SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
Cybersecurity Webinars and Workshops
Unlock industry insights and hands-on learning with upcoming SANS webcasts and workshops. View archived webcasts here.
New and Updated: Top 20 Cyber Attacks on Industrial Control Systems
This webinar is a preview of a new report - the updated version of the Top 20 Cyber Attacks on Industrial Control Systems. The attack "ruler" of 20 standard attacks now includes nation-state-grade ransomware, IT-targeted ransomware that triggers "abundance of caution" OT / ICS shutdowns, IT-targeted ransomware that triggers OT shutdowns when IT systems vital to OT networks are impaired, and other timely updates. Cloud-seeded ransomware / supply-chain attacks are highlighted as the new biggest risk looking forward.
WebinarCyber Defense
- 15 Sep 2022
- 10:30 UTC
- Andrew Ginter
Emulating, Detecting, and Responding to LOLBAS Attacks – A SEC699 Update Preview
In this preview of new material directly from the updated SANS SEC699: Purple Team Tactics - Adversary Emulation for Breach Prevention & Detection, we will introduce various Living Off the Land Binaries and Scripts (LOLBAS), how to emulate them, detect, and respond to them in a true purple team fashion.
WebinarCyber Defense
- 20 Sep 2022
- 14:00 UTC
- Jean-François Maes
TEST_SUMMIT_ACCESS
TEST_SUMMIT_ACCESS
WebinarCyber Defense
- 28 Sep 2022
- 16:56 UTC
Cybersecurity Standards Scorecard (2022 Edition)
In the 1990s government agencies, industry groups, and cybersecurity researchers started creating cybersecurity standards and these standards led to cybersecurity regulations and laws that dictate to organizations what they must do to protect their data. Today, there are now dozens of standards dictating thousands of cybersecurity controls that organizations can consider when building their cybersecurity plans. Every year more standards are released and the confusion grows. To make the problem even more challenging, no two standards are the same, nor do they even cover the same scope of defenses.
WebinarCyber Defense
- 11 Oct 2022
- 13:00 UTC
- James Tarala
산업시스템(ICS) 위협 환경 및 적극적 방어 전략
이번 웹 캐스트에서는 최근 공격 유형들(campaigns)중에서 고급 산업제어시스템 (ICS)을 대상으로 한 적대적 위협 가능성들(adversary threat capabilities)을 심층 분석하여 산업제어시스템(ICS) 환경에서 일어날 수 있는 실질적 위협을 감지하고 발생한 사고에 대응하는 것에 초점을 맞추고 있으며, 산업제어시스템(ICS)의 공격자TTP(Tactics, Techniques and Procedures/전술, 기법 및 절차) 및 효율적이고 경제적인 사전 방어기법들을 소개합니다. 특히, 강사 Dean은 최근 많은 공격에서 활용되고 있는 사이버무기와 기술들이 전술적 산업제어시스템(ICS) 침해사고대응(IR)에서 드러나는 적대적 공격속성(adversary attribution)보다 왜 더 중요한지에 대해 자세히 다룰 예정입니다.
WebinarIndustrial Control Systems Security
- 12 Oct 2022
- 09:00 UTC
- Dean Parsons
ภัยคุกคามต่อระบบ Industrial Control System และวิธีป้องกัน
การบรรยายนี้จะมุ่งเป้าที่การตรวจจับภัยคุกคามและการตอบสนองต่อภัยคุกคามในสภาพแวดล้อมของ Industrial Control System (ICS) โดยจะเจาะลึกถึงเทคนิคและความสามารถของผู้ร้ายในเคสที่เกิดขึ้นไม่นานมานี้ การบรรยายจะเน้นเรื่อง Tactics Techniques and Procedures (TTP) ของผู้ร้าย และอุตสาหกรรม ICS จะตอบสนองต่อผู้ร้ายอย่างไรโดยที่ไม่ต้องใช้งบประมาณสูง Dean จะแสดงให้เห็นว่าการวิเคราะห์เทคนิคและเครื่องมือ ที่ผู้ร้ายใช้ สำคัญหว่าการระบุตัวของผู้ร้าย ซึ่งจะทำให้การปฏิบัติงานของมีประสิทธิภาพมากขึ้นในอุตสาหกรรม ICS/OT
WebinarIndustrial Control Systems Security
- 12 Oct 2022
- 09:00 UTC
- Dean Parsons
タイトル:産業制御システム(ICS)の脅威の状況とアクティブデフェンス
概要:このWebcastでは、最近の攻撃キャンペーンにおける高度なICS攻撃者の脅威を分析することで、産業用制御システム環境における実践的な脅威の検出とインシデントレスポンスの対応方法についてご紹介します。このWebcastの焦点は、ICS攻撃者の戦術と手順(TTPs)、および産業用制御システムのセキュリティを、いかにプロアクティブかつ最低限のコストで、効果的に実現するかというところにあります。Deanは、近年の攻撃で使用されるツールや技術について理解することが、戦術的なICSインシデントレスポンスにおいて重要である理由を説明し、あらゆるICS/OT重要インフラ部門の業務において実践的なヒントを提供します。
WebinarIndustrial Control Systems Security
- 12 Oct 2022
- 09:00 UTC
- Dean Parsons
Best Practices and Lessons Learned from Starting Up OSINT Teams
Throughout his career, Matt Edmondson has started up several OSINT teams within the U.S. government and worked with private sector cyber threat intelligence teams ranging from Fortune 100 businesses to small startups.
WebinarOpen-Source Intelligence
- 20 Oct 2022
- 13:00 UTC
- Matt Edmondson
クラウドのためのDFIRエビデンス収集と証拠保全
データの保管場所や方法が変わると、そのデータに関するフォレンジックが不要になったという思い込みが生じることがあるようです。しかしクラウドでは、オンプレミスの環境では存在しない新しいデジタルフォレンジックのケイパビリティや奥の深さが存在します。ただしクラウド環境における証拠保全のための正しい設定やセットアップの方法を理解しておく必要があります。
WebinarCloud Security
- 25 Oct 2022
- 18:30 JST
- Josh Lemon
SANS Workshop – Advanced Python Automation Hands On Workshop
Have you heard that SANS has a new Advanced Python Automation class? Are you interested in trying out some of the content? Join us for this workshop where Senior SANS Instructor and course author Mark Baggett will deliver the first hour and a half of content. But wait, isn't the first hour and a half always introductions and no real hands on material? Maybe in other classes but not in this one. Come check it out!
WebinarCyber Defense
- 27 Oct 2022
- 13:00 UTC
- Mark Baggett
The 5 Critical Controls for ICS/OT Cybersecurity
SANS authors and instructors Robert M. Lee and Tim Conway have been working with the community to analyze all the known ICS cyber attacks for the purpose of creating the most important cybersecurity controls for organizations to implement.
WebinarCyber Defense
- 31 Oct 2022
- 13:00 UTC
- Tim Conway & Rob M. Lee
Security Masterclass - Privilege Without the Pain
With great power comes great responsibility. Privileged accounts are a necessary part of everyday IT operations, but managing them to date has been complex and costly with a lot of disruption to the business, so organizations only deploy solutions when they really have to e.g. compliance drivers.
WebinarCloud Security
- 3 Nov 2022
- 13:00 UTC
- Martin Cannard