SANS Cloud Security focuses the deep resources of SANS on the growing threats to The Cloud by providing training, certification, research, and community initiatives to help security professionals build, deploy and manage secure cloud infrastructure, platforms, and applications.

SANS Cloud Security Curriculum provides intensive, immersion training designed to help you and your staff master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. The courses are full of important and immediately useful techniques that you can put to work as soon as you return to your office. The curriculum has been developed through a consensus process involving industry leading engineers, architects, administrators, developers, security managers, and information security professionals, and address public cloud, multicloud, and hybrid-cloud scenarios for the enterprise and developing organizations alike.

Featured Cloud Security Courses & Certifications

New  Foundational

SEC488: Cloud Security Essentials

More businesses than ever are moving sensitive data and shifting mission-critical workloads to the cloud. And not just one cloud service provider (CSP) - research shows that most enterprises have strategically decided to deploy a multi-cloud platform, including Amazon Web Services, Azure, Google Cloud, and others ...

Course Details
New  Core

SEC510: Multicloud Security Assessment & Defense

SEC510: Multicloud Security Assessment and Defense provides cloud security practitioners, analysts, and researchers with an in-depth understanding of the inner workings of the most popular public cloud providers: Amazon Web Services (AWS), Microsoft Azure, and the Google Cloud ...

Course Details

SEC540: Cloud Security and DevOps Automation

SEC540 provides development, operations, and security professionals with a methodology to build and deliver secure infrastructure and software using DevOps and cloud services. Students will explore how DevOps principles, practices, and tools of DevOps can improve the reliability, integrity ...

Certification: GCSA

Course Details
Beta  Core

SEC541: Cloud Security Monitoring and Threat Hunting

SEC541 will take you on a deep dive into Amazon Web Services (AWS) in order to search out and identify threats in your cloud environment. We will look at the most common threat techniques used against AWS environments, what their characteristics are, and how to detect them. Then we'll ...

Course Details

See All Cloud Security Courses & Certifications

Cloud Security Curriculum

The SANS Cloud Security Curriculum is expanding at break neck speed! Reacquaint yourself with all the current and upcoming options.

Sans Cloud Security Curriculum Summary Chart

Job Role Flight Plan

SANS Cloud Security Curriculum has myriad courses that map to various job roles.
Whether you're just starting on your flight into cloud or have been in the clouds for decades, this flight plan will help you find your runway and heading to progress your cloud security career.

Sans Cloud Job Role Progression

You'll learn Cloud Security skills with these experts

The exceptionally qualified people who author and teach SANS courses, and contribute to
the GIAC Certification exams aligned with those courses, are the leaders in the field. Meet some of our instructors here:

Frank Kim

Curriculum Lead, Cloud Security

Frank is the Founder of ThinkSec, a security consulting and CISO advisory firm, as well as a SANS Fellow and lead for both the SANS Management and SANS Cloud Security curricula, overseeing two dozen SANS courses in the two fastest growing curricula. Previously, as CISO at the SANS Institute, Frank led the information risk function for the most trusted source of computer security training and certification in the world. Frank is also the author and instructor of MGT512: Security Leadership Essentials for Managers, MGT514: Security Strategic Planning, Policy, and Leadership, and co-author of SEC540: Cloud Security and DevOps Automation.

Learn Why

Eric Johnson

Senior Instructor

Eric is a Co-founder and Principal Security Engineer at Puma Security and a Senior Instructor with the SANS Institute. His experience includes cloud security assessments, cloud infrastructure automation, static source code analysis, web ...

Brandon Evans

Community Instructor

Brandon is a Senior Application Security Engineer at Asurion, where he provides security services for thousands of his coworkers in product development across several global sites responsible for hundreds of web applications. Brandon is lead author for ...

Ryan Nicholson

Certified Instructor

Ryan's passion for information technology started in 2001 when he found himself constantly trying to make his high school's computers and even calculators do things that they weren't exactly intended to do. They lacked games, so he learned ...

Challenge Coins & Stickers

The ultimate recognition to elite cybersecurity professionals. Hundreds of SANS Institute students have stepped up to the challenge and conquered. They've mastered the concepts and skills, beat out their classmates, and proven their prowess. These are the elite, the recipients of the SANS Challenge Coins, an award given to a select portion of the thousands of students that have taken SANS courses.




SEC545 Sticker

Latest Cloud Security News & Updates


NEW SANS CyberTalent Cloud Security Assessment

An Innovative Approach to Hiring, Developing, and Managing Cybersecurity Talent

  • Measures aptitude and skills of cybersecurity professionals
  • Allows employers to create professional development and retention programs
  • Allows employers to rank the skill sets of candidates to fill open positions

Learn More


NEW Firebase: Google Cloud's Evil Twin

Firebase is the most popular developer tool that security has never heard of. Brandon Evans bring its numerous flaws to light in this brand new whitepaper.

Download Now

More Free Cloud Security Resources

Choose a category to quickly find the content you need.

Connect with SANS Cloud Security and keep informed on the latest resources.

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.