As cloud security controls mature, it’s common to find that a wide variety of security controls and configuration capabilities are melding into a single platform or service fabric, in addition to the cloud provider infrastructure. Ranging from CNAPP to CSPM to CWPP and beyond, controls that cover the pipeline, workload security, cloud environment configuration, IaC templates, and runtime (and much more) are starting to evolve into a much...

Adversaries targeting critical infrastructure systems (power grids, water management systems, heavy manufacturing, oil and gas refineries and pipelines, etc.) have demonstrated detail technical knowledge of control system components, industrial protocols, and engineering operations. These skilled and brazen adversaries continue to launch a combination or Ransomware and targeted ICS tailored attacks against the safety and reliability of critica...

AUSA’s Noon Report webinar series features presentations by senior Army leaders responsible for key programs and initiatives, as well as contemporary military authors who weave together the past, present and future story of the United States Army. Please join us on Tuesday, 25 June, at 12:00 PM EDT, to hear a presentation by HON Rachel Jacobson, Assistant Secretary of the United States Army Installations, Energy and Environment. HON Jaco...

Automation plays a vital role in improving capacity, efficiency, and performance in the SOC. Security teams spend far too much time “in the weeds,” unable to focus on solving the problems that matter. Security orchestration, automation, and response (SOAR) tools have the potential to streamline analysis, reduce response times, and improve quality. However, SOC teams often struggle to realize the full potential of this kind of autom...

Security teams today are dealing with endless lists of security issues, but lacking the necessary tools to effectively detect and mitigate the highest risks in their multi-cloud environment. In this session, we will unveil the latest security posture innovations in Microsoft Defender for Cloud, that empower security teams to identify security vulnerabilities spanning from code to cloud, to effectively prioritize the most business-critical risk...

The modern enterprise, characterized by hybrid and mobile workforces supported by a hybrid cloud IT environment, brings many security challenges to the federal government, its agencies, entities, and sites. They face multi-faceted cybersecurity concerns due to the sensitive nature of their data, the critical infrastructure, and regulatory mandates involved. The distributed nature of operations, with numerous contractors and providers, introduc...

In today's dynamic digital landscape, the need for secure and seamless access to corporate resources from any device, anywhere is paramount. Join SANS Senior Instructor Dave Shackleford and HPE’s Darren Tidwell for an insightful webcast where we dive into the modern threats and security challenges that organizations face, and how innovative solutions like SSE from HPE address these challenges head-on. HPE Aruba Networking SSE securely co...

Every organization professes that risk management is at the heart of its cybersecurity program. Threat modeling is at the heart of this proactive approach: a systematic process that helps organizations identify, understand, and mitigate potential threats. However, with technology's ongoing advancement and the rising complexity of digital systems, constructing exhaustive threat models from the ground up can be daunting. In this presentation, Ja...

As the nature of our technology landscape changes more and more frequently, it’s challenging for many security operations teams to keep pace with the current threat surface we have on the internet, as well as the state of vulnerabilities and risks associated with these assets. Many security teams are performing vulnerability and web application scanning in a relatively ad hoc manner, and don’t truly have a continuous view of what e...

In 2024, the SOC Survey continued to explore the detailed aspects of cybersecurity operations centers. The survey collected information on organizations’ capabilities, and what is outsourced. On this webcast, SANS Senior Instructor Chris Crowley examines survey results to understand how SOCs are architectured, favorite and frustrating technologies, staffing, funding, threat intel, and automation. Register for this webcast now, and you wi...