Undergraduate Cyber Security Certificate Program

Undergraduate Cyber Security Certificate Program

Undergraduate Certificate
in Applied Cybersecurity (ACS)

Prepare to launch a cybersecurity career.

Gain the knowledge, tools, and techniques you need to launch a cyber security career — in an undergraduate certificate program designed and taught by some of the industry's top experts. You'll investigate issues that affect complex and interconnected IT systems, learn to combat common threats to valuable data, and emerge with hands-on skills employers are seeking. Cybersecurity is all we teach — and nobody does it better.

A 100% online option is available.

Applications are accepted monthly. Learn more.

Join Us for a Free Online Info Session
Thursday, October 7, 6:00 pm (ET)
Register here.

Numbers at a Glance


93% of job seekers who completed this curriculum gained employment in cybersecurity within six months of graduation.


The average starting salary of students who complete this curriculum is $91K.


More than 500,000 job openings in cybersecurity are unfilled. (Source: cyberseek.org)


56% of job seekers found employment in cybersecurity before completing their undergraduate program at SANS.edu.


As you complete the program, you'll earn 4 industry-recognized GIAC certifications that validate hands-on skills employers are seeking.


Every member of the SANS.edu faculty is a highly skilled professional currently working in cybersecurity.

Curriculum | 12 credits

Click on each course title for a full description.

Core Courses | 9 credits
ACS 3275 Security Foundations   |   SEC 275, GFACT

Content: SANS SEC 275 Foundations
Assessment: GIAC GFACT Exam
3 Credit Hours

ACS 3275 Security Foundations is the best course available to learn core knowledge and develop practical skills in computers, technology, and security foundations that are needed to kickstart a career in cybersecurity. The course features a comprehensive variety of innovative, hands-on labs, and practical exercises that go far beyond what is offered in any other foundational course in cybersecurity. These labs are developed by leading subject-matter experts, drawing on the latest technology, techniques, and concepts in cybersecurity.

The course provides a level of sufficient theoretical understanding and applied practical skills that will enable you to speak the same language as industry professionals. You’ll develop fundamental skills and knowledge in key IT subject areas such as:

  • Computer Components & Concepts
  • Operating Systems, Containers, & Virtualization
  • Linux
  • Networking Fundamentals
  • The Web: Search Engine & Servers
  • Practical Programming – Python and C
  • Windows Foundations
  • Advanced Computer Hardware (e.g., CPU & Memory)
  • Encryption
  • Introduction to Basic Security Concepts
  • Introduction to Forensics
  • Introduction to Reconnaissance, Exploitation, and Privilege Escalation
  • Introduction to Network & Computer Infiltration (e.g., Lateral Movement)
ACS 3401 Security Essentials   |   SEC 401, GSEC

Content: SANS SEC 401 Security Essentials: Network, Endpoint, and Cloud
Assessment: GIAC GSEC Exam
3 Credit Hours

ACS 3401 is a technically-oriented survey course in which you'll learn the most effective steps to prevent cyber attacks and detect adversaries. In classes and hands-on labs, you'll learn to develop effective security metrics that provide a focused playbook that IT can implement, auditors can validate, and executives can understand. You'll explore methods to analyze and assess the risk to your environment in order to drive the creation of a security roadmap that focuses on the right areas of security. And you'll learn practical tips and tricks to focus in on high-priority security problems and on the actions required to protect and secure an organization's critical information assets and business systems.

ACS 3504 Security Incident Handling & Hacker Exploits   |   SEC 504, GCIH

Content: SANS SEC 504 Hacker Techniques, Exploits & Incident Handling
Assessment: GIAC GCIH Exam
3 Credit Hours

By adopting the viewpoint of a hacker, ACS 3504 provides an in-depth investigation of the critical activity of incident handling. You'll be taught how to manage intrusions by first looking at the techniques used by attackers to exploit a system. You'll learn responses to those techniques, which can be adopted within the framework of the incident handling process to handle attacks in an organized way. The faculty instruction, lab exercises, and exam are coordinated to develop and test your ability to use the core capabilities required for incident handling.

Elective Courses | 3 credits (choose one)
ACS 4410 Security Essentials for Industrial Control Systems   |   ICS 410, GICSP

Content: ICS 410 ICS/SCADA Security Essentials
Assessment: GIAC GICSP Exam
3 Credit Hours

ACS 4410 is an introductory study of how information technologies and operational technologies have converged in the systems and networks used in industrial processes. This convergence has led to a greater need than ever for a common understanding between the various groups who support or rely on these systems. In this course, students from different professional backgrounds develop and reinforce a common language and understanding of Industrial Control System (ICS) cybersecurity as well as the important considerations that come with cyber-to-physical operations within these environments. In classes and hands-on labs, you will gain a foundational set of standardized skills and knowledge needed by industrial cybersecurity professionals across a wide range of industry sectors and applications.

ACS 4450 Blue Team Fundamentals: Security Operations and Analysis   |   SEC 450, GSOC

Content: SEC 450 Blue Team Fundamentals: Security Operations and Analysis
Assessment: GIAC GSOC Exam
3 Credit Hours

ACS 4450 provides students with technical knowledge and key concepts essential for security operation center (SOC) analysts and new cyber defense team members. By providing a detailed explanation of the mission and mindset of a modern cyber defense operation, this course will jumpstart and empower those on their way to becoming the next generation of blue team members.

ACS 4488 Cloud Security Essentials    |   SEC 488, GCLD

Content: SEC 488 Cloud Security Essentials
Assessment: GIAC GCLD Exam
3 Credit Hours

ACS 4488 covers Amazon Web Services, Azure, Google Cloud, and other cloud service providers (CSPs). Like foreign languages, cloud environments have similarities and differences, and this course will introduce you to the language of cloud security. Upon completion of this course, you will be able to advise and speak about a wide range of cybersecurity topics and successfully navigate the challenges and opportunities presented by cloud service providers.

ACS 4501 Advanced Security Essentials   |   SEC 501, GCED

Content: SEC 501 Advanced Security Essentials - Enterprise Defender
Assessment: GIAC GCED Exam
3 Credit Hours

ACS 4501 reinforces the theme that prevention is ideal, but detection is a must. You will learn how to ensure that the organizations you work for constantly improve their security posture to prevent as many attacks as possible. A key focus is on data protection, securing critical information whether it resides on a server, in robust network architectures, or on a portable device.

Despite an organization's best effort at preventing attacks and protecting its critical data, some attacks will still be successful. Therefore, you will also learn how to detect attacks in a timely fashion through an in-depth understanding of the traffic that flows on networks, scanning for indications of an attack. The course also includes instruction on performing penetration testing, vulnerability analysis, and forensics.

ACS 4503 Intrusion Detection In-Depth   |   SEC 503, GCIA

Content: SEC503: Intrusion Detection In-Depth
Assessment: GIAC GCIA Exam
3 Credit Hours

ACS 4503 delivers the technical knowledge, insight, and hands-on training you need to defend your network with confidence. You will learn about the underlying theory of TCP/IP and the most used application protocols, such as DNS and HTTP, so that you can intelligently examine network traffic for signs of an intrusion. You will get plenty of practice learning to master different open source tools like tcpdump, Wireshark, Snort, Bro, tshark, and SiLK. Daily hands-on exercises suitable for all experience levels reinforce the course book material so that you can put your knowledge into action.

ACS 4508 Advanced Digital Forensics & Incident Response   |   FOR 508, GCFA

Content: FOR 508 Advanced Digital Forensics, Incident Response, and Threat Hunting
Assessment: GIAC GCFA Exam
3 Credit Hours

ACS 4508 teaches the skills needed by forensic analysts and incident responders to identify and counter a wide range of threats within an organization's networks, including economic espionage, hacktivism, and financial crime syndicates. The course shows you how to work as a digital forensic analyst and incident response team member to identify, contain, and remediate sophisticated threats, including nation-state sponsored Advanced Persistent Threats and financial crime syndicates. In a hands-on lab, you'll work on a project based on a real-world targeted attack on an enterprise network in order to learn how to identify what data might be stolen and by whom, how to contain a threat, and how to manage and counter an attack.

ACS 4510 Public Cloud Security: AWS, Azure, and GCP   |   SEC 510, GPCS

Content: SEC 510 Public Cloud Security: AWS, Azure, and GCP
Assessment: GIAC GPCS Exam
3 Credit Hours

This course provides cloud security practitioners, analysts, and researchers with an in-depth understanding of the inner workings of the most popular public cloud providers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). Students will learn industry-renowned standards and methodologies, such as the MITRE ATT&CK Cloud Matrix and CIS Cloud Benchmarks, then apply that knowledge in hands-on exercises to assess a modern web application that leverages the cloud native offerings of each provider. Through this process students will learn the philosophies that undergird each provider and how these have influenced their services.

ACS 4542 Web App Penetration Testing & Ethical Hacking   |   SEC 542, GWAPT

Content: SEC 542 Web App Penetration Testing and Ethical Hacking
Assessment: GIAC GWAPT Exam
3 Credit Hours

ACS 4542 is a highly technical information security course in offensive strategies where you'll learn the art of exploiting Web applications so you can find flaws in enterprise Web apps before they are otherwise discovered and exploited. Through detailed, hands-on exercises you'll learn the four-step process for Web application penetration testing. You will inject the programming language SQL into back-end databases, learning how attackers steal sensitive data. You will then use cross-site scripting attacks to dominate a target infrastructure in a unique hands-on laboratory environment. Finally, you'll learn in-depth about various other Web app vulnerabilities and explore tried-and-true techniques for finding them using a structured testing regimen.

ACS 4560 Network Penetration Testing & Ethical Hacking | SEC 560, GPEN

Content: SEC560: Network Penetration Testing and Ethical Hacking
Assessment: GIAC GPEN Exam
3 Credit Hours

Every organization needs skilled information security personnel who can probe for vulnerabilities that attackers might exploit in networks, web-based applications, and computer systems, and mitigate them. ACS 4560 is specially designed to get you ready for that role. The course starts with proper planning, scoping and recon, then dives deep into scanning, target exploitation, password attacks, and web app manipulation, with over 30 detailed hands-on labs. After building your skills, you'll conduct an end-to-end pen test, applying knowledge, tools, and principles from throughout the course as you discover and exploit vulnerabilities in a realistic sample target organization.

New to the field? No problem.

This undergraduate cybersecurity certificate program is designed for people who want to join the cyber workforce — whether you're about to finish your associate degree, you're in a 4-year college program or a theory-based master's degree program, or you're a mid-career professional who wants to transition into cybersecurity.

You don't need prior cybersecurity experience, but you must have completed at least two years of college.

  • "I was having a hard time getting a job in information security due to my lack of hands-on experience. SANS gave me extraordinary training and the opportunity to rise to the top of the resume pile."

    AJ Langlois
    Cyber Analyst II, BB&T

  • "The instructors, materials and labs all worked together to provide a comprehensive study of where cyber technology is today. The GIAC certifications I earned allowed me to reenter the workforce in stride."

    A. Riley
    Technical Support Engineer, Threat Quotient

  • "If you're new to cyber security and looking for a way to break into the field, I highly recommend the SANS Technology Institute's undergraduate certificate program. You'll learn all the fundamentals and get hands-on experience that is so important when it's time to look for a job."

    Yukyung Jung
    Cloud System Engineering Consultant, EPAM Systems, Inc

  • "I've been crazy impressed with the SANS.edu career services folks. After I reworked my resume per their recommendations, I got a hit from a recruiter for a job I hadn't even applied for."

    Preston Fitzgerald

Customize Your Program

CalendarStart when you want to.
We accept applications monthly, so you can start on the schedule that works for you. Learn more.

ClockComplete the certificate at your pace.
Earn your undergraduate cybersecurity certificate in 18 to 24 months while working full-time or pursuing a degree. Or choose an accelerated option to finish in less than a year.

LaptopStudy online or in person.
Take courses that are entirely online or that start with weeklong in-person events held around the country. Or do a mix of both. Learn about our high-quality course delivery options.

Plan Your Course of Study

As a student at one of the top cybersecurity schools, you'll work closely with a student advisor who will help you plan your course of study each step of the way.

Download the Course Catalog for more information including:

  • Academic calendar
  • Tuition and fees
  • Live event schedule
  • Costs associated with attending live events
  • Graduation requirements
Loveona Jones

Success Stories

Loveona Jones completed the SANS.edu Undergraduate Certificate in Applied Cybersecurity during her senior year at a different college.

Learn how this Cyber FastTrack scholarship winner got her start in cybersecurity and won prestigious internships with the U.S. Department of State and a Fortune 500 company.

Read Loveona's story and other SANS.edu profiles here.

Get Expert Support for Your Career

The SANS.edu Career Center offers professional advice and resources to help you each step of the way – whether you are planning to enter the cybersecurity field for the first time, looking to advance your current career, or just want to tune up your professional readiness.

  • Choose Your Path: While you’re enrolled in your second course, ACS 3401, we'll share resources about various career paths within the cybersecurity field, as well as recommendations for building your technical experience and soft skills.
  • Build Your Brand: Once in ACS 3504, we’ll help you develop your personal brand and market awareness with support for writing an effective cybersecurity resume, developing your LinkedIn presence, making the most of job boards, and more.
  • Launch Your Career: As you wrap up your program with your elective course, you'll be able to utilize all of these resources, plus specific information to prepare for and ace job interviews, navigate the hiring process, and transition to a new role.

While we recommend this timeline and progression to successfully prepare for your career, you may access all of these resources as needed. Cybersecurity is the only focus of our Career Center and we draw on SANS’s unmatched professional expertise and vast industry network to connect you to opportunities in the field.

Job Titles Earned

  • SOC Analyst
  • Information Security Analyst
  • Security Consultant
  • Penetration Tester
  • Incident Handler
  • Intrusion Analyst
  • InfoSec Specialist
  • Forensics Examiner
  • Incident Response Team
  • Cyber Threat Intel Associate
  • Security Engineer
  • Cyber Software Engineer
  • Detection & Response Analyst
  • Cyber Risk Consultant
  • Cybersecurity Specialist
  • Security Administrator
  • Vulnerability Management Engineer

Funding Option for High-Potential Students
with Financial Need

The SANS Technology Institute's income share agreement (ISA) was designed to make our undergraduate programs more accessible to U.S. applicants with financial need who demonstrate high potential to succeed.

How It Works

  • If you are offered and accept one of our ISA programs, most or all of your tuition payments will be deferred until after you've completed your program and are employed.
  • Once you land a job and are earning at least $40,000 annually, you'll start making monthly payments of 8% of your income.
  • You will never pay more than the payment cap and if you don't earn the monthly equivalent of at least $40,000 annually, your ISA will be forgiven after 4 years, even if you paid nothing at all.
  • For any month you're not earning income, your ISA payments are deferred. There's no interest.

Interested in Being Considered for the ISA?

  1. Schedule a call with an admissions specialist to discuss this option further.
  2. Apply to the undergraduate program that interests you to be considered for the ISA.

Learn more about the SANS.edu ISA.

Partnership with the University of South Carolina Aiken

The SANS Technology Institute (SANS.edu) is proud to partner with the University of South Carolina Aiken and to welcome selected UofSC Aiken students into our undergraduate certificate program in Applied Cybersecurity.

Through this partnership, students in UofSC Aiken's Bachelor of Science program in Applied Computer Science - Cybersecurity have the option of completing the 12-credit Undergraduate Certificate in Applied Cybersecurity at SANS.edu as part of the UofSC Aiken cybersecurity degree program. Learn more.

How Do You Find the Best Cybersecurity Certificate for You?

The right cybersecurity certificate will prove to employers you have the qualifications and skillset they need right now. You’ll want a curriculum that develops both fundamental technical knowledge and foundational hands-on skills in areas such as incident response, Linux security, Python, encryption, cryptography, cloud security, Windows, firewalls, UNIX, SQL injection, PowerShell, and hacker tools (Nmap, Nessus, Metasploit, and Netcat).

Look for these qualities in a cybersecurity certificate program:

  • Regularly updated curriculum that keeps up with rapid changes in the field
  • Faculty of industry experts with current real-world experience
  • Online study options that fit into your work, school, and personal life
  • Industry-recognized certifications, such as GIAC certifications, earned as you complete the program
  • Assistance from a student advisor from start to finish
  • Accreditation to ensure standard of quality
  • Access to a strong alumni network and career services

The SANS Technology Institute Advantage

Online or In-Person

  • Complete your undergraduate cybersecurity certificate entirely online or take courses that start with weeklong in-person events held across the country and around the world. Learn more about our course delivery options.

Rapid Career Preparation

  • Gain fundamental technical knowledge and skills that serve as the baseline for all professionals in cyber security.

Proof of Job Readiness

Specific Skill Building

  • Choose an elective to begin developing a specialized skillset in topics ranging from incident response and penetration testing to industrial control systems and cyber defense operations.

Pathway to a Master's Degree

  • 75% of the credits earned in the undergraduate cybersecurity certificate program may be applied directly toward the master's degree program if you hold a bachelor's degree and are admitted to the master's program.


We're happy to help.
Email info@sans.edu or call (301) 241-7665.

About the SANS Technology Institute

Founded in 2005, the SANS Technology Institute (SANS.edu) is the independent, regionally-accredited, VA-approved subsidiary of SANS, the world's largest and most trusted provider of cybersecurity training, certification, and research. Offering graduate and undergraduate programs at the cutting edge of cybersecurity, SANS.edu is strengthening the cyber workforce through a career-focused curriculum built on proven SANS courses and industry-recognized GIAC certifications.

The SANS Technology Institute is accredited by The Middle States Commission on Higher Education (3624 Market Street, Philadelphia, PA 19104 - 267.284.5000), an institutional accrediting agency recognized by the U.S. Secretary of Education and the Council for Higher Education Accreditation.