Security professionals are starting to rethink their approach to access control and monitoring for user activity. Today, many traditional static network segmentation and access controls are not capable of keeping pace with remote workers and cloud access scenarios. Zero trust is a model where data and application behavior are the central focus points of all isolation and segmentation tactics, and all users and assets in an IT operating enviro...

Regardless of the growing investment in cybersecurity, damage from cyber attacks continues to rise at an unprecedented rate, reaching over $10T by 2025. If existing solutions are supposedly working, then why are ransomware breaches happening and inflicting so much financial devastation, brand erosion and loss of business? The problem is that today’s solutions fail to counter threat actors’ advanced attacks. Antivirus and endpoint...

Every network has a security vulnerability. Vulnerabilities obviously lead to threats. Do you know where your vulnerabilities and any hidden threats are located? With major security breaches happening every year to businesses and government agencies of every type, don't you want to find (and fix) your network BEFORE a hacker finds and exploits the weakness? In this webinar, we explain what you need to do to actually protect yourself from vulne...

Threat hunting in ICS environments must consider safety. IT and ICS systems have different missions, objectives, impacts during an incident, and different assets like embedded operating systems, and engineering devices speaking non-traditional industrial protocols. Adversaries targeting ICS must use different attack tactics and techniques for access, execution, collection, and persistence, etc., to degrade safety, manipulate control, damage ph...

Threat Intelligence can be defined as the ‘Art of Taking the Adversary by Surprise’. Yes, anticipating and mitigating surprises in the form of cyberattacks is the primary mission of a practical threat intelligence program. Achieving that goal requires a proactive approach, one that provides answers to critical questions like: What threat actors are most likely to cause an impact in my organization? What are their motivation, goals,...

Security operations are the epicenter of the cybersecurity industry. SecOps is where the metaphorical rubber meets the road for organizations defending their enterprises. Security Governance Risk & Compliance (SGRC), Security Application Development, Security Engineering, and all respective cybersecurity functions overlap to enable Security Operations Centers to respond to the threat. These teams hold the line, 24/7 through nights, weekend...

Effective security requires a holistic and streamlined approach to endpoint detection and response across the entire organization. For complex enterprises with various types of assets, extended detection and response (XDR) provides comprehensive security while also delivering integrated endpoint protection. XDR unites and correlates visibility across assets, uncovers vulnerabilities, and detects threats with cross-data analytics. It takes inci...

For many years, organizations have relied on the MITRE ATT&CK™ framework as a valuable resource to catalog adversary tactics and techniques. The information security community has leveraged ATT&CK to help guide investigations, write robust detections, and enrich threat intelligence. In June 2021, a cooperation between the National Security Agency (NSA) and MITRE released D3FEND, a complementary framework that provides insight int...

Small-to-medium businesses (SMBs) often operate with limited security budgets. Consequently, they need to take advantage of any built-in security features of programs they already use to maximize their protections. In this webcast, SANS Senior Instructor Jake Williams and a representative from Microsoft look at the core security features in the operating systems of Windows 11 and their potential benefit to SMBs. They will explore: how the plat...

Let's take a moment to break down a few things at a basic level: What is the cloud? How does it work? How do you begin to secure it? This webcast is for you if: You are just starting out in cloud More of your duties are shifting to the cloud You simply want to have a better understanding of what the cloud is and how cloud security works