Today, most security professionals are actively architecting and implementing cloud security controls across SaaS, PaaS, and IaaS environments. We’ve learned that what once worked on-premises may not work quite the same in the cloud, and a wide range of new and innovative security platforms and services have emerged and evolved in recent years to address critical cloud security use cases and categories, including: Cloud security monitori...

Is it really over when you are hacked? Or is it only over when our adversary has secured their impact and actions on objective? Perimeters are bound to be broken, but our game-over" scenarios should still be defended. We need to not only protect our inside, but carefully define what exactly are we defending? What has the highest impact on our organization, and from there on carefully architect our defenses to ensure we can always survive, even...

The idea of DevOps, the term the industry had initially decided on for the work between the Application and Operations teams, was coined 15 years ago. To give perspective, the iPhone 3GS came out that year. If we think of what we had to work with in 2009, we now know in hindsight that we have better options, solutions, software, and patterns. We have an iPhone 15; we no longer have BlackBerry OS or Nokia. Windows 8.1? I hope not. Here are a fe...

In its fifth year, SANS Cyber Solutions Fest aims to brings together an ensemble of security professionals, solution providers, gurus and experts ready to share knowledge about the latest developments and innovative technologies in the cybersecurity industry. Join the attack surface & vulnerability management track to hear from chairperson Matt Bromiley and a host of leading cyber security experts as they walk through specific use cases an...

In the field of cybersecurity, we are failing to acknowledge that we have a big problem. Our job titles and job descriptions have the word security in it even though security isn’t our job. I have never met a security professional who claims that their organization will never be breached. Yet, we call ourselves security? When a breach does occur, it reflects poorly on us. Did it mean we did our jobs poorly that day? Let’s have the...

Are you struggling to get both your leadership and workforce to buy into cybersecurity? Do you feel overwhelmed and need to scale the impact of your security team? Learn how to engage and transform your organization into the biggest believers and supporters of cybersecurity by institutionalizing a strong security culture. What is a strong security culture and how it helps you Indicators of a strong security culture Top three drivers of a stron...

In the past year, cyber threats are once again top of mind for organizations of all types. The global geopolitical situation continues to become more unstable, leading to increased conflicts and hybrid threats. As a result, cyber threat intelligence (CTI) professionals face significant challenges in managing the evolving threat landscape and providing actionable intelligence to their stakeholders. On this webcast, SANS Certified Instructor Reb...

As cloud security controls mature, it’s common to find that a wide variety of security controls and configuration capabilities are melding into a single platform or service fabric, in addition to the cloud provider infrastructure. Ranging from CNAPP to CSPM to CWPP and beyond, controls that cover the pipeline, workload security, cloud environment configuration, IaC templates, and runtime (and much more) are starting to evolve into a much...

Adversaries targeting critical infrastructure systems (power grids, water management systems, heavy manufacturing, oil and gas refineries and pipelines, etc.) have demonstrated detail technical knowledge of control system components, industrial protocols, and engineering operations. These skilled and brazen adversaries continue to launch a combination or Ransomware and targeted ICS tailored attacks against the safety and reliability of critica...

Automation plays a vital role in improving capacity, efficiency, and performance in the SOC. Security teams spend far too much time “in the weeds,” unable to focus on solving the problems that matter. Security orchestration, automation, and response (SOAR) tools have the potential to streamline analysis, reduce response times, and improve quality. However, SOC teams often struggle to realize the full potential of this kind of autom...