Having access to the right information at the right time can be critical – but constant turnover in government agencies makes it difficult for agencies to safeguard and share critical organizational knowledge. When a person leaves, they might take a wealth of information, experience, and relationships with them. A knowledge management system is one of the best ways to ensure that when team members leave, their invaluable institutional kn...

Our applications and APIs are the gateways to our most sensitive and valuable data. As such, application and API security has become more and more essential to protecting our organizations. On this webcast, SANS certified instructor David Hazar will review the results of our 2024 AppSec/DevSecOps survey, and provide insight into: The best way to provide API security Investment trends in automated testing technologies Which tests are more impor...

In the past year, cyber threats are once again top of mind for organizations of all types. The global geopolitical situation continues to become more unstable, leading to increased conflicts and hybrid threats. As a result, cyber threat intelligence (CTI) professionals face significant challenges in managing the evolving threat landscape and providing actionable intelligence to their stakeholders. On this webcast, SANS Certified Instructor Reb...

This webinar will discuss the many pain points that CTI teams deal with today and how ServiceNow tackled those problems. Traditional approaches often fall short, necessitating robust threat intelligence solutions. We invite you to explore how to enable organizations to workflow the response and remediation of cyber threats through the seamless integration of diverse intelligence sources that provide actionable insights.

In recent years, the cyber threat landscape has evolved significantly, blurring the lines between tactics, techniques, and procedures (TTPs) used by cybercrime and nation-state-sponsored attacks. On this webcast, SANS certified instructors Mat Fuchs and Josh Lemon will explore results of our 2024 Threat Hunting Survey, and reveal how organizations are changing their proactive hunting activities and their use of hunting for unusual patterns, be...

The gap is widening. Your Third-Party Risk Management (TPRM) challenges aren't getting any easier—onboarding still takes too long; you have a backlog of assessment work; and you're not covering as much of your vendor portfolio as you know you should. There are more vendors every day and there is more work to do, yet your TPRM resources have stayed relatively flat. It's impossible to keep up. It doesn't have to be that way. Forward-thinki...

In the final part of the Cloud Security Flight Simulator series, join SEC540 lead author and instructor Eric Johnson to learn how to enable workload identity for AWS Elastic Kubernetes Service (EKS) and Azure Kubernetes Service (AKS). Rather than issuing long-lived credentials to individual pods or inheriting excessive permissions from the node, Kubernetes service accounts can use an internal OpenID Connect (OIDC) provider to obtain a signed i...

This is a 2 hour hands-on workshop. As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. In this workshop, we will work through the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our Azure environments. The overall proce...

Part 3: Continuing the Cloud Security Flight Simulator series, join SEC540 Cloud Security & DevSecOps Automation instructor Jon Zeolla for a webcast on software supply chain security. In a recent Sonatype State of the Supply Chain report, a 750% year-over-year increase in supply chain attacks was observed. In response to the increase in supply chain attacks, an Executive Order led to the development of supply chain security guidance includ...

A 90-minute, interactive, gamified leadership exercise Enhance your proficiency in operational cybersecurity decision-making through immersive team-based simulations with Cyber42. Practice agile decision-making and information synthesis, key skills required for success in leadership roles. Engage in thought-provoking discussions and gain practical insights to improve your cybersecurity competencies. As cyber-attacks become more common and more...