The idea of DevOps, the term the industry had initially decided on for the work between the Application and Operations teams, was coined 15 years ago. To give perspective, the iPhone 3GS came out that year. If we think of what we had to work with in 2009, we now know in hindsight that we have better options, solutions, software, and patterns. We have an iPhone 15; we no longer have BlackBerry OS or Nokia. Windows 8.1? I hope not. Here are a fe...

Is it really over when you are hacked? Or is it only over when our adversary has secured their impact and actions on objective? Perimeters are bound to be broken, but our game-over" scenarios should still be defended. We need to not only protect our inside, but carefully define what exactly are we defending? What has the highest impact on our organization, and from there on carefully architect our defenses to ensure we can always survive, even...

Join us for the inaugural year of SANS Emerging Technologies Track! Are you interested in learning more about new cutting-edge technology in the cybersecurity industry? This is the place for you! Learn from the best and brightest in the industry as selected organizations review their latest tools and solutions that will better equip you for your battle with the bad guys and assist you as your team works hard to keep networks safe from intrusio...

Join this webcast to explore SANS and GIAC's latest industry-leading training and certifications to help cyber-practitioners, and the organizations they protect, keep pace with dynamic market conditions. Cut through the noise with this comprehensive showcase and discover the skills you and your teams will need to navigate the evolving landscape of cybersecurity. First, Rich Greene ventures into our fresh new training courses, covering topics f...

Public Cloud Environments can make things, well, rather public. While there are ways to prevent this, and the cloud providers have made strides, retroactive changes are not a thing. As such, we still find very poorly configured environments today. Join us for this first of eight workshops in the Aviata Solo Flight Challenge Workshop series. We will show you how to look at a target organization's misconfigured public items. This lab will begin...

Achilles Systems, a fictitious IT service provider to human resources teams in medium and large businesses, has fallen victim to an attack in which sensitive customer data and, potentially, customer networks, have been compromised. Achilles has a small security team who has historically focused on basic controls and compliance. However, it seems clear this attack was the work of a sophisticated adversary capable of circumventing the controls i...

The cloud has changed infrastructure for all organizations and Federal agencies are no exception. However, it’s not as easy as simply “flipping the switch” because there are a myriad of regulatory requirements and considerations to navigate, and it requires careful planning and implementation. Join us on March 26, 2024, at 10:30 ET where SANS analyst Matt Bromiley and Cisco’s Technical Marketing Engineer, Christian Clau...

The modern threat landscape is a maze of complexity and adversaries that want to impact your organization. The time of “good enough” security is over. We’ve got to look elsewhere in our environments, integrating as many sources of telemetry as possible into your security program. We’re calling for a paradigm shift, combining observability and security data to gain and operate on a holistic view of your environment. Join...

Cyberattacks are evolving, and your defenses need to, too. Join SEC401 author Bryan Simon, GSE, for this webcast unveiling the game-changing 2024 update to SEC401 Security Essentials: Network, Endpoint, and Cloud. Get hands-on with next-generation labs: 20 brand-new exercises based on real-world security breaches Master essentials skills to combat cloud server compromise, data leakage, phishing attacks, and rushed development See the scenarios...

We know that the threat landscape is ever-changing and that organizations are constantly looking for technologies and tools to help guide and augment their security efforts. In this survey, we look at spending habits, priorities, and decision-making processes when it comes to security technology. What drives organizations to spend the way they do? Is it risk factors, compliance needs, or looking to defend against the latest threats? Furthermor...