With more and more companies moving their applications and infrastructure to the cloud, the potential attack surface has expanded dramatically. Attackers know they have a window of opportunity and have become savvier at carrying out advanced cloud and container attacks. Within seconds of entering your cloud environment, they can begin conducting cryptomining, supply chain attacks, and other forms of advanced attacks. Without the ability to det...

Incident response is an important component to any information security program. When defense controls fail, incident responders are responsible for containing and remediating attacks against your organization. Given the importance of the role of incident response in an organization, it is important to understand the challenges these teams face and support them in their efforts. The focus of the event is to illustrate the challenges incident r...

The ICS/OT community has long suffered from a lack of insight into cyber threats, vulnerabilities, and incident response observations. The annual Dragos ICS/OT Cybersecurity Year in Review provides a comprehensive look at the events that shaped the ICS/OT community and the current threat landscape. It also reports on how the community is performing, and surfaces areas of improvement needed to provide safe and reliable operations. Join Dragos C...

Lateral movement allows attackers to damage and steal information from an entire network once they gain access to one (usually the most vulnerable) entry point. Microsegmentation solves this problem by dividing a network into very small regions called microsegments, usually up to a segment per machine. However, if implemented incorrectly, it can be time-consuming, expensive, difficult to manage, and ineffective. Join Nicholas DiCola, VP of Cus...

Have you heard that SANS has a new Advanced Python Automation class? Are you interested in trying out some of the content? Join us for this workshop where Senior SANS Instructor and course author Mark Baggett will deliver the first hour and a half of content. But wait, isn't the first hour and a half always introductions and no real hands on material? Maybe in other classes but not in this one. Come check it out! Prerequisites: This course is...

The Domain Name System (DNS) is essentially the central nervous system of the internet—everyone needs it to work because without DNS services, digital business would come to a halt. Cybercriminals know this, too, and use DNS services to launch their attacks while they simultaneously attack the DNS services of their targets. Therefore, it’s not only important to protect your organization’s DNS service, but also to use the data...

Let’s face it – analysts have far too much data these days. We know how complex the modern enterprise is getting with today’s organizations needing to scale hybrid environments across the globe with a complex remote workforce. Security analysts are charged with protecting these complex environments. However, each new element brings even more data to the security team. In this SANS webcast, we examine MixMode, a platform desig...

Securing a cloud environment can be challenging and time consuming, especially if you don’t know where to start. This Workshop will scrutinize a common cloud service: Virtual Machines and focus on the secure implementation of that service. We’ll discuss Operating Systems (and why it matters from a cloud perspective), as well as security groups, remote access, system, and network hardening as well as how mature organizations handle...

Public cloud is here, and for many organizations in a considerable way. Migration strategies vary between early adopters, nice to haves and forced-upon, due to physical and budgetary constraints. Unless you happen to be in the enviable position where your business is brand new, you have a great security architect and enough capital to implement secure cloud deployments from the get-go, you are in the same boat as many organizations: cloud adop...

An organized, full-coverage risk register can maximize your cybersecurity resources while improving organizational security. Without including third-party risks, however, even the best risk register can fail to stop security incidents. Your risk framework needs to map to internal and external gaps to identify weaknesses and ensure complete coverage. In this webinar, you will learn how to: Create a strong foundation for your cyber and third-par...