XDR (extended detection and response) is the hot new buzzword in the security industry but so far there isn't a lot of agreement on what defines XDR. The goal makes sense. Extend your detection capabilities across your hybrid network to catch advanced threats like zero days, supply chain attacks, and insider threats, and respond quickly before damage can be done. Join us as we explore the pros and cons of XDR such as, is it realistic that one...

While there is value in real-time DNS data, passive DNS offers a wealth of historical DNS records analysts can use to gain valuable insight into changes over time. These changes provide the key context needed to identify risks and respond to security threats. In this webcast, SANS analyst Dave Shakleford reviews Farsight Security's Passive DNS Database (DNSDB), a passive DNS data service designed to help investigators enhance the efficiency an...

The U.S. Bureau of Labor Statistics reports that the employment of information security analysts is projected to grow 32% from 2018 to 2028, much faster than the average for all occupations. As one of the highest-paid jobs in the field, security analysts must become masters of all trades, becoming “all-around defenders,” highly competent in threat detection, while maintaining excellent analytical and communication skills. But what...

What does it mean to evaluate your attack surface? For many organizations, it may simply mean running a vulnerability scanner against their perimeter and hoping an attacker does not do the same. This legacy thinking leaves out all the nooks and crannies that attackers have become adept at finding. Your attack service should also include your system and network configurations, brand exposure, and knowledge of how your data is secured amongst nu...

Following a hugely successful initial run of the new security operations leadership course, MGT551, some of SANS best blue team minds have come together to build a brand new 5-day version of Building and Leading Security Operations Centers! Expanding upon the initial course themes of SOC design, organization, evaluation, and improvement, the new MGT551 offers an in-depth look at what it takes to build and manage next-level cyber defenses inclu...

Take a new look at Cisco Secure Email. We've radically simplified the way email is protected and how companies choose to migrate to the cloud. We've enhanced our comprehensive protection to defend against all attack methods with pinpoint accuracy. And we've raised the bar on integration with coordinated, multi-layered email security controls and the built-in capabilities of SecureX. We've optimized Secure Email to live up to its name more fully.

This SANS survey explored the types of services organizations are using, what types of controls and tools provide the most value, and how effective cloud security brokering is for a range of use cases. in this webcast, SANS analyst Dave Shakleford will join sponsor speakers to explore how survey results can inform and improve your cloud security posture. Register for this webcast to be among the first to receive the associated whitepaper writt...

The cybersecurity community is evolving from a fortress mentality of "network defense" to a "threat-informed defense" approach to achieve cybersecurity effectiveness, with purple team operations at the center. Why is this happening and what does this transition mean? Over the last decade, the U.S. military has been at the forefront of the transition to threat-informed defense operations, first in the intelligence-operations bond that developed...

Wondering which ICS assets are most commonly targeted and which assets to obtain security logs for your OT SOC? Looking for ICS incident response tabletop ideas? How to start an ICS assessment (pen test vs. vulnerability assessment) or see how the NIST CSF Categories map to whats important in ICS? We have recently published a series of ICS Cheat Sheets to guide the community in answering these questions. Join us in this webcast as Dean provide...

Join us for an update on the 2012 classic Thirteen Ways to Break a Firewall. We review an updated list of 13 common kinds of breaches, with a host of real-life examples. These intrinsic weaknesses are the big reason secure sites demand at least one layer of unidirectional protection in their defense-in-depth architectures.