SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
Cybersecurity Webinars and Workshops
Unlock industry insights and hands-on learning with upcoming SANS webcasts and workshops. View archived webcasts here.
2023 Report: Top New Attacks and Threats
This webcast takes a deep dive into the threats highlighted during the annual SANS keynote panel discussion at the RSA® Conference 2023. This webcast will include insight from SANS instructors Ed Skoudis, Heather Mahalik, Dr. Johannes Ullrich, and Katie Nickels on the dangerous new attacks techniques they see emerging. You’ll get actionable advice on the critical skills, processes, and controls needed to protect enterprises from these advanced attacks.Register for this webcast now and be among the first to receive this whitepaper from SANS author and Director of Emerging Security Trends John Pescatore and SANS Certified Instructor Domenica Crognale.
WebinarSecurity Awareness
- 28 Jun 2023
- 13:00 UTC
- Domenica Lee Crognale, Jon Garside & José Hernandez
Containers Workshop: How They Work and How To Assess Them
Our containers workshop will be a two-hour workshop that will focus on how we can assess vulnerabilities in containers. As containers are part of the modern software stack, your company may use containers locally on a system and remotely on servers. Containers can be deployed on stand-alone servers, to a container service like AWS ECS, and on orchestration technologies like Kubernetes. Given how ubiquitous containers are, you will likely either be working with or attacking them at some point in your career.
WebinarCyber Defense
- 29 Jun 2023
- 12:00 UTC
- Moses Frost
Threat Hunting via DeepBlueCLI v3
Every incident ends with a lessons learned meeting, and most executive summaries include this bullet point: "Leverage the tools you already paid for"Are you leveraging the tools you already paid for? Are you using the host-based firewall to block/alert when applications like PowerShell, PSExec, and WMIC attempt to make outbound connections from non-IT clients? Have you enabled AppLocker?
WebinarCyber Defense
- 29 Jun 2023
- 13:00 UTC
- Eric Conrad
Is Retail a Security Fail? Make Sure Your PoS is Not a POS
Whether it's a brick-and-mortar storefront or an e-commerce platform, no player in the retail space is safe from cyberattacks. Over the past decade, we have seen major breaches of big-name stores, resulting in multi-million dollar settlements and hundreds of millions of affected users. But what exactly is going on here? We will examine the mechanisms cybercriminals use to exploit retail stores and platforms, what they look for, and, most importantly, what can be done to thwart threats and leave cyber criminals on the shelf.
WebinarCyber Defense
- 29 Jun 2023
- 13:00 UTC
- Dave Shackleford & George Gerchow
SANS Cyber Defence Australia 2023 Community Night - June 29
Presentation 1 - The Five ICS Cybersecurity Critical Controls for APAC PractitionersPeter Jackson, Certified Instructor CandidatePresentation 2 - Establishing the Link Between Corruption and CybercrimeJason Jordaan, Principal Instructor
WebinarIndustrial Control Systems Security
- 29 Jun 2023
- 18:00 AEST
- Peter Jackson & Jason Jordaan
Using SOF-ELK® to Speed Up Incident Response
SOF-ELK® (Security Operations and Forensics ELK) is a public, fully-configured, appliance-like distribution consisting of components from the Elastic Stack as well a hundreds of parsers and numerous dashboard for various log formats commonly encountered in incident response and security operations work.
WebinarDigital Forensics and Incident Response
- 4 Jul 2023
- 19:00 UTC
- Phil Hagen
SOF-ELK® を活用してインシデントレスポンスを迅速化
SOF-ELK® (Security Operations and Forensics ELK)は、Elastic Stackのコンポーネントと、インシデントレスポンスやセキュリティ運用業務で必要とされることの多い様々なログフォーマット用の数百のパーサーと数多くのダッシュボードから構成されており、すぐに利用できるように事前に設定されたアプライアンスのようなディストリビューションとして公開されています。
WebinarDigital Forensics and Incident Response
- 4 Jul 2023
- 19:03 UTC
- Phil Hagen
SANS Cyber Defence Australia 2023 Community Night - July 6
Presentation 1 - DevSecOps - We Are The Champions and 2023 Chris Edmundson, Associate InstructorPresentation 2 - 2023 SOC Survey - Highlights and Deep Drive presentedChristopher Crowley, Senior Instructor
WebinarIndustrial Control Systems Security
- 6 Jul 2023
- 18:00 AEST
- Chris Edmundson & Christopher Crowley
Building a New Cybersecurity Alert Priority Matrix
There is a common tug-of-war between SOC staff, detection engineers and CSIRT/DFIR professionals when determining how important or severe an alert or detection is.
WebinarDigital Forensics and Incident Response
- 6 Jul 2023
- 19:00 UTC
- Josh Lemon
Hello SANS World! セキュリティの人材育成とスキルアップのためにできること
この講演では、まずはじめにセキュリティ業界の現状を説明し、人材育成の重要性についてお話します。SANSでは70コース以上用意しており、セキュリティの知識レベルに合わせたコースをご受講いただけます。
WebinarSecurity Awareness
- 7 Jul 2023
- 10:00 UTC
Advanced Python CTF
Advanced Python CTF based on Mark Baggett’s SEC673 Advanced Information Security Automation with Python.
WebinarCyber Defense
- 8 Jul 2023
- 09:00 UTC
- Mark Baggett
Dodge the Sliver Bullet and Find the Smoking Gun
Sliver is rising in popularity and is thought to be taking significant market share off other well known C2 frameworks. Corelight Content can better power your Sliver detections highlighting what's on your network to build a strategic data reserve when you need to investigate an incident. Come learn about Corelight Content, insightful community developed detections, and an open NDR that puts the power in your hands.
WebinarCyber Defense
- 11 Jul 2023
- 12:30 UTC
- James Schweitzer