A single successful exploit is all it takes for the dominos to start falling Everyone knows we should patch. Actually doing this, however, is remarkably challenging. Especially considering that it must be done quickly, efficiently, and consistently across the entire enterprise, over time. Anyone who is even remotely involved with this critical, never-ending (and often thankless) task is keenly aware of these dynamics. But, even if youre one of...

Today's cyber attacks seem to be changing at breakneck speed. Attackers are ever-increasing their arsenals, quickly pivoting through environments and deploying devastating malware within a matter of minutes or hours. School districts, hospitals, and critical infrastructure pipelines are held hostage for tens of millions of dollars. One thing is clear: We must constantly find ways to shift the advantage back to the defenders. In this product re...

Threat intelligence can be a powerful tool to fine tune SOCs efficiency and effectiveness in defending against cyber threats. Join this session to learn how to make the most out of threat intelligence and productively apply it to all the key functions in the SOC protection, detection, and response. Our speakers will walk you through: What companies do to reduce the gap between cyber resilience and business impact How to predict and prevent, th...

This year's SANS survey explored what shifting to the cloud means to modern enterprises and their security programs. On this webcast, survey author Jim Bird will moderate a roundtable discussion with Veracode representatives about results from the SANS 2021 DevSecOps survey. Register today to be among the first to receive the associated whitepaper written by SANS analyst and course author Jim Bird and SANS instructor and course author Eric Joh...

Organizations everywhere are working to improve their cybersecurity postures. One key enabler of that for both private and public sectors is the comprehensive guidance provided by the NIST Cybersecurity Framework (CSF). This framework is being increasingly adopted by public and private sector organizations to help them: Enhance their security posture Defend against and respond to cyber threats Pass compliance audits Join Gil Vega, CISO of Veea...

The Cybersecurity Maturity Model Certification (CMMC) is the US Department of Defenses response to recent compromises of sensitive defense information that resides on contractors' information systems. Contractors remain responsible for implementation of critical cybersecurity requirements, but CMMC requires a third-party assessment of contractors' compliance with mandatory practices, procedures and capabilities, in order to prevent potential c...

Phishing is one of the most costly, invasive, and sinister forms of cyberattack that companies worldwide experience every day. Phishing has cost victims across multiple sectors more than $26 billion over the past 3 years alone. And these attacks continue to become more sophisticated by the hour, impersonating your colleagues, trusted clients, business partners and even online collaboration tools. But like with anything, knowledge is power. In...

As IT workloads transition to the cloud, there's a shift in how organizations develop and deliver systems and how security must be practiced. On this webcast, survey author Jim Bird will moderate a roundtable discussion with Micro Focus representatives about results from the SANS 2021 DevSecOps survey. Register today to be among the first to receive the associated whitepaper written by SANS analyst and course author Jim Bird and SANS instructo...

This survey builds on the SANS 2021 Cloud Security Survey, with an emphasis on how cloud security has changed the enterprise infrastructure with the COVID-19 pandemic and an increasingly remote workforce. Key questions examined in the survey include: Is the cloud now considered part of the enterprise network? Specifically, SANS is looking for increased use of third-party cloud solutions. How are organizations using network traffic/metadata for...

Asset visibility, threat detection, and investigative playbooks are critical ICS/OT technologies in your defense against industrial adversaries. However, accessing the information that these technologies need can be a significant challenge for asset owners and operators, as this information is often located throughout your OT environment, including the lower layers of the OT architecture. To solve this problem, Network Visibility tools are use...