The Zero Trust framework is based on the principle of "never trust, always verify." Join us to learn about Zero Trust, how to adopt it for applications, and the technologies you need to take control of your environment in the fight against ransomware.

The “cat-and-mouse” game between Attackers and Defenders is as old as the LoveLetter virus. While script-kiddies have matured to become cybercriminals, hacktivists, and state-sponsored adversaries, sometimes it feels like the Defenders are stuck in 1999. We deploy anti-virus solutions, monitor the perimeter, and wait and see. Yes, today’s security technology is “Next Gen,” “2.0,” and “Meta,...

This webcast will showcase the newly developed Mandiant Cyber Threat Intelligence (CTI) Analyst Core Competencies framework; discuss how FOR578 is one of the seminal trainings available in the market for analysts to develop knowledge, skills, and abilities defined within the framework, and highlight the exact parity via the recently produced SANS blog on the topic. We then speak with a panel of CTI directors on their experience growing up in...

Software supply chain attacks have become a go-to technique for threat actors. But today, most software supply chain attacks target dependencies where threat actors get higher return on investment. After all, why compromise one piece of software when you can compromise every piece of software that uses a given library? Software dependency attacks have been used to deploy Cobalt Strike, steal API keys to compromise assets deployed in AWS, and...

As we celebrate the 15th anniversary of the SANS DFIR Summit & Training, we're feeling nostalgic and having some fun looking back on the great strides we've made since our first DFIR Summit. It feels like just yesterday when a group of DFIR superheroes gathered for the first time to share ideas, learn new techniques, and have a little bit of fun. The DFIR community has come a long way since then, and we can’t wait to see what’s...

Join us for the 9th annual SANS Security Awareness Summit to learn, connect, and share with thousands of fellow security awareness and culture professionals from around the world. For this year’s event you have the choice of attending live online or in-person*. The focus for this year is “Managing Human Risk”. Traditionally security awareness events have focused only on topics such as engagement, interaction, and gamification...

Implementing a continuous monitoring strategy is critical for improving system visibility and security. However, there are challenges in achieving visibility with widely diverse environments and endpoints. Additionally, using a disparate set of tools – in on-premises and cloud environments and with remote clients – has proven enormously difficult in the past several years. Fortunately, there are many more options available today th...

Do you ever run into problems with your vulnerability management program that you wished you had at your fingertips just one more little piece of information? To help conduct some prioritization, or to know who the business owner is, or to inform people this was an end of life system… All valuable and great to have readily available. But alas, we often are missing information, or it is not easy to access. Join Jonathan (MGT516 co-author...

For about 20 years, the Internet Storm Center has offered terabytes of data to the community to help you understand attacks you are seeing and assist you in augmenting your logs or, as we often put it, "add color" to your network logs. In this keynote, we will introduce some of our volunteer handlers who contribute their insight in daily diaries (you will also learn why we call it a "dairy" and not a "blog"). In addition, we will walk you thro...

There is sometimes a difference of opinion as to where the practice of digital forensics belongs in terms of occupational domains. Some say that it is a forensic science domain, other say that it is a cybersecurity domain. I believe it can be both, depending on what the end use of the digital forensic process is. Nowhere is this truer that in incident response. Incident response is generally a well understood process where organisations respon...