SANS SEC488 - Cloud Security / GIAC Certification GCLD

I am ecstatic to write that I have passed my first GIAC certification, GIAC Cloud Security Essentials (GCLD). The SANS Institute is known for its training and great courses across various areas, but at a heavy price. A SANS course costs around $8000, with an additional $949 for the GIAC certification. The customers for these courses are mainly organizations who can afford to send people. Individuals can pay for it out of pocket, but the price tag is high. It certainly is for me!

How was I able to take a SANS course?

I was privileged to take the exam and the SANS course SEC488: Cloud Security Essentials. I applied to the SANS Cloud Diversity Academy and was accepted! The process for the academy consisted of an assessment, an application, and a recommendation letter.

The assessment was the first part of the process, where the questions focused on cloud and security. I had an advantage in the cloud area since I interned at AWS and held AWS certifications. The only security knowledge I possessed was from the CompTIA Security+; it helped a bit but was not enough. I could have done better on the security questions, but I managed to do well on the assessment overall. I moved to the application, where I had to fill out a questionnaire and have someone provide a recommendation letter and a video explaining why I wanted to be in the program. Two weeks later, I received an email that I was accepted! A huge thank you to Google for sponsoring the cloud program!

Check out similar academies

To fill the cybersecurity shortage, SANS provides Cyber Academies like this one.

Work-study program

Another way to attend SANS training is through the work study program. You can get a discount on the training through the program. As mentioned, the price is around $8,000, but through the work-study program, it comes down to $2,500.

The learning

I embarked on this cloud security path in May when the cloud academy started, and it has been quite the journey. The course covers cloud security across AWS, Azure, and GCP. Topics covered are data protection, automation, and configuration management, to name a few. The entire syllabus for SEC488 is here.

I enjoyed the course and learned so much. The hands-on labs have real-world practicality. The labs also cover implementing best practices, configuration, cloud-native tools, and third-party tools. My favorite exercises were the multi-cloud environments with multi-cloud penetration testing and forensics.

An area that I found tough was Identity Access and management (IAM) for the cloud providers. Each cloud provider varies when it comes to implementing and configuring IAM. IAM is challenging as it is, but learning three implementations can be a lot. Giving access to users, applications, and systems is very complex. Too many permissions can lead to information disclosure, and too few permissions restrict and break environments.

Exam

The GCLD is a proctored 2-hour and 75-question exam. It is an open-book exam so you can use your coursebooks during the exam. We are not going to remember, and referencing the books is helpful. We will be looking stuff up for work to get the job done. Referencing the books can be time-consuming since the course had 5 books! A recommended practice is to index your books. I used this video from The Cyber Mentor: How to Pass Any SANS/GIAC Certification on Your First Try.

Next steps

I am grateful to be a part of the Cloud Diversity Academy. The course has helped me fill in my security and cloud security knowledge gaps. I will continue to build off of this and learn more about security. I enjoy this field as there is always something to learn. After finishing SANS SEC488, I will take SANS SEC510 - Public Cloud Security: AWS, Azure, and GCP as part of the academy. Here is the syllabus for SEC510. I am eager to continue my cloud security journey.