Over the past few years, we have seen drastic, but welcome, changes in how organizations manage their own software and code. Organizations are embracing security at the code level, encouraging developers and security teams to work closely together. Giving way to the term “DevSecOps”, developers now integrate automated processes to build and ship code, streamline the development cycle, and ship code more securely. However, cyber adv...

Join members of the SANS Industrial Control Systems (ICS) Team in a new ICS Webcast Series: ICS Cyber Resilience, Active Defense & Safety. Presenters will address the recent increase in attack campaigns and impacts seen across multiple sectors in the ICS space. Topics of discussion will include ransomware impacting critical infrastructure, detecting advanced adversaries inside ICS networks, and a variety of other threats and defenses. This...

Why has PowerShell become so popular for ransomware, hacking tools, cloud computing, and security automation? Isn't PowerShell just another command shell? No! Attend this talk by SANS Faculty Fellow Jason Fossen to see what PowerShell really is, how it's being used (and abused) today, and future trends. If you're unfamiliar with PowerShell or you're taking a SANS course with PowerShell labs, like SEC401 or SEC504, then this presentation is esp...

Cyber42: Industrial Edition will put you through the paces as an industrial control system (ICS) security manager as players adapt to challenges in operational technology (OT) environments. Unlike traditional IT networks, industrial equipment is designed to impact the physical world and require special considerations when deploying security technologies. As threats continue to rise targeting these networks, many of which are vital for critical...

In the past year, businesses have been continually under pressure to increase efficiency and keep costs down. This webcast will discuss the results of the SANS 2021 Threat Hunting Survey, and cover ways organizations can defend against yet-to-be-discovered network threats using NDR The potential output of Threat Hunting strongly depends on three factors - visibility, skills, and Threat Intelligence. Recent survey reported .. 51.3% of responden...

Over the past few years, we have seen drastic, but welcome, changes in how organizations manage their own software and code. Organizations are embracing security at the code level, encouraging developers and security teams to work closely together. Giving way to the term “DevSecOps”, developers now integrate automated processes to build and ship code, streamline the development cycle, and ship code more securely. However, cyber adv...

Organizations continue to manage cloud migrations, the challenges of remote working and encrypted communications, the increased data connectivity to external vendors and an expanding range of connected devices, the complexity of the network increases. These changes may enable new business opportunities, but they may also complicate operational support, split existing teams, and ultimately impact security. This survey aims to understand the cur...

With cyber-attacks surging and taking down the likes of hospitals, gas pipelines, and a string of grocery stores, it’s best to keep an eye on evolving threats so you can protect yourself. Join Symantec’s Domingo Guerra and Kevin Haley for a webinar Dec. 9, 2021, 3:30-4:30 ET, where we will discuss how these attacks are being executed, what are their targets and how to keep your organization secure. In this session, you will: See fa...

With continual increase of adoption of public cloud workloads, and the expansion of services therein, security and developer teams have a hard time keeping up with best practices of configurations. While the cloud service providers and commercial partners have helped bridge the gap with Cloud Security Posture Management (CSPM) teams are still left in the dark with not-often-used or newly launched services. Adopting Open Source Security tools c...

As organizations move their resources to the cloud, attackers are increasingly looking for ways to abuse Active Directory Federation Services (AD FS) in hybrid cloud environments to accomplish their objectives. Learn from world-class defenders who responded to the NOBELIUM nation-state attack that abused AD FS. In this session we’ll cover: How defenders can analyze an AD FS attack once compromise is suspected Walk through a demo of commo...