Professional Documents
Culture Documents
SANS Roadmap
SANS Roadmap
SANS Roadmap
65+
GPEN
SEC542 Web App Penetration Testing and Ethical Hacking | Wireless SEC617 Wireless Penetration Testing and Ethical Hacking | GAWN
Core Techniques Prevent, Defend & Maintain Web Apps
GWAPT
Python Coding SEC573 Automating Information Security with Python | GPYC
Every Security Professional Should Know The professional who can find weakness is often a different breed hands-on
SEC699 Purple Team Tactics - Adversary Emulation for
Security than one focused exclusively on building defenses. A basic tenet of red Adversary Emulation
Breach Prevention & Detection courses
SEC401 Security Essentials Bootcamp Style | GSEC
Essentials team/blue team deployments is that finding vulnerabilities requires
Hacker SEC504 Hacker Tools, Techniques, Exploits, different ways of thinking and different tools. Penetration testing skills
Techniques and Incident Handling | GCIH are essential for defense specialists to improve their defenses. Digital Forensics, Malware Analysis & Threat Intel Specialized Investigative Skills
All professionals entrusted with hands-on cybersecurity work should Essentials
be trained to possess a common set of capabilities enabling them to
secure systems, practice defense in depth, understand how attacks DFIR Essentials FOR308 Digital Forensics Essentials
work, and manage incidents when they occur. To be secure, you should Malware Analysis
set a high bar for the baseline set of skills in your security organization. FOR610 Reverse-Engineering Malware: Malware Analysis
Incident Response & Threat Hunting Host & Network Forensics Malware Analysis
Tools and Techniques | GREM
Every Forensics and IR Professional Should Know
Threat Intelligence
FOR500 Windows Forensic Analysis | GCFE
Endpoint Cyber Threat Intelligence FOR578 Cyber Threat Intelligence | GCTI
FOR508 Advanced Incident Response, Threat Hunting,
Forensics
35+
and Digital Forensics | GCFA Digital Forensics & Media Exploitation
Network FOR572 Advanced Network Forensics: Threat Hunting,
Forensics Analysis, and Incident Response | GNFA Battlefield Forensics To learn more
FOR498 Battlefield Forensics & Data Acquisition | GBFA
& Data Acquisition about additional
Whether you’re seeking to maintain a trail of evidence on host or certifications
Smartphone Analysis FOR585 Smartphone Forensic Analysis In-Depth | GASF SANS courses, go to:
network systems, or hunting for threats using similar techniques, larger
Security Management Managing Technical Security Operations organizations need specialized professionals who can move beyond Memory Forensics FOR526 Advanced Memory Forensics & Threat Detection sans.org/courses
Every Security Manager Should Know first-response incident handling in order to analyze an attack and Mac Forensics FOR518 Mac and iOS Forensic Analysis and Incident Response
Leadership develop an appropriate remediation and recovery plan.
MGT512 Security Leadership Essentials for Managers | GSLC See in-depth course
Essentials
Critical SEC566 Implementing and Auditing the Critical Security Advanced Management Advanced Leadership, Audit & Legal descriptions and the digital
Controls Controls – In-Depth | GCCC Management Skills version of this roadmap at:
sans.org/roadmap
With an increasing number of talented technologists, organizations Planning, Policy, Leadership MGT514 Security Strategic Planning, Policy, and Leadership | GSTRT
require effective leaders to manage their teams and processes. Those Managing Vulnerabilities MGT516 Managing Security Vulnerabilities: Enterprise and Cloud
managers will not necessarily perform hands-on work, but they must
CISSP® MGT525 IT Project Management, Effective Communication, and
know enough about the underlying technologies and frameworks to MGT414 SANS Training Program for CISSP® Certification | GISP Project Management
Training PMP® Exam Prep | GCPM
help set strategy, develop appropriate policies, interact with skilled
Audit & Legal
practitioners, and measure outcomes.
AUD507 Auditing and Monitoring Networks,
Audit & Monitor
Perimeters & Systems | GSNA
Law & Investigations LEG523 Law of Data Security and Investigations | GLEG