Today’s cloud environments are large, multi-faceted, and dispersed. They have a myriad of options for selection, configuration, security, and functionality. Add on more than one of these environments (AWS, GC, Azure, Oracle, Digital Ocean, etc) and the number of potential issues skyrocket! If you have custom applications, developers, databases, and any of the hundreds of other common items in your arena, your chances of having exposed v...

With rapidly changing computing platforms, a growing threat landscape, and a shift to a remote workforce, managing vulnerabilities is more challenging than ever. We are all looking for answers and we all want to know how our peers are doing in their fight and what we can learn from each other to make our systems, applications, and networks more secure and resilient. This webcast event will examine results from the SANS 2022 Vulnerability Manag...

The realm of cloud security is rapidly expanding and evolving. Security teams have a lot to keep up with, and need to know the latest and greatest cloud security services, controls, trends, and technology innovations that are helping to secure cloud access, services, and assets in a widely diverse set of cloud environments. In the Cloud track at Cyber Solutions Fest 2022, leading solution providers and practitioners will highlight the newest t...

One of the most prolific attacks over the past few years, that has touched nearly every industry and kept security professionals up at night, is ransomware. Ever-looming as the threat that can bring an organization to a halt, we have seen an explosive growth in ransomware and extortion attacks. Driven by never-ending vulnerabilities and automated attack tools, ransomware shows little signs of slowing down. It is time to change that pace. Join...

The Cyber Solutions Fest will explore best practices of selection, implementation, operations, and staff use of tools in cyber operations. Vendors are encouraged to highlight actual customer deployments as well as share insights from their tool developers and designers. This solutions fest will showcase success, at large scale as well as personal and tailored to solve real world problems. The pace of IT change has become difficult to keep up...

Every year at major security conferences, you can tell the trends in security because seemingly every product and service is being positioned as “look at how we make things easier/cheaper/better.” A few years ago, that was cyber threat intelligence (CTI). Then, it inexplicably changed to threat hunting. But practitioners know that you can’t really separate threat hunting and threat intelligence any more than you can separate...

Securing a cloud environment can be challenging and time consuming, especially if you don’t know where to start. This Workshop will scrutinize a common cloud service: Virtual Machines, and focus on the secure implementation of that service. We’ll discuss Operating Systems (and why it matters from a cloud perspective), as well as security groups, remote access, system and network hardening as well as how mature organizations handle...

In the 1990s government agencies, industry groups, and cybersecurity researchers started creating cybersecurity standards and these standards led to cybersecurity regulations and laws that dictate to organizations what they must do to protect their data. Today, there are now dozens of standards dictating thousands of cybersecurity controls that organizations can consider when building their cybersecurity plans. Every year more standards are r...

Level Up Your Blue Team SkillsThe blue team represents information security professionals on the front line of defending an organizations critical assets and systems against attacks and threats from adversaries. Defending against attacks is an ongoing challenge with new threats emerging all the time. At the SANS Blue Team Summit, enhance your current skill set and become even better at defending your organization and hear the latest ways to mi...

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. Once attackers have gained access to your infrastructure, be it through a compromised host or through physical access, they will be looking to gain access to further resources. While there is a wide variety of ways that attackers can use to broaden their footprint in your environment, this webcast will focus on...