This is a 2-hour hands-on workshop. As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. In this workshop, we will work through the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our AWS environments. The overall process...

This year’s Vulnerability Management Survey webcast event will look at how focus has improved or changed within organizations as they build out and mature more holistic vulnerability management programs. By looking at the maturity data from the last two years, we will get a better understanding of where companies are focusing and where they are struggling. These insights will help shed light on what respondents believe are the best paths...

As more organizations shift application access to the cloud, which minimizes the need for the data center to act as a hub for access and controls, they are realizing the benefits of cloud-brokering solutions that offer strong security capabilities. Nowhere is this more true than application protection, ranging from traditional WAF controls to API protection, bot detection and prevention, and more. In this webcast, Senior SANS Instructor Dave S...

Zero Trust remains one of the main topics in the cybersecurity industry. But what is Zero Trust really about? The broad theme of Zero Trust is about reducing implicit trust throughout the enterprise. The goal is to take an organization from an old non-defensible architecture based on compliance, controls, and a static protection oriented mindset, to a defensible security architecture based on continuous dynamic threat informed defense, and ris...

Just how effective or mature is your security program? Given the multitude of assessment, rating, and cybersecurity frameworks, it can be challenging to determine security operations readiness and resilience through a single measurement or framework. Is effectiveness based on defending against an attack or the ability to mitigate attacks in the first place? Should compliance drive our security strategy, or should our security strategy enable c...

In July 2023, SANS partnered with Carahsoft for the 2023 Government Security Solutions Forum, where cybersecurity preparedness went back to basics. In this webcast, SANS Certified Instructor Matt Bromiley will review the top trends that emerged during the forum. Matt also uncovers how organizations can prepare for the National Cybersecurity Strategy Implementation Plan, or NCSIP, released by the White House in March 2023. His focus on preparat...

The evolution of hybrid cloud environments demands innovative solutions to unify on-premise and cloud-based resources seamlessly. This talk, titled "Bridge to the Clouds: Unifying Worlds with Entra ID in Hybrid Landscapes," illuminates the integration challenges and visibility capabilities provided by Entra ID for reconciling identity and access management in hybrid cloud landscapes. Learning Objectives: To enlighten the audience on the import...

As we head into the last quarter of 2023, three major mandate changes are occurring, each positioned to make a large impact on how businesses, governmental bodies, and critical sector organizations operate. The goal of the SANS Cyber Compliance Countdown is to focus on what you need to know in these complicated and broad requirements and to offer solutions on how to meet these directives. Below is a quick overview of the changes and this forum...

The Cloud is enabling businesses to quickly adopt and use technology in ways that we've never imagined before. Security teams need to find ways to keep up; automation is the solution. By using Policy as Code tools we can define and enforce security guardrails. This allows developers and cloud engineers to continue shipping features while bringing the confidence to everybody that security requirements are being met. Learning Objectives: Examine...

Mobile devices are regularly used for personal and professional reasons, and people rarely put a company’s cybersecurity ahead of their personal needs. This dual-usage introduces organizations to a wide range of threats, many of which originate from mobile apps on personal devices. And if sideloaded apps continue to grow in popularity as expected, the number of mobile risks and threats will accelerate. Join cybersecurity experts from Zim...