Second webcast of a two-part series, this webcast covers post identification activities. The techniques covered here could also be used for initial identification, but theyre discussed here as though there is already an initial identification which can be used. The effort discussed herein, then, is to effectively determine the scope of an intrusion. Defenders fail to discover the full extent of adversary infrastructure. Defenders claim contain...

As one of the highest-paid jobs in the field, security analysts must become masters of all trades, becoming "all-around defenders," highly competent in threat detection, while maintaining excellent analytical and communication skills. But what are the technical and nontechnical skills required to acquire mastery in this role? And how can industry security solutions augment analysts' capabilities to become more effective? In this webcast, SANS...

Belkasoft X is a new digital forensics and incident investigations product by Belkasoft. Belkasoft X combines computer and mobile forensics in single tool, additionally providing cloud and memory forensics. During the presentation, you will learn how to effectively use the tool on each stage of your investigation: starting with mobile and computer acquisition, followed by low level file system and memory analysis, automated artifact extraction...

In this Game Day42: CISO For A Day, players work for a fictional company building and leading its security program. The goal is to align security capabilities to strategic objectives in order to ensure the security program is helping to meet business goals. in this 90-minute game day you will play individually yet have open communication with other players and SANS staff through a Slack channel to promote discussion and support, as needed. Dur...

The MITRE ATT&CK framework is a powerful tool that provides a language to define, track, and categorize attacker tactics, techniques, and procedures (TTPs). But what if you could use it to gain a deeper understanding of how, why, and when attackers may abuse a technique? By combining threat actor intelligence with the ATT&CK "dictionary," you can add critical context to your detections to increase the effectiveness of your security con...

Scott Register has more than 15 years of experience leading product management and go-to-market activities for global technology companies and is currently vice president of security solutions for Keysight where he is tasked with brining new security solutions to market across Keysight’s broad solution portfolio. Prior his current role, Scott was vice president of product management leading the development of new Ixia products in the are...

IT departments are under incredible pressure to maintain the business productivity for an expanded remote workforce. As the workforce continues to move into a hybrid office & home office environment, the risks of not maintaining security practices are also top of mind. Threat actors are also actively seeking opportunities to benefit from changes in the workforce. One of the most important steps you can take to protect yourself is to use a...

It's hard to forget moments as crucial as when a $1.5 billion deal slips through your fingers. Companies looking to be acquired are learning first-hand how dramatic the effects of poor cyber defense could be on an investment. Our speakers learned first-hand how a ten figure deal can be abandoned simply because cyber auditors slammed the security of one of the portfolio companies. This story is only one among many. Investment arms and acquirers...

Are you a security practitioner who has suddenly been thrown into the world of cloud security and are confused by everything that is expected of you? No need to worry. This talk will go over some of the critical elements that you need to understand as you start your cloud security journey. Well cover where to start, what to pay attention to, and how you can trace a path to expand your cloud knowledge. Asa bonus, well show you in the AWS and Az...

Time is the enemy of cybersecurity. Time spent identifying devices and cloud instances and making sure those devices and instances are properly secured, managed, and up-to-date. Time spent gathering data and solving challenges. For most security and IT teams, these time-based problems stem from a lack of visibility and as environments grow more complex, its only getting worse. Without a clear understanding of everything in your environment, al...