Organizations' infrastructures are becoming more complex. As the new landscape expands into the cloud and third-party PaaS and SaaS services, it has become more of a challenge to maintain proper visibility and aggregation of logs into a single pane of glass. While Security Information and Event Management (SIEM) systems have been around for years, the complexity of new data sources, infrastructure, and business needs require a scalable approac...

Vulnerability management can at times seem like a problem with no solution. While there is no simple solution to vulnerability management and our work will never be done, there are solutions, and we can successfully reduce the vulnerabilities in our environment to a much more manageable level. Every week will bring new vulnerabilities, but with the right processes and procedures, out technology and development organizations will know how to re...

Are you always in the dunce seat with your board and C-level, constantly reacting to fires and mistrustful of what is being said? Probably. So how do you change that? How do you become in the driver seat and get the remit to do what you need to do? The simple and boring topic of metrics and reporting is more powerful and impactful then you might thing. In this talk we will discuss how to evidence what you do, speak to your board and other stee...

A lot of offensive security professionals have experience weaponizing simple vulnerabilities, but may not have worked much with bug discovery. Join Jim Shewmaker and Stephen Sims as they talk through fuzzing concepts and methodology, and then jump into a demonstration on setting up a modern fuzzing harness. What should you fuzz for? What types of fuzzing is there? How do you know if a bug is weaponizable? We’ll aim to answer these questi...

In The 2021 State of Enterprise Breaches, Forrester® found that enterprises spend a median of 37 days and a mean of $2.4 million to find and recover from a breach. Ensure your team is prepared for advanced threat actors. Join this fireside chat with Niall Browne, CISO at Palo Alto Networks, and guest speaker Allie Mellen, senior analyst at Forrester. They’ll candidly discuss digital transformation, SOC automation and tactical securit...

Times are changing as we continue to innovate. We have moved from monolithic applications to microservices, APIs, serverless functions, and cloud services that are continuously changing and thus making them harder to secure.Traditional security solutions of the past have failed us and will not work with the latest technologies. During this solutions track, we will learn and focus on how to protect the next generation of applications. Presentat...

Year after year successful phishing attacks on end users and system administrators are found to be the factor that enables over 80% damaging security incidents. This points out the need for two key security initiatives: replacing reusable passwords with multifactor authentication and making users less likely to fall for fraudulent messages. During this SANS What Works webcast,SANS Director of Emerging Security Trends John Pescatore interviews...

Security practitioners love to hear about cool new technologies, best practices, and things that work. But we often learn much more from failure than from success. With that in mind, this talk will cover my ten favorite “learning moments” from over 21 years of defending enterprise networks. I’ll cover epic fails in my time as a SOC analyst defending Pentagon networks, a project manager building 24/7 operations at the White Ho...

Now more than ever, decision makers need actionable and contextualized threat intelligence to increase cyber resilience and to enable mission or business objectives. How can contextual threat intelligence (CTI) allow heads of cybersecurity departments, security strategists, CISOs, SOC managers, threat detection engineers, analysts, hunters, and responders, to make better strategic, operational, and tactical decisions? How can CTI allow organiz...

Cloud changes everything, including how we do threat detection and incident response in the SOC. As we continue to transform our attack surfaces – with expanding cloud environments, multi-cloud, public and private cloud, and the proliferation of SaaS -- how do we make sure our security strategies are keeping pace? In this thought-provoking webinar with Anton Chuvakin, sponsored by CardinalOps, we’ll examine critical questions such...