High-value penetration testing doesn't involve just throwing a bunch of hacks at a target environment and declaring victory when a shell prompt magically pops up. Instead, the best penetration testers focus on understanding their craft in-depth, providing significant value to organizations by improving their security stance through technical excellence and implementation of a well-understood and repeatable methodologies, which will deliver rea...

SANS is committed to delivering high-quality cyber security training so you can keep your skills sharp and stay ahead of cyber threats. Join us for interactive trainings during SANS Cyber Security West 2021 - Live Online (Feb 1-6, PST), and receive relevant, applicable training from wherever you are. Choose your course and register now for practical training taught by top industry practitioners. SANS Live Online events offer live-stream, instr...

This talk reviews each of the five pillars of the Well-Architected Framework and analyzes how best practices for each of the respective pillars contribute to a more secure and operationally excellent environment. Jonathan will discuss why you should add the WAF to your RMF and your CSF, and the tools to succeed in any Cloud.

Defending against attacks is an ongoing challenge with new threats emerging all the time. Are you looking to quickly level up your blue team skills? Do you want to enhance your current skill set and become even better at defending your organization? Are you looking for the latest ways to mitigate the most recent attacks? SANS Stay Sharp: Blue Team Operations 2021 - Live Online (Jan 18-22, MST) offers short courses designed to equip you with cy...

ZIP file full of CSVs. In this session, we will explore how to use data extracted from our environments to present tactical and strategic visualizations to the organization. Beginning with ad-hoc, tactical, automated import into Microsoft Excel for use in pivot tables and charts, we will then move on to using dashboard tools like Grafana to visualize trends in measurements over time. The session will focus on demonstrations of the techniques d...

At SANS, our mission remains steady. We continue to deliver relevant cyber security knowledge and skills, empowering students to protect people and their assets. Join us online for SANS Security East 2021 - Live Online (Jan 11-16, CST), and continue to build practical cyber security skills you can implement immediately. Choose from over 20 courses taught by real-world practitioners, plus two NetWars Tournaments delivered Live Online. SANS Live...

SANS Cloud Defender 2021 – Live Online (Jan 11-16, EST) provides immersion training designed to help you master the practical steps necessary for defending systems and applications in the cloud against the most dangerous threats. The courses are full of important and immediately useful techniques that you can put to work as soon as you return to your office. Register now for interactive training taught by top industry practitioners. SANS...

Equipped with a knowledge of how to use PowerShell, the audit/compliance/security professional can start gathering measurements of systems and networks. In this session, we use PowerShell to extract data from Windows systems, Active Directory domains, VMWare infrastructure and even Linux systems. We will also explore how to extract data from APIs provided by our security tools. Demonstrations will be used to reinforce the concepts. Objectives...

Review of the top used AWS services and which security features you dont want to forget about. Highlighting applicable CIS AWS Foundations Benchmark recommendations And calling out any other security controls that should not be overlooked

Organizations in every sector are increasingly adopting cloud offerings to build their online presence. However, although cloud providers are responsible for the security of the cloud, their customers are responsible for what they do in the cloud. Unfortunately, the providers have made the customer's job difficult by offering many services that are insecure by default. Worse yet, with each provider offering hundreds of different services and w...