SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
Cybersecurity Webinars and Workshops
Unlock industry insights and hands-on learning with upcoming SANS webcasts and workshops. View archived webcasts here.
Fall Cyber Solutions Fest 2024: Threat Hunting and Intelligence Track
Going from responding to incidents to actively hunting threats is a stance shift that requires maturity in your cybersecurity journey. It also requires having access to the right threat intelligence, the right visibility across your environment, as well as the right tools to do the job. Advances in data science and artificial intelligence can help organizations bridge the maturity gap, but we shouldn’t forget that it’s ultimately a human with financial or geopolitical interests who’s behind these attacks. Also the same technology is available to both sides, and just as quickly as new models become more effective at threat detection, malicious actors grow more capable at confusing those models.Likewise, organizations have now access to threat intelligence sources through various vendors and platforms. Yet many are not necessarily seeing all the value threat intelligence can bring because they don't understand how to operationalize it or they are not taking advance of the tools that can help them automate and accelerate their threat-hunting programs.At the same time many security practitioners still struggle with the basics, the three big “knows” that every organization should focus on: knowing your enemy, knowing your network, and knowing your tools. Why? In many cases they are too busy responding to alerts and false positives to do what's needed for a threat-hunting program to be successful.What should organizations do in 2023 to take a more proactive stance, operationalize threat intelligence and focus on maturing their threat hunting program?Join Ismael Valenzuela, SANS author and Senior instructor for the 2024 Cyber Solutions Fest - Threat Hunting and Intelligence Track, and hear talks on:Enriching alerts with threat intelligenceUtilizing XDR and MDR services to help accelerate your threat-hunting programOperationalizing threat intelligenceAutomating threat hunting tasks with XDR, NDR, and threat intelligence solutionsIdentifying the most actionable intelligence for the organization
WebinarCyber Defense
- 8 Nov 2024
- 09:15 UTC
- Terrence Williams
Offensive Security Operations - Penetration Testing of the Future
Offensive security is evolving, and traditional penetration testing is undergoing significant changes. Agile principles and techniques, which have been widely adopted in development and IT operations, are now being applied to penetration testing efforts; penetration testing will never be the same again.
WebinarOffensive Operations
- 11 Nov 2024
- 17:30 GST
- Chris Dale
Understanding the Risk Management Mandates in 2024 Cybersecurity Regulations
The webcast "Understanding the Risk Management Mandates in 2024 Cybersecurity Regulations" is designed to enlighten students about the critical updates in cybersecurity regulations, including those defined by ENISA's NIS2 requirements.
WebinarCybersecurity Leadership
- 12 Nov 2024
- 10:00 UTC
- James Tarala
Part 5 - Ctrl+Alt+Comply: Cloud Services and CIP Standards – What are the current compliance challenges?
The presentation will discuss and highlight the specific compliance issues and considerations to address when evaluating whether to use the cloud for various aspects of electric grid operations. During the presentation, the speaker will address specific NERC CIP Compliance, Rule of Procedure or Operation & Planning regulations that impact the asset owner's cloud infrastructure options.
WebinarIndustrial Control Systems Security
- 13 Nov 2024
- 13:00 UTC
- Tim Conway
SANS 2024 検知とレスポンスサーベイ:サイバーセキュリティオペレーション運用の変革:検知とレスポンスにおける人工知能 (AI)、自動化、システム統合
人工知能(AI)と進化し続けるサイバー脅威の時代において、セキュリティ運用の状況は変化しています。検知とレスポンスに関する調査(2024年)では、検知、対応、およびこれらの重要な機能の組織内での統合の重要な側面について、組織がどのように取り組んでいるかを掘り下げています。この講演では、SANS インストラクターのJosh Lemonが、組織が検出チームと対応チームを別々に維持していることの普及に関する洞察を提供し、そのような決定の背後にある理由と全体的なセキュリティ態勢への影響に光を当てます。
WebinarDigital Forensics and Incident Response
- 13 Nov 2024
- 18:30 JST
- Josh Lemon
Cloud Security for Leaders - Aviata Cloud Solo Flight Challenge Chapter 8
Migrating to and operating in the cloud is a complex process, requiring numerous critical decisions. It’s akin to the role of an air traffic controller in aviation—where decisions and instructions must be directed to the right teams within the organization to ensure a successful cloud migration and smooth operations. This hands-on practical simulation places you in the controller’s seat, allowing you to analyze situations and make the right calls for cloud security actions.
WebinarCloud Security
- 14 Nov 2024
- 10:00 UTC
- Jason Lam
Top Three CISO Strategic Issues
CISOs and security leaders are under increased scrutiny and pressure, not only from internal leadership, but also from external requirements like the updated SEC rules and NIS2 changes in Europe. We'll cover this new regulatory landscape, how to best communicate with the board, and how to build your business case in response to technology shifts like GenAI. Come learn about the top three CISO strategic issues and what you as a modern security leader can do about them.
WebinarCybersecurity Leadership
- 14 Nov 2024
- 13:00 UTC
- Frank Kim
Cloud Security: First Principles and Future Opportunities Part 1 of 5 – Building a Cloud Security Strategy: A Step-by-Step Guide
Part 1: Building a Cloud Security Strategy: A Step-by-Step GuideIn this session, SANS Institute experts will guide you through the key steps in developing a robust cloud security strategy. Whether you're just starting or looking to strengthen your approach, this webcast covers everything from understanding your cloud environment to building a threat detection program and preparing for incident response.
WebinarCloud Security
- 15 Nov 2024
- 11:00 UTC
- Frank Kim, Ashish Rajan, Shaun McCullough + 1 more
Performing ICS/OT Security Assessments - Aligned to the SANS ICS/OT Five Critical Controls
The SANS ICS Five Critical Controls continue gaining traction among the community as well-regarded and must-needed security controls to achieve an organization's baseline ICS/OT Cybersecurity level. However, once established, controls must be assessed to ensure they are implemented soundly. This presentation will review each control and provide areas for quick wins.
WebinarIndustrial Control Systems Security
- 18 Nov 2024
- 17:30 GST
- Mike Hoffman
Understanding the 2024 Updates to the NIST Cybersecurity Framework (CSF)
In this webcast, we'll be focusing on the advancements in the NIST Cybersecurity Framework (CSF) 2.0. As organizations worldwide have adopted the NIST CSF to prioritize essential cybersecurity safeguards and enhance communication with stakeholders, the release of version 2.0 calls for a governance update and refinement of existing strategies.
WebinarCybersecurity Leadership
- 19 Nov 2024
- 10:00 UTC
- James Tarala
SANS Educational Institutions Winter 2025 Program Overview
This webcast will provide a detailed overview of all the products and pricing offered to accredited educational institutions, in the US and Canada through the SANS Educational Institutions Partnership.
WebinarCyber Defense
- 19 Nov 2024
- 14:00 UTC
SANS DFIRCON Miami 2024: Special Edition: Keynote - AI Enhanced Incident Response
Time is critical during incident response. One way we can speed up is by becoming more efficient; this is definitely an area where AI (or really "LLM") technology can help. In this session, we will look at some of the areas where our DFIR teams can quickly use AI assistance to speed up their incident scoping and threat-hunting activities.
WebinarDigital Forensics and Incident Response
- 19 Nov 2024
- 18:30 UTC
- Tarot (Taz) Wake