The MITRE ATT&CK framework is a powerful tool that provides a language to define, track, and categorize attacker tactics, techniques, and procedures (TTPs). But what if you could use it to gain a deeper understanding of how, why, and when attackers may abuse a technique? By combining threat actor intelligence with the ATT&CK "dictionary," you can add critical context to your detections to increase the effectiveness of your security con...

Scott Register has more than 15 years of experience leading product management and go-to-market activities for global technology companies and is currently vice president of security solutions for Keysight where he is tasked with brining new security solutions to market across Keysight’s broad solution portfolio. Prior his current role, Scott was vice president of product management leading the development of new Ixia products in the are...

IT departments are under incredible pressure to maintain the business productivity for an expanded remote workforce. As the workforce continues to move into a hybrid office & home office environment, the risks of not maintaining security practices are also top of mind. Threat actors are also actively seeking opportunities to benefit from changes in the workforce. One of the most important steps you can take to protect yourself is to use a...

It's hard to forget moments as crucial as when a $1.5 billion deal slips through your fingers. Companies looking to be acquired are learning first-hand how dramatic the effects of poor cyber defense could be on an investment. Our speakers learned first-hand how a ten figure deal can be abandoned simply because cyber auditors slammed the security of one of the portfolio companies. This story is only one among many. Investment arms and acquirers...

Are you a security practitioner who has suddenly been thrown into the world of cloud security and are confused by everything that is expected of you? No need to worry. This talk will go over some of the critical elements that you need to understand as you start your cloud security journey. Well cover where to start, what to pay attention to, and how you can trace a path to expand your cloud knowledge. Asa bonus, well show you in the AWS and Az...

Time is the enemy of cybersecurity. Time spent identifying devices and cloud instances and making sure those devices and instances are properly secured, managed, and up-to-date. Time spent gathering data and solving challenges. For most security and IT teams, these time-based problems stem from a lack of visibility and as environments grow more complex, its only getting worse. Without a clear understanding of everything in your environment, al...

XDR (extended detection and response) is the hot new buzzword in the security industry but so far there isn't a lot of agreement on what defines XDR. The goal makes sense. Extend your detection capabilities across your hybrid network to catch advanced threats like zero days, supply chain attacks, and insider threats, and respond quickly before damage can be done. Join us as we explore the pros and cons of XDR such as, is it realistic that one...

While there is value in real-time DNS data, passive DNS offers a wealth of historical DNS records analysts can use to gain valuable insight into changes over time. These changes provide the key context needed to identify risks and respond to security threats. In this webcast, SANS analyst Dave Shakleford reviews Farsight Security's Passive DNS Database (DNSDB), a passive DNS data service designed to help investigators enhance the efficiency an...

The U.S. Bureau of Labor Statistics reports that the employment of information security analysts is projected to grow 32% from 2018 to 2028, much faster than the average for all occupations. As one of the highest-paid jobs in the field, security analysts must become masters of all trades, becoming “all-around defenders,” highly competent in threat detection, while maintaining excellent analytical and communication skills. But what...

What does it mean to evaluate your attack surface? For many organizations, it may simply mean running a vulnerability scanner against their perimeter and hoping an attacker does not do the same. This legacy thinking leaves out all the nooks and crannies that attackers have become adept at finding. Your attack service should also include your system and network configurations, brand exposure, and knowledge of how your data is secured amongst nu...