SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
Cybersecurity Webinars and Workshops
Unlock industry insights and hands-on learning with upcoming SANS webcasts and workshops. View archived webcasts here.
Hands-on Malicious Script Analysis for Ransomware Response
A large majority of ransomware incidents involve both obfuscated scripts and Cobalt Strike. PowerShell reigns supreme as the most common type of obfuscated script found in ransomware cases. Do you know what to do should you find an obfuscated PowerShell script during response? What if you run into an obfuscated, PowerShell-based Cobalt Strike downloader? Do you know how to decode the downloader? Do you know how to review the shellcode found multiple levels within the code structure to determine where the Cobalt Strike beacon is being hosted?
WebinarDigital Forensics and Incident Response
- 16 Aug 2023
- 13:00 UTC
- Ryan Chapman
How to Use Zero Trust to Secure Workloads in the Public Cloud
During the past decade, increasing numbers of organizations have transformed their applications to be cloud native, building workloads based on multicloud architecture. Connecting and securing these cloud workloads has not been effective for many reasons and today, there are many benefits to a converged workload communication architecture that unifies security and operations.
WebinarCloud Security
- 17 Aug 2023
- 13:00 UTC
- Dave Shackleford
Cloud Security Exchange 2023
Where can you find leaders from Cloud Security Controls and Mitigations, and SANS Institute together on one virtual stage? Attend our second-annual, 100% free, online Cloud Security Exchange to learn what’s working and what’s not working in cloud security architecture and cloud threat detection. Build leading cloud security capabilities at your organization with implementation best practices from the world’s foremost cloud security experts.Thousands from around the globe joined us for the inaugural Cloud Security Exchange in 2022 to hear from cloud security experts from SANS Institute and the world’s top cloud security providers. It worked so well that we’re doing it again!We are SO excited to bring you the Cloud Security Exchange 2023 on Friday, August 18th! To view the full agenda, lineup of guest speakers, and details about this event, please visit our event landing page.Download the presentations by logging into your SANS portal and hit download slides.
WebinarCloud Security
- 18 Aug 2023
- 11:00 UTC
- Frank Kim
Deep Dive: Building Security Applications with Generative AI
In this talk, Ahmed Abugharbia and Abdul Kittana will deep dive into various methodologies and options for developing applications using generative AI technologies.
WebinarCloud Security
- 22 Aug 2023
- 10:00 UTC
- Ahmed Abugharbia
The Future of Log Centralization for SIEMs and DFIR – Is the End Nigh?
For many years, security professionals have advocated the approach of collecting logs from all the places where they’re generated and centralizing them into one or only a few places.
WebinarCloud Security
- 22 Aug 2023
- 13:00 UTC
- Dr. Anton Chuvakin & Phil Neray
WhatWorks in Building Security Culture and Maturity Across a Global Enterprise
Successful phishing attacks on end users and system administrators continue to be the factor that enables nearly 80% of damaging security incidents. Many companies are spending on user awareness and education programs but find it is hard to sustain initial gains in phishing awareness, recognition, and resilience and are lacking the data needed to develop and track meaningful awareness metrics.
WebinarSecurity Awareness
- 23 Aug 2023
- 10:30 UTC
- Jason Hodgert, John Pescatore & Janet Roberts
How to use MISP to share qualitative tactical and operational intelligence to a broad community
Intelligence can only be called intelligence if the product can be consumed, actions can be taken or decisions can be made and the product can be shared in a timely manner with everyone who needs to receive it.
WebinarDigital Forensics and Incident Response
- 23 Aug 2023
- 19:00 UTC
戦術的・オペレーショナルインテリジェンスを幅広いコミュニティに共有するためのMISPの活用
インテリジェンスは、その成果物が活用され、アクションを起こし、意思決定がなされ、その成果物を受け取る必要のあるすべての人にタイムリーに共有できる場合にのみ、インテリジェンスと呼ぶことができます。
WebinarDigital Forensics and Incident Response
- 23 Aug 2023
- 19:00 UTC
The Importance of NDR Detection-in-Depth
Detection engineering has evolved into an art, contributing to the success rates of endpoint and network detection and response tooling capabilities. Used to effectively counter the increasing complexity of today’s cyber threat actors, high-fidelity detections can help an organization discover threats earlier, neutralizing them before further damage can occur.
WebinarCyber Defense
- 24 Aug 2023
- 10:30 UTC
- Matt Bromiley & John Gamble
Detecting Critical Vulnerabilities: Nmap NSE Workshop for The CISA KEV Catalog
"This workshop is a hands-on session focused on creating custom Nmap NSE scripts tailored for the CISA Known Exploited Vulnerabilities Catalog. In this 2-hour workshop, participants will learn essential NSE scripting skills, with a specific emphasis on detecting vulnerabilities listed in the catalog.
WebinarCyber Defense
- 24 Aug 2023
- 14:00 UTC
- Jon Gorenflo
An Intro to C for Windows - Part 3
Pointers that point, loops that make you dizzy, and functions that do something. For Part 3 of our series we'll continue where Part 2 left off and then introduce pointers, loops, and functions and their stack frames.
WebinarCyber Defense
- 28 Aug 2023
- 14:00 UTC
- Jonathan Reiter
Beware! Encryption Jedi Mind Trick
When a cloud service provider (CSP) says they are using encryption, that’s when you know you need to dig deeper into the details rather than succumb to the Jedi mind tricks of encryption.
WebinarCloud Security
- 29 Aug 2023
- 10:00 UTC
- Kenneth G. Hartman