Conducting forensics and incident response for containers and Kubernetes helps you better understand security breaches, meet compliance requirements and recover quickly. On average, containers live less than 5 minutes, so having a cloud native incident response plan is critical.In this webinar we’ll cover: Detecting threats using security frameworks like MITRE Best practices to streamline your incident response workflow in container and...

There has been much ado about extended detection and response (XDR) and its promise to solve long-standing problems in security. Security teams need an integrated awareness, detection, and response capability that starts with actionable, relevant, prioritized intelligence. Many organizations are considering an XDR implementation but are eager to understand how XDR helps them achieve a higher level of resilience against mounting security threat...

Maintaining trust in a network has become an enormous challenge due to: an increasingly sophisticated cyber threat landscape an expanding digital infrastructure a mushrooming cybersecurity skills gap, and an increased need to secure remote work In addition, the growing remote workforce needs to access both cloud-based and on-premises infrastructures. Zero trust network access needs to include controls and policies for network segmentation, end...

Join members of the SANS Industrial Control Systems (ICS) Team in a new ICS Webcast Series: ICS Cyber Resilience, Active Defense & Safety. Presenters will address the recent increase in attack campaigns and impacts seen across multiple sectors in the ICS space. Topics of discussion will include ransomware impacting critical infrastructure, detecting advanced adversaries inside ICS networks, and a variety of other threats and defenses. This...

Over the past few years, we have seen drastic, but welcome, changes in how organizations manage their own software and code. Organizations are embracing security at the code level, encouraging developers and security teams to work closely together. Giving way to the term “DevSecOps”, developers now integrate automated processes to build and ship code, streamline the development cycle, and ship code more securely. However, cyber adv...

Join members of the SANS Industrial Control Systems (ICS) Team in a new ICS Webcast Series: ICS Cyber Resilience, Active Defense & Safety. Presenters will address the recent increase in attack campaigns and impacts seen across multiple sectors in the ICS space. Topics of discussion will include ransomware impacting critical infrastructure, detecting advanced adversaries inside ICS networks, and a variety of other threats and defenses. This...

Why has PowerShell become so popular for ransomware, hacking tools, cloud computing, and security automation? Isn't PowerShell just another command shell? No! Attend this talk by SANS Faculty Fellow Jason Fossen to see what PowerShell really is, how it's being used (and abused) today, and future trends. If you're unfamiliar with PowerShell or you're taking a SANS course with PowerShell labs, like SEC401 or SEC504, then this presentation is esp...

Cyber42: Industrial Edition will put you through the paces as an industrial control system (ICS) security manager as players adapt to challenges in operational technology (OT) environments. Unlike traditional IT networks, industrial equipment is designed to impact the physical world and require special considerations when deploying security technologies. As threats continue to rise targeting these networks, many of which are vital for critical...

In the past year, businesses have been continually under pressure to increase efficiency and keep costs down. This webcast will discuss the results of the SANS 2021 Threat Hunting Survey, and cover ways organizations can defend against yet-to-be-discovered network threats using NDR The potential output of Threat Hunting strongly depends on three factors - visibility, skills, and Threat Intelligence. Recent survey reported .. 51.3% of responden...

Over the past few years, we have seen drastic, but welcome, changes in how organizations manage their own software and code. Organizations are embracing security at the code level, encouraging developers and security teams to work closely together. Giving way to the term “DevSecOps”, developers now integrate automated processes to build and ship code, streamline the development cycle, and ship code more securely. However, cyber adv...