Security Orchestration, Automation and Response (SOAR) tooling is intended to increase efficiency and consistency. These tools also promise to diminish the cost of operating a Security Operations Center (SOC) for most organizations. If used properly, these tools can do all of these things. The challenge is that the tools are frequently bought to avoid the one thing that most organizations do not seem to be able to do on their own: figuring out...

This session will describe the differences between version 7.1 and version 8 of the Center for Internet Security Twenty Critical Security Controls. This major rewrite of the twenty CSCs reflects core changes in today\'s computing and infrastructure environments.

Time spent testing, monitoring, reporting, and updating controls is a resource-intensive practice for most enterprises regardless of your program\'s maturity. While Artificial Intelligence (AI) cannot analyze risk with the same judgment and interpretation as a human, there are several specific use cases where AI and automation can help augment and maximize your efforts to consolidate, coordinate, and communicate risk insights. In this session,...

In our age of digital transformation, an expanding attack surface and sophisticated threat actors have increased cyber risk exponentially. With more technology and data assets to secure, more telemetry data to analyze, more security tools to manage, more alerts to sort, and more threats to defend against, and fewer security analysts to handle this. Detecting and responding to threats became harder for many organizations. How can a modern appro...

Business Email Compromise (BEC) costs organizations like yours $9 billion every year. These hard-to-detect phishing schemes drive more than 40% of all cybercrime losses. But threat intelligence and fraud prevention teams have had little visibility into the scope of their risk, the BEC attack cycle, or threat actors objectives and methods. That is about to change. Agari Active Defense leverages an unparalleled global data footprint, innovative...

Business damages from ransomware and phishing attacks have made it clear that sensitive business information and application must be better protected. Increased enforcement of national- and state-level privacy laws, as well as the need to secure data across multiple cloud environments, has highlighted the need for reliable and transparent data encryption services to protect information while enabling business access. During this SANS WhatWorks...

With the advent of modern applications based on apis and micro services, a whole new attack surface and range of threats has evolved as is defined in the OWASP API top 10 project. This webinar will focus on the specific new threats our applications are facing and outline specific tasks band steps security professionals can take to improve awareness and reduce the business exposure to API based threats and attacks.

In Part 1 of this series, MGT516 course author Jonathan Risto discussed what makes a good metric and provided 5 metrics to start measuring within your vulnerability management program, regardless of your program maturity. In this second part of the Vulnerability Management series, MGT516 course author Jonathan Risto will discuss the following metrics: Mean Time to Resolve Average Exposure Window Vulnerability Reopen Rate and why these advanced...

The practice of running Adversary Emulation engagement exercises is becoming more widely adopted within modern security teams. The collaborative effort of Purple Teaming can help security professionals improve their skills as they leverage emulation tactics and detection/prevention methods to better understand how threat actors might successfully compromise hosts, networks and other enterprise services. Adversary Emulation goes well beyond tes...

In the event of a ransomware attack, security managers must be able to give business-relevant risk recommendations to CEOs and boards of directors. Most of the thought and effort required to do so must take place well before the attack. On this webcast, John Pescatore, SANS Director of Emerging Security Trends, and Benjamin Wright, lawyer and SANS Senior Instructor, will discuss key ransomware issues, including: Key security processes to avoid...