Data privacy is critical for every organization today Its a key component in many strict regulatory mandates, and also a subject of increasing attention from the public at large. Simply put, to avoid steep fines and attract and retain customers, organizations must ensure the privacy of all the sensitive data they process and store. But whats the best path to achieving that goal? Join this webcast with Jake Williams, Senior Instructor at SANS,...

Memory forensics is a key component of any incident investigation involving endpoints. It can help determine whether an infection did in fact occur, and if so, what type of threat is involved. However, most SOC/IR teams do not fully utilize memory forensics techniques as part of their investigations usually from lack of time or technical know-how. In this talk, we will show you how Intezers endpoint scanner and Volatility plugin analyze live e...

In this 90-min session you will play to win the Cyber42 Vulnerability Management Simulation as you try to improve the state of a fictional organization and more effectively handle the vulnerability management. During the game, as developed for MGT516: Managing Security Vulnerabilities: Enterprise and Cloud, you will see that the actions you choose can have uncertain and even unintended consequences. This interactive simulation puts you in real...

As IT workloads transition to the cloud, there's a shift in how organizations develop and deliver systems - and how security must be practiced. This year's SANS survey explores what this shift means for the modern enterprise and its security program. On this webcast, survey authors Jim Bird and Eric Johnson will explore how security professionals must adapt to this new world. Key questions from the survey include: What must they understand abo...

Security Orchestration, Automation and Response (SOAR) tooling is intended to increase efficiency and consistency. These tools also promise to diminish the cost of operating a Security Operations Center (SOC) for most organizations. If used properly, these tools can do all of these things. The challenge is that the tools are frequently bought to avoid the one thing that most organizations do not seem to be able to do on their own: figuring out...

This session will describe the differences between version 7.1 and version 8 of the Center for Internet Security Twenty Critical Security Controls. This major rewrite of the twenty CSCs reflects core changes in today\'s computing and infrastructure environments.

Time spent testing, monitoring, reporting, and updating controls is a resource-intensive practice for most enterprises regardless of your program\'s maturity. While Artificial Intelligence (AI) cannot analyze risk with the same judgment and interpretation as a human, there are several specific use cases where AI and automation can help augment and maximize your efforts to consolidate, coordinate, and communicate risk insights. In this session,...

In our age of digital transformation, an expanding attack surface and sophisticated threat actors have increased cyber risk exponentially. With more technology and data assets to secure, more telemetry data to analyze, more security tools to manage, more alerts to sort, and more threats to defend against, and fewer security analysts to handle this. Detecting and responding to threats became harder for many organizations. How can a modern appro...

Business Email Compromise (BEC) costs organizations like yours $9 billion every year. These hard-to-detect phishing schemes drive more than 40% of all cybercrime losses. But threat intelligence and fraud prevention teams have had little visibility into the scope of their risk, the BEC attack cycle, or threat actors objectives and methods. That is about to change. Agari Active Defense leverages an unparalleled global data footprint, innovative...

Business damages from ransomware and phishing attacks have made it clear that sensitive business information and application must be better protected. Increased enforcement of national- and state-level privacy laws, as well as the need to secure data across multiple cloud environments, has highlighted the need for reliable and transparent data encryption services to protect information while enabling business access. During this SANS WhatWorks...