Why has PowerShell become so popular for ransomware, hacking tools, cloud computing, and security automation? Isn't PowerShell just another command shell? No! Attend this talk by SANS Faculty Fellow Jason Fossen to see what PowerShell really is, how it's being used (and abused) today, and future trends. If you're unfamiliar with PowerShell or you're taking a SANS course with PowerShell labs, like SEC401 or SEC504, then this presentation is esp...

Organizations continue to manage cloud migrations, the challenges of remote working and encrypted communications, the increased data connectivity to external vendors and an expanding range of connected devices, the complexity of the network increases. These changes may enable new business opportunities, but they may also complicate operational support, split existing teams, and ultimately impact security. This survey aims to understand the cur...

With continual increase of adoption of public cloud workloads, and the expansion of services therein, security and developer teams have a hard time keeping up with best practices of configurations. While the cloud service providers and commercial partners have helped bridge the gap with Cloud Security Posture Management (CSPM) teams are still left in the dark with not-often-used or newly launched services. Adopting Open Source Security tools c...

As organizations move their resources to the cloud, attackers are increasingly looking for ways to abuse Active Directory Federation Services (AD FS) in hybrid cloud environments to accomplish their objectives. Learn from world-class defenders who responded to the NOBELIUM nation-state attack that abused AD FS. In this session we’ll cover: How defenders can analyze an AD FS attack once compromise is suspected Walk through a demo of commo...

Multicloud is inevitable. In fact, it’s likely you’re already using different clouds like AWS, Google Cloud, and Azure for various functions. But, how do you address risk and ensure proper security practices across all of your cloud accounts and deployments? In this session, we’ll look at best practices for secure DevOps across multiple clouds. We’ll take a comprehensive look at your lifecycle from authentication and in...

In addition to highlighting trends in vulnerability management, this year's survey digs a little deeper into how cloud and the expanding remote workforce affected the ways in which organizations handle reporting and remediation. On this webcast, sponsor representatives will join the survey author for an analysis of the survey, and share their thoughts on emerging vulnerability management trends. Click the Get Registered button to sign up for t...

To be effective, data protection has to be everywhere, from the server to the endpoint, at the office and at home, throughout the cloud and across the web. A company's system must be able to detect data leakage from any path, quickly apply real-time data protection policies, automate incident workflows, and alert the IT team as needed for further investigation. Having an effective understanding of how and where a company's data is stored is es...

Defending against attacks is an ongoing challenge with new threats emerging all the time. Do you want to enhance your current skill set and become even better at defending your organization? Are you looking for the latest ways to mitigate the most recent attacks? The blue team represents information security professionals on the front line of defending anorganization’s critical assets and systems against attacks and threats from adversar...

*To attend this webcast, login to your SANS Account or create your Account on the SANS website. The adoption of cloud native technologies such as containers, microservices, and immutable infrastructure requires declarative, automated security controls. To keep up with the pace of development, we need to detect and prevent platform vulnerabilities early in the development lifecycle before they can be introduced into the runtime environment. In...

As organizations shift to the cloud, teams grapple with legacy security tools incapable of ingesting and combining data from hybrid environments for analysis. The result? Threat visibility gaps and lower SOC performance. Join this Devo lunch and learn session as we discuss: Ensuring analysts have visibility into the entire attack surface Keeping detections relevant during cloud shift and how access to all data sources provides relevant context...