In this series, Dean Parsons will review observed ICS attacks in the Oil & Gas, Electric and Water sectors and map them to the MITRE ATT&CK ICS framework. Throughout this series, Dean will review the most common attacker tactics and techniques used across commonly targeted critical infrastructure sectors. In this final part of the series, Dean will specifically speak to the Water sector. This webcast will dive into Initial Access, Atta...

Industrial control system (ICS) security represents one of the more challenging areas for security professionals. The typical ICS is complex and interconnected. It’s often a legacy system that wasn’t designed with security in mind and, because it’s different from traditional IT assets, it has very different security requirements. And no surprise—such systems are increasingly targeted by sophisticated cyberattackers, inc...

Before you can help DevOps teams solve security problems and improve their security programs, you need to understand how they think, how they work, and the tools that they use. Join SEC540: Cloud Security & DevSecOps Automation authors and instructors Ben Allen, Eric Johnson, and Jon Zeolla to start the new year for a 4 Part Cloud Security Flight Simulator series. In Part 1, join SEC540 lead author and instructor Eric Johnson for a discuss...

Just how effective or mature is your security program? Given the multitude of assessment, rating, and cybersecurity frameworks, it can be challenging to determine security operations readiness and resilience through a single measurement or framework. Is effectiveness based on defending against an attack or the ability to mitigate attacks in the first place? Should compliance drive our security strategy, or should our security strategy enable c...

This talk will give an introduction to ICS/OT followed by an in depth discussion on the changes that are taking place in the industrial world such as digital transformation as a precursor to an in-depth discussion on the threats. The talk will cover new adversary groups targeting industrial networks, the trends to watch, and make recommendations with a walkthrough of the SANS ICS five critical controls. This talk is accessible to everyone of a...

SIEMS are generally complex, slow, expensive, and underperform to expectations. In this webinar, Anomali’s Chief Adoption Officer Ali Haidar will explain the challenges the modern SOC faces and a creative way to immediately correlate threats to your internal environment without compromising speed or cost.Key takeaways: Learn how to search through petabytes of data going back up to 15 years in seconds Learn how to accelerate your analysts...

ChatGPT, GPT-4, Llama 2, Bard, Minerva, Megatron, Claude, Chinchilla... What exactly are these "Large Language Models" that are in the news? What are they really good for? How do they work? What are the risks when we incorporate these into our business process? This 90 minute presentation and tutorial will explain how these models work, what transformers are, how embeddings work, and how to build a question answering AI... the easy way and the...

“IT heroism” can be defined as relying on “individuals taking upon themselves to make up for a systemic problem.” As those who have seen the inside of a SOC can attest, this is not entirely uncommon in many Security Operations Centers! Join Dr. Anton Chuvakin, Security Advisor at Office of the CISO, Google Cloud, and Jay Lillie, VP of Customer Success at CardinalOps, as they explore the concepts of SOC heroics. The prob...

The Office of the DoD Chief Information Officer recently published two critical initiatives: the 2023-2027 DoD Cyber Workforce Strategy and DoD Manual 8140.03. The strategy establishes the direction for unified management of the cyber workforce and outlines a roadmap for its advancement while DoDM 8140 changes the way that we qualify our workforce. Through the DoD 8140 Cyber Workforce Qualification Program, DoD is expanding the qualification p...

This is a 2-hour hands-on workshop. As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. In this workshop, we will work through the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our AWS environments. The overall process...