Modern organizations are increasingly supporting the cloud. According to Microsoft, 95% of the Fortune 500 companies are using M365. A traditional pen test is incomplete without looking for insecurities in Azure, especially when hybrid Active Directory is in use. In this webcast, Tim Medin will walk through methods to enumerate users in Azure and how to attack the users in the cloud.

Sophisticated threat actors are turning to Software Supply Chain attacks to evade today’s defenses. Tactics include inserting malicious code into open-source repositories like npm and PyPi, developing attacks leveraging new software vulnerabilities, and infiltrating vendor development environments to insert malicious packages into their software solutions. In the last year, ReversingLabs observed a 289% increase in threats involving open...

For years many practitioners in the ICS security community realized that guidelines and best practices around secure PLC programming practices were lacking. To address this problem, ICS security professionals in the community pulled together to develop the Top 20 PLC controls. Beyond these controls, however, it is essential to define abnormality detections to display the information on the HMI clients. This allows operations staff to respond t...

Discovering, identifying, inventorying, and assessing all digital assets — a continuous process known as Attack Surface Management (ASM) — is essential for organizations to secure their environment. After all, you can’t protect what you don’t know about. External threats, vulnerabilities, shadow IT, and cloud misconfigurations are a few critical areas that may sneakily pose risks to organizations. The goal for IT and se...

With great power comes great responsibility. Privileged accounts are a necessary part of everyday IT operations, but managing them to date has been complex and costly with a lot of disruption to the business, so organizations only deploy solutions when they really have to e.g. compliance drivers. Join this webinar to learn: The hidden threats of unmanaged privilege accounts How managing the problem can be done surprisingly quickly Next genera...

Expanding on some of the key findings of the SANS DevSecOps Survey, this webcast will provide example metrics that leadership can use to gauge DevSecOps maturity. Join SANS instructor Kenneth G. Hartman and Veracode’s Product Security Director Ryan O’Boyle as they discuss the role of DevSecOps metrics in determining effective objectives and key results (OKRs) and making data-driven decisions. The webcast will cover how to: Devise...

As organizations actively migrate applications and computing environments to the public cloud, it is important to integrate security throughout the cloud adoption journey. SANS has developed a Cloud Maturity Model to help organizations measure their progress in the cloud security journey. In this talk, we will discuss the content of the Cloud Maturity Model, how it is suitable for organizations like yours, and the best practices on how the mo...

Operational technology (OT)/industrial control system (ICS) security is an ever-changing and evolving field required to continually adapt defense strategies to meet new challenges and threats—all while maintaining the safety and reliability of facility operations. This event will focus on how OT/ICS defenders across all industries meet these challenges, and will highlight key areas to help defend critical infrastructure moving forward, i...

When conducting incident response, EDR and firewall technologies can only show you so much. The breadth of network traffic provides an unrivalled source of evidence and visibility. Open-source security technologies such as Zeek, Suricata, and Elastic can deliver powerful network detection and response capabilities, furthermore the global communities behind these tools can also serve as a force multiplier for security teams, often accelerating...

In this presentation, we will explore how to set up red team scenarios in your cloud native environment with open source tooling. From there we will go through capturing high fidelity alerts for these scenarios with audit logging tools that are readily at your disposal today.