Join members of the SANS Industrial Control Systems (ICS) Team in a new ICS Webcast Series: ICS Cyber Resilience, Active Defense & Safety. Presenters will address the recent increase in attack campaigns and impacts seen across multiple sectors in the ICS space. Topics of discussion will include ransomware impacting critical infrastructure, detecting advanced adversaries inside ICS networks, and a variety of other threats and defenses. This...

Just as networks have changed, so too have packet capture solutions. Modern packet capture solutions can identify the traffic that analysts can't decrypt and stop storing additional traffic to increase retention. Some can even send traffic to other devices that can ingest packet capture data, creating the need for only a single less expensive network tap to send data to multiple systems. And they’re even less expensive than their more an...

Snyk recently released a report on the State of Cloud Native Application Security to define how cloud native adoption has transformed the way modern organizations manage security threats. After surveying over 600 respondents, the report found that high levels of deployment automation empower continuous security testing when building cloud native applications. “Nearly 70% of respondents with high levels of deployment automation were able...

In this webinar series, Jake Williams takes a hands-on approach to forensics packet analysis, using real-world examples to demonstrate how to analyze network packet data to uncover and investigate threats. The series takes a protocol-by-protocol approach. It is an ideal introduction to packet forensics for beginners and a great source of expert tips and tricks for more experienced security analysts. In this episode Jake takes a deep dive into...

This year's survey explored the explosion of both remote work and the use of cloud-based systems on critical SOC functions and team operations, as well as shifting budgets. This webcast explores the results of our 2021 SOC Survey, which included real-world commentary taken from in-depth interviews with respondents who shared specific information about how they operate, as well as what does (and does not) work for them.

Security Orchestration, Automation and Response (SOAR) tooling is intended to increase efficiency and consistency. These tools also promise to diminish the cost of operating a Security Operations Center (SOC) for most organizations. If used properly, these tools can do all of these things. The challenge is that the tools are frequently bought to avoid the one thing that most organizations don\'t seem to be able to do on their own: figuring out...

You are probably aware and knowledgeable about MITRE ATT&CK, BUT what happens when its not applied well? With the pandemic, it brought the rise of working remotely, which increased inefficient communications and burnout and adversaries used it in their favor when exploiting companies around the world. With a 400% increase of breaches in 2020, companies need to become much more aware of techniques that adversaries use to attack, in order to...

The 2nd annual SANS Cyber Solutions Fest aims to connect cybersecurity professionals of all levels with the latest solutions, tools, and techniques to combat today's cybersecurity threats. Featuring 4 unique levels: Threat Hunting & Intel, SOC & SOAR, MITRE ATT&ACK®, and Cloud Security Network in real-time with over 30 sponsors and learn from top industry experts Join interactive panel discussions, discover job opportunities, c...

Every year at major security conferences, you can tell the trends in security because seemingly every product and service is being positioned as look at how we make things easier/cheaper/better. A few years ago, that was cyber threat intelligence (CTI). Then, it inexplicably changed to threat hunting. But practitioners know that you cant really separate threat hunting and threat intelligence any more than you can separate logs from a SIEM. Jus...

As more organizations shift to using a wide variety of cloud services, the nature of many security controls weve relied on is changing, and in some cases vanishing. With the new threat surface cloud brings, theres a definitive need for new, more cloud-friendly security tools and services that can help align with SaaS, PaaS, and IaaS deployments across all business cases. The focus we need to look at is what comes next in Cloud Security. Cyber...