With great power comes great responsibility. Privileged accounts are a necessary part of everyday IT operations, but managing them to date has been complex and costly with a lot of disruption to the business, so organizations only deploy solutions when they really have to e.g. compliance drivers. Join this webinar to learn: The hidden threats of unmanaged privilege accounts How managing the problem can be done surprisingly quickly Next genera...

Expanding on some of the key findings of the SANS DevSecOps Survey, this webcast will provide example metrics that leadership can use to gauge DevSecOps maturity. Join SANS instructor Kenneth G. Hartman and Veracode’s Product Security Director Ryan O’Boyle as they discuss the role of DevSecOps metrics in determining effective objectives and key results (OKRs) and making data-driven decisions. The webcast will cover how to: Devise...

As organizations actively migrate applications and computing environments to the public cloud, it is important to integrate security throughout the cloud adoption journey. SANS has developed a Cloud Maturity Model to help organizations measure their progress in the cloud security journey. In this talk, we will discuss the content of the Cloud Maturity Model, how it is suitable for organizations like yours, and the best practices on how the mo...

When conducting incident response, EDR and firewall technologies can only show you so much. The breadth of network traffic provides an unrivalled source of evidence and visibility. Open-source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, furthermore the global communities behind these tools can also serve as a force multiplier for security teams, often accelerating...

News Flash: You’re not just responsible for your own organization’s risk anymore. You need to watch out for your friendly, and sometimes not-so-secure, business partners, too. Third-party risk assessment is crucial to the defensibility of your cyber ecosystem, yet the task can be daunting. How do you know whether a third party has been the victim of a security breach? Which ones are most likely to experience a ransomware attack? W...

With rapidly changing computing platforms, a growing threat landscape, and a shift to a remote workforce, managing vulnerabilities is more challenging than ever. We are all looking for answers and we all want to know how our peers are doing in their fight and what we can learn from each other to make our systems, applications, and networks more secure and resilient. This webcast event will examine results from the SANS 2022 Vulnerability Manag...

One of the most prolific attacks over the past few years, that has touched nearly every industry and kept security professionals up at night, is ransomware. Ever-looming as the threat that can bring an organization to a halt, we have seen an explosive growth in ransomware and extortion attacks. Driven by never-ending vulnerabilities and automated attack tools, ransomware shows little signs of slowing down. It is time to change that pace. Join...

The Cyber Solutions Fest will explore best practices of selection, implementation, operations, and staff use of tools in cyber operations. Vendors are encouraged to highlight actual customer deployments as well as share insights from their tool developers and designers. This solutions fest will showcase success, at large scale as well as personal and tailored to solve real world problems. The pace of IT change has become difficult to keep up...

In the 1990s government agencies, industry groups, and cybersecurity researchers started creating cybersecurity standards and these standards led to cybersecurity regulations and laws that dictate to organizations what they must do to protect their data. Today, there are now dozens of standards dictating thousands of cybersecurity controls that organizations can consider when building their cybersecurity plans. Every year more standards are r...

Level Up Your Blue Team SkillsThe blue team represents information security professionals on the front line of defending an organizations critical assets and systems against attacks and threats from adversaries. Defending against attacks is an ongoing challenge with new threats emerging all the time. At the SANS Blue Team Summit, enhance your current skill set and become even better at defending your organization and hear the latest ways to mi...