*To attend this webcast, login to your SANS Account or create your Account on the SANS website. In addition to the challenge brought on by the global pandemic, civil and social unrest, and a contentious political climate, organizations are also experiencing a massive spike in cybersecurity attacks related to their use of third parties ("Solargate"). This environment is systemically increasing the level of difficulty facing cybersecurity profes...

Network detection and response (NDR) platforms built on open source technologies like Zeek and Suricata offer SOCs greater flexibility and choice compared to closed platforms. Moreover, an open NDR platform can act as a security team force multiplier via the power of their global communities, such as the ability to accelerate responses to zero-day exploits via community-driven detection engineering. This technical webcast will review popular o...

As more organizations shift their IT strategies to cloud-based infrastructure, security teams are also evolving to use cloud security services that offer new and more effective controls and capabilities. These may include services and tools that provide network connectivity and security for end users and office locations, security monitoring and policy controls, and identity services, among others. This SANS survey explored the types of servic...

*To attend this webcast, login to your SANS Account or create your Account on the SANS website. Join LogPoint's Jake McCabe as he discusses how thinking about security from the perspective of adversary behavior can help organizations better prepare for, detect, and respond to threats. Too often, security organizations focus on signatures and IOCs to alert them to threats in their environment, however this myopic focus can often leave them blin...

*To attend this webcast, login to your SANS Account or create your Account on the SANS website. The adoption of cloud native technologies such as containers, microservices, and immutable infrastructure requires declarative, automated security controls. To keep up with the pace of development, we need to detect and prevent platform vulnerabilities early in the development lifecycle before they can be introduced into the runtime environment. In...

*To attend this webcast, login to your SANS Account or create your Account on the SANS website. Recent supply chain attacks have proven that third parties are an unexpected, yet trusted, entry vector into an organization. By utilizing legitimate methods to breach an organization, threat actors can hide under the radar with escalated privileges. Furthermore, attackers have shown that they are security-savvy, knowledgeable of enterprise defense...

*To attend this webcast, login to your SANS Account or create your Account on the SANS website. A conversation with Chaim Mazal, ActiveCampaign CISO, on his teams journey to DevSecOps Modern development practices have forced organizations to combine development and IT operations under one DevOps umbrella in order to build and release code at a faster rate than ever before. However, due to this newfound developer agility, as well as the widespr...

*To attend this webcast, login to your SANS Account or create your Account on the SANS website. "If your company were to get breached, there is a 70% probability it will be through one of your Vendors. If it is Protected Health Information, PHI, that gets exfiltrated, the fines will run into the millions of dollars, including loss of reputation, market share, and loss of revenue. You do not want to be the person that failed in their due dilige...

Log data is critical for understanding how systems are operating and for monitoring malicious activity with the IT environment. This is particularly true for traditional systems as well as modern systems in the midst of a digital transformation that lack an audit trail, such as multi-cloud and DevOps environments, microservices, and containers. The technologies and trends organizations embrace as they accelerate their transformation all increa...

Nearly 2 billion records were exfiltrated in recent cloud breaches. Can breach paths be detected even before clouds are built? Learn how DevSecOps processes can predict breach paths programmatically using threat models derived from cyber threat intelligence, MITREs ATT&CK framework, and Infrastructure as Code. This session includes specific code examples for common IaC technologies. *To attend this webcast, login to your SANS Account or cr...