Organizations everywhere are working to improve their cybersecurity postures. One key enabler of that for both private and public sectors is the comprehensive guidance provided by the NIST Cybersecurity Framework (CSF). This framework is being increasingly adopted by public and private sector organizations to help them: Enhance their security posture Defend against and respond to cyber threats Pass compliance audits Join Gil Vega, CISO of Veea...

The Cybersecurity Maturity Model Certification (CMMC) is the US Department of Defenses response to recent compromises of sensitive defense information that resides on contractors' information systems. Contractors remain responsible for implementation of critical cybersecurity requirements, but CMMC requires a third-party assessment of contractors' compliance with mandatory practices, procedures and capabilities, in order to prevent potential c...

Phishing is one of the most costly, invasive, and sinister forms of cyberattack that companies worldwide experience every day. Phishing has cost victims across multiple sectors more than $26 billion over the past 3 years alone. And these attacks continue to become more sophisticated by the hour, impersonating your colleagues, trusted clients, business partners and even online collaboration tools. But like with anything, knowledge is power. In...

As IT workloads transition to the cloud, there's a shift in how organizations develop and deliver systems and how security must be practiced. On this webcast, survey author Jim Bird will moderate a roundtable discussion with Micro Focus representatives about results from the SANS 2021 DevSecOps survey. Register today to be among the first to receive the associated whitepaper written by SANS analyst and course author Jim Bird and SANS instructo...

This survey builds on the SANS 2021 Cloud Security Survey, with an emphasis on how cloud security has changed the enterprise infrastructure with the COVID-19 pandemic and an increasingly remote workforce. Key questions examined in the survey include: Is the cloud now considered part of the enterprise network? Specifically, SANS is looking for increased use of third-party cloud solutions. How are organizations using network traffic/metadata for...

Asset visibility, threat detection, and investigative playbooks are critical ICS/OT technologies in your defense against industrial adversaries. However, accessing the information that these technologies need can be a significant challenge for asset owners and operators, as this information is often located throughout your OT environment, including the lower layers of the OT architecture. To solve this problem, Network Visibility tools are use...

Data privacy is critical for every organization today Its a key component in many strict regulatory mandates, and also a subject of increasing attention from the public at large. Simply put, to avoid steep fines and attract and retain customers, organizations must ensure the privacy of all the sensitive data they process and store. But whats the best path to achieving that goal? Join this webcast with Jake Williams, Senior Instructor at SANS,...

Memory forensics is a key component of any incident investigation involving endpoints. It can help determine whether an infection did in fact occur, and if so, what type of threat is involved. However, most SOC/IR teams do not fully utilize memory forensics techniques as part of their investigations usually from lack of time or technical know-how. In this talk, we will show you how Intezers endpoint scanner and Volatility plugin analyze live e...

In this 90-min session you will play to win the Cyber42 Vulnerability Management Simulation as you try to improve the state of a fictional organization and more effectively handle the vulnerability management. During the game, as developed for MGT516: Managing Security Vulnerabilities: Enterprise and Cloud, you will see that the actions you choose can have uncertain and even unintended consequences. This interactive simulation puts you in real...

As IT workloads transition to the cloud, there's a shift in how organizations develop and deliver systems - and how security must be practiced. This year's SANS survey explores what this shift means for the modern enterprise and its security program. On this webcast, survey authors Jim Bird and Eric Johnson will explore how security professionals must adapt to this new world. Key questions from the survey include: What must they understand abo...