As the public embraces technology in their everyday lives, they want great digital experiences with the government, too. Local and state agencies are rapidly modernizing, but the transformation arrives with new opportunities for identity theft and fraud. However, with the right approach, agencies can deliver digital services effectively while mitigating risks. Modern identity technology makes it possible. Join our industry speakers for a webin...

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. There are many stages in the attack lifecycle in which we can detect or prevent an (advanced) attacker from getting closer to their final objectives. One thing we always come across however is that the attacker likes to persist in your environment, be it for two days, two months, or two years. It is important fro...

There are many business challenges affecting Network Operations and Security teams. CIOs and CISOs alike are finding it more and more difficult to keep up with the sophistication and increasing frequency of modern-day and zero-day threats, while also building a highly collaborative and effective IT team. As businesses today focus more and more on security, there is a need to think outside the box in order to properly mitigate risks and drive n...

This webcast will provide deeper insight into the threats highlighted during the annual SANS keynote panel discussion at the RSA® Conference 2022. The webcast will include insight from SANS instructors Ed Skoudis, Heather Mahalik, Johannes Ullrich, and Katie Nickels on the dangerous new attacks techniques they see emerging. We will also include actionable advice on the critical skills, processes, and controls needed to protect enterprises...

Without a strong security posture, local and state governments are at risk of costly disasters prompted by user errors, natural disasters and malicious attacks. Keeping data safe when the threats are numerous and coming from all directions creates a burden for agencies as they seek out solutions that cover all their bases. As compute environments grow in complexity, it’s critical for agencies to focus on their resilience strategies. The...

Regardless of the industry you work in, all large companies have at least a few network segments that are highly sensitive to network probes and scans. Most of the time these are due to legacy systems, especially when those legacy systems are embedded devices not running Windows or Linux. This keynote session will explore the most common issues that cause legacy systems to crash/hang and provide a range of recommendations to configure your sc...

This session will walk through a demonstration of Pentera: The Automated Security Validation solution. Organizations over the years have been following a defense in depth model to protect their critical assets. While this strategy makes sense; the tools, processes, and procedures surrounding this initiative have grown significantly. How confident can organizations be that each layer and the enormous effort undertaken is working effectively? D...

The “cat-and-mouse” game between Attackers and Defenders is as old as the LoveLetter virus. While script-kiddies have matured to become cybercriminals, hacktivists, and state-sponsored adversaries, sometimes it feels like the Defenders are stuck in 1999. We deploy anti-virus solutions, monitor the perimeter, and wait and see. Yes, today’s security technology is “Next Gen,” “2.0,” and “Meta,...

Today’s sophisticated threat environment targets end users by duplicating the relevant content they’re used to interacting with or interested in learning about. With email scams taking advantage of everyday requests and current events, these attacks are no longer obvious examples of malicious activity. Increased visibility into an environment is necessary for local and state governments to efficiently protect their systems. These i...

The cyber risks that threaten America’s state and local governments are changing. Hackers are getting smarter and better organized. Ransomware and malware phishing attempts are growing ever-more sophisticated. Attacks on dams, pipelines and other pieces of critical infrastructure are on the rise. Meanwhile, the changing government environment itself makes it even harder to guard against cyber threats. Telework, remote collaboration, digi...