Sans Sec 549 2021 ((free)) π―
This philosophy formed the core of the course.
The course highlights the importance of centralizing logs from various sources to detect threats.
If you want, I can:
If you manage or secure cloud environments, these scenarios are your daily reality. In 2021, the cloud landscape was shifting faster than everβmoving from simple Infrastructure-as-a-Service (IaaS) lifting and shifting to true cloud-native architectures involving containers, Kubernetes, and serverless functions.
: Building a scalable identity perimeter by centralizing workforce identity and implementing federation (e.g., from Microsoft Entra ID to AWS/GCP) to prevent identity sprawl. sans sec 549 2021
: Includes aggregating cloud logs from multiple platforms into centralized SIEMs like Microsoft Sentinel for cross-platform threat detection. Key Takeaways for Architects
For example, one lab focused on designing a secure data access architecture for Delos, integrating AWS-hosted applications with Google BigQuery while enforcing strict least-privilege access controls at the table and row level. These hands-on exercises are not about infrastructure-as-code scripting but about making the right that prevent costly anti-patterns. This philosophy formed the core of the course
This day was the heart of the course. The instructors argued: βIf you manage your cloud via a console, you are doing it wrong; if you do it via code, you need to secure that code.β
Instructor Eric Johnson receives high praise from students. Reviews describe him as "clearly experienced in the subject matter with a long history of work in the subject area, with plenty of real-world examples". Another student called him the "best instructor I've ever had, in anything". In 2021, the cloud landscape was shifting faster
: Directly aligns with the GIAC Cloud Security Architecture and Design (GCAD) certification exam. SEC549: Cloud Security Architecture - SANS Institute
However, the for Kubernetes have shifted (e.g., from PodSecurityPolicies to Pod Security Admission), and the threat landscape has grown to include AI-generated code risks. Therefore, consider the 2021 course as a masterclass in fundamentals before moving to the 2024 or 2025 update (now often merged into newer offerings like SEC 540 or SEC 510).
