Learn to combat the world’s latest cyber threats with up-to-the-minute training from real-world practitioners! Make new connections at one of the largest gatherings of professionals in the cyber community this year. Join us in Austin, TX, or Live Online for SANS Austin Fall 2023 (November 27 – December 2). SANS Austin Fall 2023 features: In-Person or Live Online training Tactical cyber security training taught by experts who...

It seems that every day cyber attackers come up with a new technique or tactic to breach victim organizations. It can seem daunting for security teams to keep up with the constant barrage of the latest threats and capabilities. Despite the best-laid plans, adversaries can still find a way in if security teams don’t prioritize their investments against the tech that protects against the threats targeting them. In this First Look, we look...

There are two cybersecurity truisms: You can’t prevent attacks you can’t detect; and attacks you can’t prevent turn into incidents you need to detect before you can respond to them. It takes skilled people, and effective, efficient tools to make sure you can create, validate, and maintain detection signatures that will provide full coverage of real-world attacks while minimizing false positives and false negatives. This SANS...

The evolution of cloud technologies has ushered in a new era of opportunities, but with it comes a unique set of challenges, particularly in the realms of configuration and network security. This talk will shed light on the modern practices and strategies essential for safeguarding cloud environments against configuration missteps and network vulnerabilities. We'll dissect real-world scenarios where configuration errors led to breaches and del...

Identities are the foundational cornerstone of many environments. Identity is typically the front door for web, infrastructure portals, and VPN services. Most organizations should implement additional countermeasures to prevent attackers from breaking into an organization. The perimeter of many environments is de-facto users’ identities. How you protect those identities is critical. Understanding how to attack identities is crucial for t...

This year’s Vulnerability Management Survey webcast event will look at how focus has improved or changed within organizations as they build out and mature more holistic vulnerability management programs. By looking at the maturity data from the last two years, we will get a better understanding of where companies are focusing and where they are struggling. These insights will help shed light on what respondents believe are the best paths...

As more organizations shift application access to the cloud, which minimizes the need for the data center to act as a hub for access and controls, they are realizing the benefits of cloud-brokering solutions that offer strong security capabilities. Nowhere is this more true than application protection, ranging from traditional WAF controls to API protection, bot detection and prevention, and more. In this webcast, Senior SANS Instructor Dave S...

Just how effective or mature is your security program? Given the multitude of assessment, rating, and cybersecurity frameworks, it can be challenging to determine security operations readiness and resilience through a single measurement or framework. Is effectiveness based on defending against an attack or the ability to mitigate attacks in the first place? Should compliance drive our security strategy, or should our security strategy enable c...

In July 2023, SANS partnered with Carahsoft for the 2023 Government Security Solutions Forum, where cybersecurity preparedness went back to basics. In this webcast, SANS Certified Instructor Matt Bromiley will review the top trends that emerged during the forum. Matt also uncovers how organizations can prepare for the National Cybersecurity Strategy Implementation Plan, or NCSIP, released by the White House in March 2023. His focus on preparat...

As we head into the last quarter of 2023, three major mandate changes are occurring, each positioned to make a large impact on how businesses, governmental bodies, and critical sector organizations operate. The goal of the SANS Cyber Compliance Countdown is to focus on what you need to know in these complicated and broad requirements and to offer solutions on how to meet these directives. Below is a quick overview of the changes and this forum...