Sold by: SANS Institute
Deployed on AWS
Build cloud threat detection capabilities to identify, analyze, and respond to sophisticated attacks in AWS and Azure environments. This course covers cloud-native logging, threat models, intrusion detection, and continuous monitoring across AWS, Azure, and Microsoft 365 to help you maintain a robust security posture.
Overview
Develop elite cloud threat detection capabilities for AWS and Azure environments. SEC541 equips you to identify, detect, and respond to sophisticated attacks targeting cloud infrastructure.
Through real-world scenarios and 22 hands-on labs, you will master cloud-native logging, build effective threat detection systems, and understand the unique aspects of cloud architecture that attackers exploit.
What You Will Learn:
Detection Engineering Fundamentals
- Analyze real-world cloud attacks like Code Spaces and Tesla Kubernetes
- Build detections from threat intelligence
- Implement deception engineering with decoy networks
- Investigate using CloudTrail, CloudWatch, and VPC flow logs
Compute and Application Security
- Monitor virtual machines, containers, and serverless functions
- Detect resource hijacking and ransomware attacks
- Leverage CSPM and CWP services in AWS and Azure
- Investigate attacks against Kubernetes clusters
Security Services and SIEM Integration
- Implement GuardDuty, Microsoft Defender, and Sentinel
- Centralize security data across multi-cloud environments
- Conduct vulnerability analysis and SIEM correlation
- Track attackers across multiple log sources
Microsoft Ecosystem and Automation
- Investigate Exchange and Entra ID attacks
- Master KQL for log analysis
- Build AI tools with Azure AI Foundry for security operations
- Automate incident response and forensic workflows
Culminates in CloudWars Challenge to test detection and response skills. Prepares for GCTD certification. 30 CPEs across 5 days.
Highlights
- Build cloud-native detection systems using CloudTrail, CloudWatch, GuardDuty, Microsoft Sentinel, and KQL for threat hunting across AWS and Azure environments
- 22 hands-on labs including real attack investigations, ransomware detection, Kubernetes security, automated forensics, and the CloudWars Challenge
- Certification: Prepares for GCTD. For cloud security analysts and detection engineers. 30 CPEs across 5 days.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
SEC541 - Single User | Single user license for Cloud - SEC541: Cloud Security Threat Detection | $8,260.00 |
Vendor refund policy
Refund requests must be submitted by the deadline date specific to User's training event. To find the specific deadline date for User's training event, please go to training event link at <www.sans.org > and click on the cancellations link.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation, and with GWLB (starting with R81.20)
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
Advanced threat prevention security for AWS and hybrid cloud environments, with Threat Extraction and Threat Emulation.
**Please note: To ensure optimal operations, Check Point recommends a 4 vCores machine size. This provides balanced efficiency and smooth performance, which most customers find ideal for their needs.
The AI-native CrowdStrike Falcon Platform provides comprehensive protection across all areas of enterprise risk - devices, identities, data, endpoints and cloud. Powered by a single agent, crowdsourced data, expert threat intelligence, and advanced AI, the Falcon Platform simplifies security operations and stops breaches.
Expand your coverage against command and control, web-based, file-based, DNS protocol, and other threats with industries most advanced cloud delivered security services that protect your AWS workloads, VDIs and user traffic with AI/ML-powered VM-Series virtual firewalls from Palo Alto Networks. This listing includes 24x7 Premium Support.
The Netskope security cloud provides unrivaled visibility and real-time data and threat protection when accessing cloud services, websites, and private apps from anywhere, on any device.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.