Attackers are circling your cloud-native apps, sniffing your API structure, and lying in wait for one exposed API before they pounce on your vulnerable endpoints. Unfair? Absolutely. So how do you prevent this? Join SANS Senior Instructor Dave Shackleford and a product expert from Traceable as they demonstrate the Traceable AI solution. Watch as they show the importance of API exposure visibility, the realities of detection and prevention, an...

It’s typical for defenders to learn about the latest adversary tactics, techniques, and procedures (TTPs) from a defense perspective – meaning TTPs are viewed from the lens of “how to mitigate this or prevent it from happening again.” Unfortunately, adversaries are smart problem solvers and can quickly adapt to changes made in enterprise security defenses, and even countermeasures. What is it like to view TTPs through t...

The pressure is on! As if there wasn’t enough momentum pushing security and development teams to get applications to the cloud, along came 24 months of remote work, high workforce turnover, and budget reductions. Never has there been more reason or pressure on security and development teams to get mission-critical workloads to the cloud than there is in 2022. Powerful, enabling technologies such as Function-as-a-Service, containers, and...

An attacker needs very little other than open source intelligence (OSINT) to profile an organization or individual successfully. But OSINT can also be used to protect against social engineering. In this webcast, SANS Instructor Jeff Lomas and Picnic’s CEO Matt Polak take a look at how enterprises can neutralize vulnerabilities, reduce their attack surface, and automate continuous risk detection. Register today and be among the first to...

Join SANS Certified Instructor Jean-François Maes as he previews new material directly from the updated SANS SEC699: Purple Team Tactics - Adversary Emulation for Breach Prevention & Detection. Once attackers have gained initial access, they do not want to get caught by the suite of security tools on modern Windows systems. To stay under the radar, attackers leverage Living Off the Land Binaries and Scripts (LOLBAS). These are signe...

Ransomware attacks are no longer “drive-by” events. Encryption is only one of the problems among a list of others that include operational disruption and data exfiltration for extortion, ransom, sale, and re-sale. Join SANS Senior Instructor Jake Williams, SANS Instructor and BlackBerry Principal Incident Response Consultant Ryan Chapman, and BlackBerry Most Distinguished Threat Researcher Dmitry Bestuzhev as they dissect and anal...

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. There are many stages in the attack lifecycle in which we can detect or prevent an (advanced) attacker from getting closer to their final objectives. One thing we always come across however is that the attacker likes to persist in your environment, be it for two days, two months, or two years. It is important fr...

This webinar is a preview of a new report - the updated version of the Top 20 Cyber Attacks on Industrial Control Systems. The attack "ruler" of 20 standard attacks now includes nation-state-grade ransomware, IT-targeted ransomware that triggers "abundance of caution" OT / ICS shutdowns, IT-targeted ransomware that triggers OT shutdowns when IT systems vital to OT networks are impaired, and other timely updates. Cloud-seeded ransomware / supp...

If Zero Trust, flexible deployments, customer service, or simplifying your journey to the cloud matter to you, there are 10 things you may not know about Symantec – but you should.The security landscape continues to evolve at a blistering pace, and there are so many great things going on with Symantec, it’s sometimes hard to keep track. Meanwhile, what you may have heard from the newest kids on the block is often meant to seed fea...

So you have a vulnerability management program. Great. Excellent. But are you able to let the management team know if it is being effective or not? In this final Vulnerability Management series webcast, join Jonathan (MGT516 co-author and SANS certified Instructor) as he discusses how to show your program is being effective through metrics and measures. He will discuss metrics that a new program can start creating and generating on day 1 as we...