New SANS Course Provides a Faster Way to Onboard Cyber Defenders

Bethesda, MD, April 29, 2019 – Starting a career in cyber defense can quickly become overwhelming given the seemingly infinite amount of information one is required to learn. SANS Institute, the global leader in cyber security training and certifications, today announced a new course—SEC450 Blue Team Fundamentals: Security Operations and Analysis—that greatly shortens the time required to become a member of the blue team. SEC450 squarely addresses this information overload by focusing on specific central concepts that, when explained systematically, enable aspiring blue team members to step into a security operations center or cyber defense role with confidence.

According to SEC450 course author and dedicated blue-teamer John Hubbard (@SecHubb), “SEC450 addresses a critical industry issue—getting and keeping new defenders. Security operations and cyber defense can become monotonous leading to high turnover. We preemptively tackle this problem by teaching concepts that keep defenders and their colleagues challenged and happy, with plenty of room for career growth on the blue team.”

A live webcast will be held on May 15th offering a sneak peak of this course. The hour-long event hosted by Hubbard will include a Q&A session.  For more information on the webcast, or to register, visit: https://www.sans.org/webcasts/110370

SEC450 Blue Team Fundamentals: Security Operations and Analysis provides a detailed explanation of the mission and mindset of a modern cyber defense operation. In addition to an introduction to all of the tools common to a defender’s work environment, students will learn all the stages of security operations; how data is collected, where it is collected, and how threats are identified within that data.

The class dives deep into tactics for triage and investigation of events that are identified as malicious. Students learn how to avoid common mistakes and perform continual high-quality analysis. They will also learn the inner workings of the most popular protocols and how to identify weaponized files and attacks within the hosts and data on their network. The course employs a practical, hands-on style of instruction that uses a simulated SOC environment with a real, fully-integrated toolset that includes Security Information and Event Management (SIEM), an incident tracking and management system, a threat intelligence platform, packet capture, and automation tools.

To learn more about SEC450 Blue Team Fundamentals: Security Operations and Analysis course, visit:
https://www.sans.org/course/blue-team-fundamentals-security-operations-analysis