In a post compromise world, SecOps personnel cannot afford to be blind to any potential threat vector. The positioning of EDR and firewalls severely limit the breadth of visibility that SecOps can provide, while the inherent limitations of older technologies like IDS fail to provide the necessary details to adequately detect and investigate modern threats. These limitations have created the need for a network detection and response platform th...

Skilled cloud security professionals are in demand as organizations of all types becoming increasingly cloud-based. Emerging opportunities offer great possibilities for cybersecurity practitioners from underrepresented minority groups. This free, virtual event, hosted by the SANS Diversity, Equity, and Inclusion Task Force, is open to the whole community. Talks and panels will explore topics related to: Public Cloud Security: AWS, Azure and GC...

High-value penetration testing doesn't involve just throwing a bunch of hacks at a target environment and declaring victory when a shell prompt magically pops up. Instead, the best penetration testers focus on understanding their craft in-depth, providing significant value to organizations by improving their security stance through technical excellence and implementation of a well-understood and repeatable methodologies, which will deliver rea...

SANS is committed to delivering high-quality cyber security training so you can keep your skills sharp and stay ahead of cyber threats. Join us for interactive trainings during SANS Cyber Security West 2021 - Live Online (Feb 1-6, PST), and receive relevant, applicable training from wherever you are. Choose your course and register now for practical training taught by top industry practitioners. SANS Live Online events offer live-stream, instr...

This talk reviews each of the five pillars of the Well-Architected Framework and analyzes how best practices for each of the respective pillars contribute to a more secure and operationally excellent environment. Jonathan will discuss why you should add the WAF to your RMF and your CSF, and the tools to succeed in any Cloud.

Defending against attacks is an ongoing challenge with new threats emerging all the time. Are you looking to quickly level up your blue team skills? Do you want to enhance your current skill set and become even better at defending your organization? Are you looking for the latest ways to mitigate the most recent attacks? SANS Stay Sharp: Blue Team Operations 2021 - Live Online (Jan 18-22, MST) offers short courses designed to equip you with cy...

ZIP file full of CSVs. In this session, we will explore how to use data extracted from our environments to present tactical and strategic visualizations to the organization. Beginning with ad-hoc, tactical, automated import into Microsoft Excel for use in pivot tables and charts, we will then move on to using dashboard tools like Grafana to visualize trends in measurements over time. The session will focus on demonstrations of the techniques d...

At SANS, our mission remains steady. We continue to deliver relevant cyber security knowledge and skills, empowering students to protect people and their assets. Join us online for SANS Security East 2021 - Live Online (Jan 11-16, CST), and continue to build practical cyber security skills you can implement immediately. Choose from over 20 courses taught by real-world practitioners, plus two NetWars Tournaments delivered Live Online. SANS Live...

SANS Cloud Defender 2021 – Live Online (Jan 11-16, EST) provides immersion training designed to help you master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. The courses are full of important and immediately useful techniques that you can put to work as soon as you return to your office. Register now for interactive training taught by top industry practitioners. SANS...

Equipped with a knowledge of how to use PowerShell, the audit/compliance/security professional can start gathering measurements of systems and networks. In this session, we use PowerShell to extract data from Windows systems, Active Directory domains, VMWare infrastructure and even Linux systems. We will also explore how to extract data from APIs provided by our security tools. Demonstrations will be used to reinforce the concepts. Objectives...