Does your organization have penetration testers and a red team? Do they work closely with those performing defensive roles to improve the overall security? Far too often, pen tests and red team engagements are performed, leaving only a list of discovered vulnerabilities with no instructions on how to mitigate the findings. This is where purple teaming can be of great value to an organization. It's not a new team, rather, it's an organized effo...

A top-notch security platform requires a significant investment of money, time, and resources, so it's essential to know it's doing its job. Instead of waiting for an attack to test your security controls, on-demand, proactive testing allows you to validate that controls are acting as expected. That means you need a solution that enables you to emulate true threat actors within your environment, making penetration testing more effective and re...

2020 is a year we are unlikely to forget. Between the pandemic, uncertainty, and doubt, we all could use some positivity to get 2021 off to a great start. Join the SANS community of cyber defenders and blue teamers on January 8th for the The All-Around Defender: New Year, New Start event. The All-Around Defender: New Year, New Start is not a summit nor is it a webcast. This event is a special community gathering of individuals who care about o...

As the velocity of IT operations increases, automation is becoming critical for auditors and compliance professionals. In this session, we will cover the basics of using PowerShell for common infosec, compliance and audit tasks. We will make heavy use of demonstrations to explore the object-oriented nature of the shell, important commands for getting help, and how to select, sort, filter and transform results from native Windows tools. We will...

Zero trust has become one of the hottest topics in IT and cybersecurity especially in light of the global pandemic and related work-from-home (WFH) momentum. Zero trust is garnering plenty of headlines but do users really understand zero trust technologies and where they fit? And is now the time to move zero trust from a tactical to a strategic approach that aligns to business initiatives? Join us for our webinar with ESG and Cisco as we take...

Smartphone data can be confusing. There are so many locations, timestamps, and synched data that it may be more difficult than you think to put a person at the scene of a crime or behind an activity. For this Tech Tuesday Workshop we'll walk you through a scenario where the data is confusing. We'll show you how to create your own test data, extract it, and most importantly - validate it! System Requirements: A Mac or PC with permissions to ins...

Discover the most effective steps to prevent cyber-attacks and detect adversaries with actionable techniques you can apply immediately. Join us for SANS Cyber Defense Initiative® 2020 - Live Online (Dec 14-19, EST), and receive relevant cyber security training from real-world practitioners. Choose from over 35 interactive courses taught by industry experts, plus three NetWars Tournaments delivered Live Online. SANS Live Online events offer...

Traditional methods of cyber defense, like perimeter-based network security, have always emphasized the need of keeping adversaries out of our networks, building a fortress that would stop attackers while allowing secure access to legitimate users. In such a model, trust is typically binary: either the user is authenticated (trusted) or not. Once access is granted to a user, that level of trust is hardly re-evaluated, and when it is, it is usu...

In this special session you will play to win the Cyber42 Vulnerability Management Simulation! In this three-hour game day you will play as part of a team to improve the state of a fictional organization and more effectively handle the vulnerability management. During the game, as developed for MGT516: Managing Security Vulnerabilities: Enterprise and Cloud, you will see that the actions you choose can have uncertain outcomes and even unintende...

"Congratulations, you have been selected to conduct a penetration test of our industrial control system (ICS) environment. Please remember, you cannot scan anything, you cannot install anything, and you cannot break anything. Your point of contact, who will watch every move you make, will be..." This is not a joke. More and more companies are requesting penetration tests of their ICS assets. But how can you conduct testing with these restricti...