A security operations center (SOC) act as the centralized command center for a corporation dealing with security issues on an organizational and technical level. Responsible for protecting an organization from cyber attacks, a SOC continuously monitors network infrastructure, desktops, servers, endpoint devices, IoT devices, applications, and databases, among other systems for security threats. Modern SOCs are comprised of four components moni...

Designed for security leaders tasked with managing a growing attack surface, the SANS Attack Surface Management Virtual Conference will take place on April 14, 2021 as a virtual event. This half-day event will bring together thought leaders, subject matter experts and practitioners to discuss, share and discover best practices for addressing the operational challenges associated with work-from-home transitions, cloud migrations, M&A, shado...

SANS is committed to delivering high-quality cyber security training so you can keep your skills sharp and stay ahead of cyber threats. Join us for interactive training during SANS 2021 - Live Online (March 22-27, EST), and receive relevant, applicable training from wherever you are. Choose from over 30 interactive courses, plus three NetWars Tournaments delivered Live Online. SANS Live Online events offer live-stream, instructor-led cyber sec...

Log data is critical for understanding how systems are operating and for monitoring malicious activity with the IT environment. This is particularly true for traditional systems as well as modern systems in the midst of a digital transformation that lack an audit trail, such as multi-cloud and DevOps environments, microservices, and containers. The technologies and trends organizations embrace as they accelerate their transformation all increa...

Nearly 2 billion records were exfiltrated in recent cloud breaches. Can breach paths be detected even before clouds are built? Learn how DevSecOps processes can predict breach paths programmatically using threat models derived from cyber threat intelligence, MITREs ATT&CK framework, and Infrastructure as Code. This session includes specific code examples for common IaC technologies. *To attend this webcast, login to your SANS Account or cr...

The increasing complexity of the threat landscape means we can no longer depend on a "business as usual" approach to endpoint security. Antivirus or EDR (Endpoint Detection and Response) used in isolation may not be the most efficient recourse to protect against today's sophisticated attacks. The good news is that there is a way to get more from our endpoint security with less effort, it's called eXtended Detection and Response (XDR). XDR reco...

As organizations shift to the cloud, teams grapple with legacy security tools incapable of ingesting and combining data from hybrid environments for analysis. The result? Threat visibility gaps and lower SOC performance. Join this Devo lunch and learn session as we discuss: Ensuring analysts have visibility into the entire attack surface Keeping detections relevant during cloud shift and how access to all data sources provides relevant context...

When it comes to security metrics, there are lots of variables. The company. The size and scale of that company. Measuring where things are at today and where you hope things will be in the future. Theres a lot at play, but one things for certain: Theres a laundry list of security metrics you could be measuring. So how do you know where to start? And once you have your foundation, whats next? Join Jake Munroe of Axonius for Cybersecurity Metri...

Todays security operations centers (SOCs) do not have the time, energy, or resources to keep pace with the evolving threat landscape. Security teams need to be able to secure their organizations by doing more with less. This can be achieved with security orchestration, automation, and response (SOAR). Rather than being bogged down by arduous manual tasks, SOAR empowers your SOC by leveraging your existing people, processes, and technology to i...

High-value penetration testing doesn't involve just throwing a bunch of hacks at a target environment and declaring victory when a shell prompt magically pops up. Instead, the best penetration testers focus on understanding their craft in-depth, providing significant value to organizations by improving their security stance through technical excellence and implementation of a well-understood and repeatable methodologies, which will deliver rea...