it flows better

Section 5 Updates

  • Shuffled some content around so it flows better
  • Moved some of the "drier" material into the notes pages for more depth and replaced slide content with more interesting topics
  • Merged Privacy and Risk Management modules into one: "Privacy and Risk Management"
  • Moved lab 5.2 to 5.1
  • Created a new lab 5.2 (Fun with Functions) showing how defenders can automate some of their work
  • Split penetration testing module into two: "Preparing for Cloud Penetration Tests" and "Conducting Cloud Penetration Tests"

Section 6 Updates

CloudWars has been converted to run on the SANS ranges.io platform. Why does this matter to you? Ranges.io collects a history for each student. Therefore, over time, you can access your history of various activities you’ve participated in, which you can reference (and show off) later.

Diagram of SEC488 Lab Flow by Section and by Lab

Screenshot of “Challenge 4: Test the WAF Rules”

About This Cloud Security Course | SEC488: Cloud Security Essentials

This cloud security training course is designed to be your “license to learn cloud security”, in other words, the starting point for your journey into the depths of cloud security. It covers AWS, Azure, GCP, and touches on other cloud service providers, as well. Over 6 days, you will experience 36 hours of lecture and hands-on labs that is current, relevant, and necessary to understand and support your organization’s cloud security posture. Review this entire cloud security course syllabus at sans.org/cyber-security-courses/cloud-security-essentials/

About This Cloud Security Certification | GCLD

The GCLD cloud security certification validates a practitioner's ability to implement preventive, detective, and reactionary techniques to defend valuable cloud-based workloads. The exam covers:

  • Evaluation of cloud service provider similarities, differences, challenges, and opportunities
  • Planning, deploying, hardening, and securing single and multi-cloud environments
  • Basic cloud resource auditing, security assessment, and incident response

To learn more about the GIAC GCLD Cloud Security Certification, please visit giac.org/certifications/cloud-security-essentials-gcld/

Meet the expert

Ryan Nicholson
Ryan Nicholson

Ryan Nicholson

Senior Instructor

Ryan’s extensive experience, including roles as a cybersecurity engineer for major Department of Defense cloud projects and as a lead auditor, underscores his dedication to enhancing the security posture of critical systems.

Read more about Ryan Nicholson
Major Updates to SANS #1 Cloud Security Training Course SEC488: Cloud Security Essentials