In this talk we will take a look at the most recent attack techniques, targets, and trends. This includes understanding what kind of malware and illicit access items are available on the dark web for sale and how it can be the first sign of a breach, social engineering attacks, and the latest on 0-day and n-day vulnerability research. Artificial Intelligence is an aggressively growing area where we can both use the technology as an attack aid...

As a known hub for the direction of geopolitics, sanctions, and trade, the Department of State is an attractive target for advanced nation-state threat actors motivated more by a desire for information than by greed, and as public-facing representatives of the U.S. overseas, diplomat staff and buildings don’t have the benefit of anonymity. Deputy Assistant Secretary Gharun Lacy will share Diplomatic Security's cybersecurity strategies fo...

Any security team can start building and driving a strong security culture now, but you need to start first with strategy. In this short webcast, you’ll learn how to create a practical strategy and roadmap tailored for your organization. Using lessons from the SANS LDR521 course, Lance Spitzner will start with how to decipher your organizational culture and how to use that to create your guiding principles. We then will cover the four ke...

When attackers get their hands on privileged credentials in cloud environments, their first move is rarely the big flashy action we expect. Instead, they're quietly turning off the alarms. Defense impairment has become a go-to tactic for adversaries who want to operate undetected in AWS and Azure environments, and it's working because teams aren't watching for it. This talk will walk through real-world defense impairment techniques across AWS...

Bootstrap’. A term that means starting with existing resources is often associated with startups, but its principles extend far beyond the business world. From tech companies and open-source projects to conferences and charities, countless successful initiatives began through bootstrapping. Notable examples include Tenable, Sourcefire (acquired by Cisco for $2.7 billion), Malwarebytes, and SolarWinds, all of which were bootstrapped. In t...

Large Language Models (LLMs) and Generative AI have inherent limitations, such as outdated knowledge, lack of private data access, and the potential for hallucinations. In this session, we will introduce a strategy for overcoming these challenges: Retrieval-Augmented Generation (RAG). Attendees will see how a GenAI RAG application can provide access to real-time, private data stored in an external knowledge base without needing to fine-tune th...

Many organizations still apply IT-style assumptions to industrial environments, creating blind spots that put safety and operations at risk. In this webcast, SANS Principal Instructor and ICS418 co-author Dean Parsons shares the most common leadership pitfalls he encounters across sectors like energy, manufacturing, pharmaceuticals, transportation, logistics, and food & beverage, and how to avoid them. Dean will show how to anchor governan...

Starting a consulting career isn’t difficult. Many people do it successfully in the short term. What’s far more challenging is achieving long-term success and truly “living the dream” for decades, whether that means enjoying high pay, meaningful and exciting work, greater personal freedom, or a unique combination of all three. So, what do consultants who have built sustainable, thriving careers do differently? Drawing o...

Dive into the world of cybersecurity excellence with an immersive training experience at SANS Dallas 2025 (December 1-6, CT). Led by world-renowned instructors boasting extensive industry experience, this training event offers live access to top experts in the field. SANS Dallas 2025 is equipped with industry-leading hands-on labs, simulations, and exercises that you can immediately apply upon your return to work.

Quantum computing is rapidly approaching a tipping point where today’s public key encryption will be rendered obsolete. The “harvest now, decrypt later” threat model and looming “Q-day” scenario mean that sensitive government, financial, healthcare, and infrastructure data in motion is already at risk. In this webcast, we explore Quantum Xchange’s Phio TX platform—a quantum-safe key distribution soluti...