Remote work has upended security. Sadly, in reaction, security vendors have developed two substandard solutions: VPN and ZTNA. VPN server ports must be open to the internet and anyone on the internet can try to hack it. ZTNA suffers degraded performance while obfuscating identity creating a huge security blindspot. In this webinar, learn about Zero Networks’ ZNConnect which combines the best aspects of VPN and ZTNA while eliminating thei...

Let’s go back, way back to 2013 when AV was AV, whitelisting was whitelisting, and EDR ads were taking over airport terminals. Ah, the good old days. News Flash! Dr. Emmett Brown just showed up and he’s got urgent news from the future. No matter how good your incident response capabilities are, they cannot stand on their own (sort of like Biff, who was nothing without his buddies). To be effective, incident response (IR) must be pa...

In this workshop, SANS certified instructor Jean-François Maes will walk you through some of the most used NTLM relay attack paths pentesters use to compromise the domain. We will take a look at: What is NTLM auth? Using broadcast traffic for fun and profit Active Directory Certificate Services abuse ShadowCredentials And more! BEFORE THE WORKSHOP: This workshop requires a large local LAB that must be downloaded prior to the workshop. D...

Threat actors continue to make government agencies – at the federal, state and local levels – one of their most important targets. A series of Presidential Executive Orders and DHS CISA Binding Operational Directives have been issued in response, often with specific cybersecurity control and technology requirements. Government agencies need to address both these pressures, and do it with limited resources, prioritizing their action...

Staying current in DFIR is more than just doing the job daily. It takes work. Those who put forward an effort to research, train and share seem to carve a special place for themselves in this community. Do you have what it takes? Do you want to do more in forensics and with your education? This talk will walk you through lessons learned and methods to get the most out of DFIR and enhance your daily work.

Some fast facts from Gartner: By 2025, 45% of organizations will have experienced attacks on their software supply chains, tripling the numbers from 2021. Half of existing supply-chain attacks are attributed to APTs or well-known attackers. Digital transformation enables enterprises of all sizes to provide value to their customers in a fast and consistent manner. One crucial consideration of that transformation is the automation and security o...

In this webinar we will cover the importance of malware protection in ensuring network security for all organizations, from large enterprises to smaller companies. Key topics: The costs of not defending against malware - “being lucky is not enough” How to deploy malware protection across your organization How malware protection keeps your users/resources safe from online threats Join us for a fascinating discussion on how implement...

More visibility. Most (if not, every?) cybersecurity professional will tell you they need more visibility into the threat landscape, but also their own security posture. Join SANS Analyst, Jake Williams and Chas Clawson, CTO for security with Sumo Logic, as they talk about the importance of correlating security alerts across your entire cloud and on-prem environment, and enriching with threat intelligence and other feeds for context and improv...

Sophisticated threat actors are turning to Software Supply Chain attacks to evade today’s defenses. Tactics include inserting malicious code into open-source repositories like npm and PyPi, developing attacks leveraging new software vulnerabilities, and infiltrating vendor development environments to insert malicious packages into their software solutions. In the last year, ReversingLabs observed a 289% increase in threats involving open...

For years many practitioners in the ICS security community realized that guidelines and best practices around secure PLC programming practices were lacking. To address this problem, ICS security professionals in the community pulled together to develop the Top 20 PLC controls. Beyond these controls, however, it is essential to define abnormality detections to display the information on the HMI clients. This allows operations staff to respond t...