The Cyber Solutions Fest will explore best practices of selection, implementation, operations, and staff use of tools in cyber operations. Vendors are encouraged to highlight actual customer deployments as well as share insights from their tool developers and designers. This solutions fest will showcase success, at large scale as well as personal and tailored to solve real world problems. The pace of IT change has become difficult to keep up...

Every year at major security conferences, you can tell the trends in security because seemingly every product and service is being positioned as “look at how we make things easier/cheaper/better.” A few years ago, that was cyber threat intelligence (CTI). Then, it inexplicably changed to threat hunting. But practitioners know that you can’t really separate threat hunting and threat intelligence any more than you can separate...

Securing a cloud environment can be challenging and time consuming, especially if you don’t know where to start. This Workshop will scrutinize a common cloud service: Virtual Machines, and focus on the secure implementation of that service. We’ll discuss Operating Systems (and why it matters from a cloud perspective), as well as security groups, remote access, system and network hardening as well as how mature organizations handle...

In the 1990s government agencies, industry groups, and cybersecurity researchers started creating cybersecurity standards and these standards led to cybersecurity regulations and laws that dictate to organizations what they must do to protect their data. Today, there are now dozens of standards dictating thousands of cybersecurity controls that organizations can consider when building their cybersecurity plans. Every year more standards are r...

Level Up Your Blue Team SkillsThe blue team represents information security professionals on the front line of defending an organizations critical assets and systems against attacks and threats from adversaries. Defending against attacks is an ongoing challenge with new threats emerging all the time. At the SANS Blue Team Summit, enhance your current skill set and become even better at defending your organization and hear the latest ways to mi...

Get a preview of material directly from SANS SEC599: Defeating Advanced Adversaries - Purple Team Tactics & Kill Chain Defenses. Once attackers have gained access to your infrastructure, be it through a compromised host or through physical access, they will be looking to gain access to further resources. While there is a wide variety of ways that attackers can use to broaden their footprint in your environment, this webcast will focus on...

Do we ask too much of our security validation platforms? Is it really possible to mitigate risks created by security gaps, vulnerabilities, and external exposure across an entire organization? Yes—it’s all about asking, and answering, the right questions. In this webcast, Senior SANS Instructor Dave Shackleford and Cymulate’s Director of Cyber Evangelism Dave Klein examine the Cymulate Extended Security Posture Management Pl...

Finding flaws is much easier than fixing flaws. That's a fact. Happy to debate it. If this were not the case, we might just have this security thing all wrapped up. There are hundreds of tools that are reasonably successful at telling us what we are doing wrong (think compliance and vulnerability scanners). However, the solutions to these problems are not always as straightforward as they might seem. Sure, our tools and penetration testers wi...

Attackers are circling your cloud-native apps, sniffing your API structure, and lying in wait for one exposed API before they pounce on your vulnerable endpoints. Unfair? Absolutely. So how do you prevent this? Join SANS Senior Instructor Dave Shackleford and a product expert from Traceable as they demonstrate the Traceable AI solution. Watch as they show the importance of API exposure visibility, the realities of detection and prevention, an...

It’s typical for defenders to learn about the latest adversary tactics, techniques, and procedures (TTPs) from a defense perspective – meaning TTPs are viewed from the lens of “how to mitigate this or prevent it from happening again.” Unfortunately, adversaries are smart problem solvers and can quickly adapt to changes made in enterprise security defenses, and even countermeasures. What is it like to view TTPs through t...