Continuing the Cloud Security Flight Simulator series, join SEC540 Cloud Security & DevSecOps Automation author Ben Allen for a webcast on Kubernetes admission control. Kubernetes admission controllers play a critical role in enhancing the security of a Kubernetes cluster. They act as gatekeepers, intercepting requests to the Kubernetes API server before requests are processed and stored by the cluster. Learn how admission control policies...

Many cloud-focused tools and third-party vendors require access to your organization’s cloud account. Sure, you could open up the flood gates and allow full, administrative access, but do those vendors and tools need that level of access? Most likely, no. In an age of increased supply chain and upstream vendor compromises, we must ensure that we are limiting any and all external access to what is truly needed and nothing more. In this wo...

Practice your skills in an engaging, team-based environment to improve your cyber security executive decision making proficiency. Cyber42 is a realistic leadership simulation with applicable and discussion-based outcomes. Leave with a confidence boast in a key skill senior leaders seek from their CISOs: nimble decision making. With enterprises in need of protecting against an endless and increasing onslaught of information security threats, te...

In this series, Dean Parsons will review observed ICS attacks in the Oil & Gas, Electric and Water sectors and map them to the MITRE ATT&CK ICS framework. Throughout this series, Dean will review the most common attacker tactics and techniques used across commonly targeted critical infrastructure sectors. In this final part of the series, Dean will specifically speak to the Water sector. This webcast will dive into Initial Access, Atta...

Industrial control system (ICS) security represents one of the more challenging areas for security professionals. The typical ICS is complex and interconnected. It’s often a legacy system that wasn’t designed with security in mind and, because it’s different from traditional IT assets, it has very different security requirements. And no surprise—such systems are increasingly targeted by sophisticated cyberattackers, inc...

Before you can help DevOps teams solve security problems and improve their security programs, you need to understand how they think, how they work, and the tools that they use. Join SEC540: Cloud Security & DevSecOps Automation authors and instructors Ben Allen, Eric Johnson, and Jon Zeolla to start the new year for a 4 Part Cloud Security Flight Simulator series. In Part 1, join SEC540 lead author and instructor Eric Johnson for a discuss...

Just how effective or mature is your security program? Given the multitude of assessment, rating, and cybersecurity frameworks, it can be challenging to determine security operations readiness and resilience through a single measurement or framework. Is effectiveness based on defending against an attack or the ability to mitigate attacks in the first place? Should compliance drive our security strategy, or should our security strategy enable c...

Hands-On Cyber Security Training Taught by World-Renowned Practitioners Attend in Washington, DC or Live Online   At SANS Cyber Defense Initiative 2023, choose from 48 interactive courses with hands-on labs. Practice your skills and compete against your peers during NetWars Tournaments, and network with your instructor and industry colleagues in real-time. Each course includes electronic and printed books, and several courses align with...

This talk will give an introduction to ICS/OT followed by an in depth discussion on the changes that are taking place in the industrial world such as digital transformation as a precursor to an in-depth discussion on the threats. The talk will cover new adversary groups targeting industrial networks, the trends to watch, and make recommendations with a walkthrough of the SANS ICS five critical controls. This talk is accessible to everyone of a...

SIEMS are generally complex, slow, expensive, and underperform to expectations. In this webinar, Anomali’s Chief Adoption Officer Ali Haidar will explain the challenges the modern SOC faces and a creative way to immediately correlate threats to your internal environment without compromising speed or cost.Key takeaways: Learn how to search through petabytes of data going back up to 15 years in seconds Learn how to accelerate your analysts...