Everyone has alerts and everyone has different forms of intelligence they use to try and detect, research, and respond to a threat within their environment. As a security practitioner, you know the process and time involved to “connect the dots” between the intelligence available and what is in your environment is often time consuming and requires a good deal of knowledge to correlate. These are all the realities of the world we cu...

The cloud is considered the new frontier of technology, but it is no longer novel. The COVID-19 pandemic led companies to the cloud at a breakneck pace. Different organizations during this same period evolved from single-cloud organizations to multi-cloud organizations. The various cloud providers offer a wide variety of services that fit organizations' needs on a case-by-case basis. The multi-cloud environment introduces a new problem for Thr...

Join us for the 10th annual SANS Security Awareness: Managing Human Risk Summit to learn, connect, and share with thousands of fellow security awareness, behavior and culture professionals from around the world. For this year’s event you have the choice of attending live online or in-person*. The 2023 Summit will feature: In-depth Summit Talks - The industry's top practitioners will share their latest research, technologies, and case stu...

This workshop is a hands-on session focused on creating custom Nmap NSE scripts tailored for the CISA Known Exploited Vulnerabilities Catalog. In this 2-hour workshop, participants will learn essential NSE scripting skills, with a specific emphasis on detecting vulnerabilities listed in the catalog. The workshop begins with an introduction to Nmap and NSE scripting, highlighting their significance in identifying and addressing known vulnerabil...

Detection engineering has evolved into an art, contributing to the success rates of endpoint and network detection and response tooling capabilities. Used to effectively counter the increasing complexity of today’s cyber threat actors, high-fidelity detections can help an organization discover threats earlier, neutralizing them before further damage can occur. Not all detections are created equally, however, and neither are detection opp...

Successful phishing attacks on end users and system administrators continue to be the factor that enables nearly 80% of damaging security incidents. Many companies are spending on user awareness and education programs but find it is hard to sustain initial gains in phishing awareness, recognition, and resilience and are lacking the data needed to develop and track meaningful awareness metrics. During this SANS WhatWorks webcast, SANS Director...

For many years, security professionals have advocated the approach of collecting logs from all the places where they’re generated and centralizing them into one or only a few places.But now, we have much more data and many more sources of security telemetry, including from endpoints, networks, email, IAM, SaaS applications, and cloud assets in multi-cloud infrastructures.Does centralizing log data still make sense, or should we be thinki...

In this talk, Ahmed Abugharbia and Abdul Kittana will deep dive into various methodologies and options for developing applications using generative AI technologies. They will discuss the process of building ASecureCloud’s AI-powered features, lessons learned, and demonstrate how you can apply similar principles in your own environments. Objectives: Learn capabilites of current generative AI technologies Different options for building app...

Where can you find leaders from Amazon Web Services (AWS), Google Cloud, Microsoft Azure, and SANS Institute, together on one virtual stage? It's happening for the first time ever at the SANS Cloud Security Exchange 2023. At the inaugural event in 2022, thousands of attendees from across the globe enjoyed learning from independent cloud security experts from SANS Institute who were paired with leaders from the cloud security providers. It work...

During the past decade, increasing numbers of organizations have transformed their applications to be cloud native, building workloads based on multicloud architecture. Connecting and securing these cloud workloads has not been effective for many reasons and today, there are many benefits to a converged workload communication architecture that unifies security and operations. SANS tested the new Zscaler Zero Trust platform for cloud workloads,...