This webcast supports content and knowledge from SEC547: Defending Product Supply Chains. Vendor risk assessments have been a cornerstone of security for years, but how effective are they? Join us for an in-depth presentation where we dive into the intricacies of vendor risk assessments and explore strategies to enhance your process. Key Topics Covered:Effectiveness of Traditional Assessments: Evaluating the real value of current practices.Ass...

The North American Electric Reliability Corporation's Critical Infrastructure Protection (NERC CIP) standards are pivotal in safeguarding the reliability and security of the North American power grid. With the deadline for NERC CIP-003-9 looming in April 2026, asset owners face significant challenges in aligning their cybersecurity measures with these stringent requirements. This presentation will explore challenges and elements for key NERC C...

Every organization professes that risk management is at the heart of its cybersecurity program. Threat modeling is at the heart of this proactive approach: a systematic process that helps organizations identify, understand, and mitigate potential threats. However, with technology's ongoing advancement and the rising complexity of digital systems, constructing exhaustive threat models from the ground up can be daunting. In this presentation, Ja...

In today's dynamic digital landscape, the need for secure and seamless access to corporate resources from any device, anywhere is paramount. Join SANS Senior Instructor Dave Shackleford and HPE’s Darren Tidwell for an insightful webcast where we dive into the modern threats and security challenges that organizations face, and how innovative solutions like SSE from HPE address these challenges head-on. HPE Aruba Networking SSE securely co...

In 2024, the SOC Survey continued to explore the detailed aspects of cybersecurity operations centers. The survey collected information on organizations’ capabilities, and what is outsourced. On this webcast, SANS Senior Instructor Chris Crowley examines survey results to understand how SOCs are architectured, favorite and frustrating technologies, staffing, funding, threat intel, and automation. Register for this webcast now, and you wi...

As the nature of our technology landscape changes more and more frequently, it’s challenging for many security operations teams to keep pace with the current threat surface we have on the internet, as well as the state of vulnerabilities and risks associated with these assets. Many security teams are performing vulnerability and web application scanning in a relatively ad hoc manner, and don’t truly have a continuous view of what e...

Every organization professes that risk management is at the heart of its cybersecurity program. Threat modeling is at the heart of this proactive approach: a systematic process that helps organizations identify, understand, and mitigate potential threats. However, with technology's ongoing advancement and the rising complexity of digital systems, constructing exhaustive threat models from the ground up can be daunting. In this presentation, Ja...

Security teams today are dealing with endless lists of security issues, but lacking the necessary tools to effectively detect and mitigate the highest risks in their multi-cloud environment. In this session, we will unveil the latest security posture innovations in Microsoft Defender for Cloud, that empower security teams to identify security vulnerabilities spanning from code to cloud, to effectively prioritize the most business-critical risk...

The modern enterprise, characterized by hybrid and mobile workforces supported by a hybrid cloud IT environment, brings many security challenges to the federal government, its agencies, entities, and sites. They face multi-faceted cybersecurity concerns due to the sensitive nature of their data, the critical infrastructure, and regulatory mandates involved. The distributed nature of operations, with numerous contractors and providers, introduc...

Automation plays a vital role in improving capacity, efficiency, and performance in the SOC. Security teams spend far too much time “in the weeds,” unable to focus on solving the problems that matter. Security orchestration, automation, and response (SOAR) tools have the potential to streamline analysis, reduce response times, and improve quality. However, SOC teams often struggle to realize the full potential of this kind of autom...