Are you interested in context for your cloud or container environment when you investigate an event from last week, last month, or last year? Would it save you time to have IDS alerts that include the full context of the connection? Join this session to hear James Schweitzer demonstrate some easy to understand, interlinked network evidence, available wherever you need it and which also enables orchestration.

Today, most organizations would consider themselves “hybrid”, possessing vast on-premises and cloud footprints. Statistics clearly show that cloud adoption continues to grow, and while businesses love the growth and agility provided by cloud providers, there continue to be challenges in the need to secure these various footprints. IT security teams struggle to keep up with complex product stacks, an ever-growing skills shortage gap...

Executive Director Brandon Wales of the Cybersecurity and Infrastructure Security Agency (CISA) and Rob Lee, Chief Curriculum Director and SANS Faculty Fellow, will enter the “Ring of Fire” with our attendees both online and in-person for an attendee-engaging fireside chat! The fireside chat will poll the audience to gather attendee insight in-person and online. We will collect attendee questions and help upvote topics they would l...

Consequences of modern cyber-attacks impacting control systems can range from large power grid blackouts to large cities or major regions, failure of critical manufacturing equipment with massive financial loss, paralyzing smart city infrastructure such as transportation in large municipalities, inflict serious environmental damage, or worse, cause injury or death to facility workers. The obvious choice for ICS security managers and technical...

A vast majority of today's attacks use encryption to bypass defenses. Zscaler's ThreatLabz team analyzes data from the world's largest security cloud, processing over 250 billion transactions per day, to uncover what threats are hiding in SSL/TLS. Join this webinar to learn and discuss how encrypted attacks are evolving, including: The fastest growing threat types The most targeted industries/geographies Where most enterprise defense strategie...

SANS research has shown that more organizations are using multiple cloud providers. Multicloud adoption can be driven by a variety of factors, such as competitive differentiation, mergers and acquisitions, and more. This event explores various results from the SANS 2022 Multicloud Survey, including multicloud adoption trends, how adoption decisions are made, and—most importantly—what cybersecurity teams are doing to cope with the o...

The practice of purple teaming brings together the efforts of red and blue teams and can help organizations easily find visibility gaps in their tooling as well as validate detection logic used to catch threats in their organization. Join this webinar, to learn more about: The benefits of purple teaming and how to automate parts of purple teaming with tools The Splunk Attack Range for purple teaming and detection development Enhanced detection...

In this session, Enrico Benzoni and Andrea Fumagalli will explain how to build and optimize the top three SOAR use cases, sharing invaluable tried-and-true technical details for solving your needs. The fastest security response is not always the right one. However, minimizing response time by prioritizing security incidents, reducing false positives, and quickly investigating alerts is one of the imperatives of successful cyber defense. Noneth...

Threat Exposure Management (TEM) is a new approach to security designed to help organizations identify, prioritize and manage unexpected risks or exposures. This approach differs from standard threat management practices by taking a contextual view of threats, focusing on establishing a process for how information is collected and integrated together to inform better and faster decision making. Though the term, threat exposure management, is n...

Remote work has upended security. Sadly, in reaction, security vendors have developed two substandard solutions: VPN and ZTNA. VPN server ports must be open to the internet and anyone on the internet can try to hack it. ZTNA suffers degraded performance while obfuscating identity creating a huge security blindspot. In this webinar, learn about Zero Networks’ ZNConnect which combines the best aspects of VPN and ZTNA while eliminating thei...