CURRICULUM: Cyber Defense 6 Day Program 46 CPEs 21+ Labs You Will Be Able To ▐ Conduct comprehensive current state assessments to engineer and prioritize modern defenses ▐ Apply threat-informed defense frameworks such as MITRE ATT&CK and zero trust ▐ Perform threat hunting using advanced techniques and tools ▐ Engineer visibility across modern, hybrid, decentralized infrastructure ▐ Navigate modern domain name system and transport layer security encryption landscape to balance protection, detection, and privacy considerations ▐ Understand the cloud security stack and tools like cloud-native application protection platform, cloud security posture management, cloud infrastructure entitlement management, and cloud workload protection platform for robust cloud protection ▐ Implement application control and EPP for endpoint security ▐ Defend AI/LLM applications and secure the AI/software supply chain Who Should Attend ▐ Security architects ▐ Senior security engineers ▐ Technical security managers ▐ Security Operations Center analysts, engineers, and managers ▐ Computer network defense analysts ▐ Individuals working to implement continuous diagnostics and mitigation, continuous security monitoring, or network security monitoring NICE Framework Work Roles ▐ Security Architect (OPM 652) ▐ Cyber Defense Analyst (OPM 511) ▐ Cyber Defense Infrastructure Support Specialist (OPM 521) Monitor, Detect, Protect: Master Advanced Threat Detection for Cloud, Network, and Endpoints In today’s rapidly evolving threat landscape, traditional cybersecurity measures are no longer sufficient. This advanced training addresses the challenge by equipping practitioners with cutting-edge skills in cybersecurity engineering and advanced threat detection for cloud, network, and endpoint environments. Featuring 18 hands-on labs, a final capstone project, plus gamified bootcamp challenges, it immerses you in real-world scenarios. Master NDR, EDR, and MITRE ATT&CK to build a robust SOC with threat-informed defenses. Elevate your expertise and stay ahead of adversaries with this comprehensive course. Business Takeaways This course will help your organization: ▐ Enable effective cloud, network, and endpoint protection and detection strategies ▐ Design defensible security architecture and operations for modern hybrid enterprises ▐ Materially improve your organization’s security operations capabilities ▐ Identify protection and detection gaps across hybrid infrastructure ▐ Maximize the capabilities of current infrastructure and assets ▐ Make sense of data to enable the detection of potential intrusions or unauthorized actions rapidly Syllabus Summary SECTION 1: Threat Informed Defense Principles SECTION 2: Cloud, Edge, and Network Visibility and Protection SECTION 3: NDR and Network Threat Hunting SECTION 4: User and Endpoint Protection and Detection SECTION 5: SOC, Automation, Emulation, and GenAI Defense SECTION 6: NetWars Final Capstone: Design, Detect, Defend SEC511: Continuous Monitoring and Security Operations™ MAJOR UPDATE “ SEC511’s lab sessions provided critical practical experience that helped solidify the theoretical concepts.” —Olivia M., BAH “ The comprehensive training in SEC511 has opened up numerous job opportunities for me in the cybersecurity sector.” —Kevin J. Eric Conrad Course Author Seth Misenar Course Author For detailed course description, visit SANS.ORG/SEC511 WAYS TO TAKE SEC511 Live Online In-Person OnDemand * sans.org/8140 DoD 8140* GMON Continuous Monitoring giac.org/gmon
