Times are changing as we continue to innovate. We have moved from monolithic applications to microservices, APIs, serverless functions, and cloud services that are continuously changing and thus making them harder to secure.Traditional security solutions of the past have failed us and will not work with the latest technologies. During this solutions track, we will learn and focus on how to protect the next generation of applications. Presentat...

Year after year successful phishing attacks on end users and system administrators are found to be the factor that enables over 80% damaging security incidents. This points out the need for two key security initiatives: replacing reusable passwords with multifactor authentication and making users less likely to fall for fraudulent messages. During this SANS What Works webcast,SANS Director of Emerging Security Trends John Pescatore interviews...

Security practitioners love to hear about cool new technologies, best practices, and things that work. But we often learn much more from failure than from success. With that in mind, this talk will cover my ten favorite “learning moments” from over 21 years of defending enterprise networks. I’ll cover epic fails in my time as a SOC analyst defending Pentagon networks, a project manager building 24/7 operations at the White Ho...

Cloud changes everything, including how we do threat detection and incident response in the SOC. As we continue to transform our attack surfaces – with expanding cloud environments, multi-cloud, public and private cloud, and the proliferation of SaaS -- how do we make sure our security strategies are keeping pace? In this thought-provoking webinar with Anton Chuvakin, sponsored by CardinalOps, we’ll examine critical questions such...

It's easy to feel overwhelmed as part of a security team. Every day, analysts have to stare down the perils hidden at the center of the SOC ' too much noise, too much manual remediation and too many missed threats. It's time to integrate automation and machine learning into every step of your security voyage. Join us for a live, thrill-packed, Journey to the Modern SOC and learn how to: Stop wasting effort on small tasks a smart security platf...

In 2021 I did a SANS Tech Tuesday Workshop on Cloud Attacks and Incident Response. In the past year, we've seen attacks against the cloud grow at an alarming rate, notably against Software as a Service (SaaS) platforms and hybrid application-to-cloud privilege escalation attacks. It's hard to stay current and to keep up with attack trends. In this SANS Workshop, I want to help get you up to speed on attacks against cloud applications including...

Save your SOC team hundreds of hours on daily tasks. What does an ideal day in the SOC look like? It certainly wouldn’t include what you’re facing now with an endless stream of alerts, user requests and ad hoc fire drills. But you’re not alone. According to USNews, security analyst jobs rank in the top 25 most stressful jobs. It’s time to step back from the daily fray to focus on critical threat hunting and proactive pl...

Connect with the crew behind the annual SANS Holiday Hack Challenge for this special webcast to wrap up another year and name the big winners. Plus, get a sneak peek and a few tips for next year’s challenge, already well under development. Chief creator Ed Skoudis will be joined by members of his team to offer an exclusive behind-the-scenes look at the 2022 event, share how the various challenges came together, cover how players performe...

Protecting your executives takes more than a firewall. These targeted cyberattacks are on the rise with 75% of execs experiencing credential exposure, 60% have PII for sale on underground marketplaces and an astonishing 300% increase of executive impersonations between 2020 and 2021. (Reported by ZeroFox Intelligence) Even with the pool of security professionals shrinking, security budgets reaching a plateau, and physical and digital security...

Metadata is a vital part of digital forensics work but is often glanced over for OSINT. In this workshop, we'll discuss why metadata is far more useful than most analysts give it credit for. We'll cover why many people miss metadata and how it could potentially reveal hidden information. We'll even set up some hands-on exercises so you can practice your skills. Prerequisites: None Prior to the workshop: Please install ExifTool before the works...