SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
Cybersecurity Webinars and Workshops
Unlock industry insights and hands-on learning with upcoming SANS webcasts and workshops. View archived webcasts here.
Discover the ICS Cybersecurity Field Manual Vol. 3
Join Dean Parsons in this webcast as he discusses the key takeaways of the new ICS Cybersecurity Field Manual Vol. 3.
WebinarIndustrial Control Systems Security
- 10 May 2023
- 10:00 UTC
- Dean Parsons
The Myth of Cloud Agnosticism: Why Securing Multiple Clouds Using Terraform is Harder Than You Think
Does a single set of Terraform code securely configure all cloud provides? No, it is practically impossible for any tool to work this way. Learn the real, more difficult techniques required to consistently apply security controls across CSPs using Terraform.
WebinarCloud Security
- 10 May 2023
- 10:00 UTC
- Brandon Evans
2023 Report: Digital Forensics
It is no surprise that there is a shortage of cybersecurity professionals, and year upon year, these careers continue to be some of the most in-demand jobs in the corporate, healthcare, financial, education, and government sectors. While the term cybersecurity is broad in scope, there are many in-demand roles specifically in digital forensics and investigations. Digital forensics is a small subset of cybersecurity which is further broken up into many distinct disciplines, each often requiring their own set of specialized skillsets, aptitude, certifications, and on the job experience. This webcast aims to dissect some of these disciplines and get a feel from the experts why they chose their specific field and what it takes to thrive as a practitioner in niche forensic fields.Register for this webcast now and be among the first to receive the companion report by authors Domenica Crognale (SANS Certified Instructor) and Heather Mahalik (SANS Fellow).
WebinarSecurity Awareness
- 10 May 2023
- 13:00 UTC
- John Gamble, Domenica Lee Crognale, Heather Barnhart + 1 more
SANS Security Leadership New Orleans 2023 - Hands-On Workshop: Cyber42: Operational Cybersecurity Leader
Enhance your proficiency in operational cybersecurity decision-making through immersive team-based simulations with Cyber42. Practice agile decision-making and information synthesis, key skills required for success in leadership roles. Engage in thought-provoking discussions and gain practical insights to improve your cybersecurity competencies. As cyber-attacks become more common and more expensive, many organizations are making a foundational shift to view operations from the point of view of an adversary in order to protect their most sensitive information. Despite vulnerability tools and programs being available for several decades, breaches still happen regularly from known vulnerabilities. Complicating the matter more are a wide range of modern technologies requiring more time and knowledge to manage, more known vulnerabilities than ever before, an unprecedented migration to cloud, and ever-increasing legal and regulatory compliance standards. Information Assurance Engineers, Auditors, SOC Analysts, and Cybersecurity Managers need more to better defend an organization’s data systems. Cyber42 is a leadership simulation game that puts you in the driver’s seat of making tough leadership calls on behalf of a fictitious organization that needs your expertise. Each outcome will be followed by thoughtfully group discussion. The winning team will be decided by who makes the strongest security cultural impact to the fictitious organization. Requirements: A laptop with a current, modern web-browser and administrative rights. Learning Objectives: You will work through different scenarios, each focusing on different elements needed as an Operational Cybersecurity Executive: Vulnerability Management, Security Operations and Defensive Controls. Walk away after the even having advanced the following 5:Gain insight into the cybersecurity landscape from the operational executive perspective Strategically balancing competing priorities for successful outcomesRapid data synthesis and analysis for informed decision-makingRisk-free decision-making in a simulated environment for optimal business outcomesBuilding valuable connections with peers in a dynamic and enjoyable setting
WebinarCyber Defense
- 10 May 2023
- 20:15 UTC
- David Hazar
Building Better Cloud Detections…By Hacking? Azure Edition
Learn how the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our Azure environments
WebinarCloud Security
- 11 May 2023
- 10:00 UTC
- Ryan Nicholson
Top Code Vulnerabilities to Avoid in 2023
Familiar with the SANS25 but looking to take the next steps to secure your applications? In this webinar, we will explore the latest code vulnerabilities identified through real user scans of modern applications and discuss steps organizations can take to safeguard their code and protect themselves from potential security breaches.
WebinarCloud Security
- 11 May 2023
- 10:30 UTC
- Dave Shackleford & Frank Fischer
Community Night Sydney May 2023 - Secure by Design: Supporting Business Implementation
Secure by design is the concept of including Security in everything we do, right at the beginning.
WebinarCyber Defense
- 11 May 2023
- 18:00 AEST
- Mark Williams
SANS Security West 2023 - Keynote: Thinking DFIRently: From Entry to Specialty
The Digital Forensics and Incident Response world. An incredibly broad sphere. We have people trying to get into this world. We have people that have just entered this world. We have people that work day-to-day in this world. We have people that excel in niche areas of this world. Each group thinks they are unique in this world, but actually, one commonality that pervades everyone and everywhere in this world is that we have questions about, “How do I?”.How do I get into DFIR? How do I get better at DFIR? How do I specialize? How do I decide what to specialize in next? How do I get to be like ‘that’ person?Besides these questions, there are more practical questions. What training do I take? What tools do I use? Who should I follow? How can I find a mentor? Why would anyone want to give up their time to help me?Things are changing faster in DFIR than ever before. Questions are everywhere. Let’s walk through the world of DFIR from beginning to end together. Where did you come from? Where do you go? How can you know what is in between? We don’t profess to know all the answers, but I can assure you we all feel the same way, and we are all on this crazy ride together. So let’s get to know each other and the playing field. The theme? You be you and be comfortable in your skin. It is going to be a fun hour and a half!
WebinarDigital Forensics and Incident Response
- 15 May 2023
- 21:00 UTC
- Kevin Ripa
Red and Purple Team: Improve the defenders' ability to stop the attackers
Defenders must be constantly vigilant in their efforts to protect their organization's environment. Through practice, the defenders can be sharpened by red and purple team exercises. This presentation will explore some cassstudies where exercise improved the organization's security posture.
WebinarCyber Defense
- 16 May 2023
- 19:00 UTC
- Timothy McKenzie
SANS Security West 2023 - Hands-On Workshop: Building Detections in Azure
This is a 2-hour hands-on workshop. As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different. In this workshop, which is a follow-on from the talk “Building Better Cloud Detections... By Hacking? (Azure Edition)“, we will work through the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our Azure environments. The overall process and takeaways will be:- Establish proper logging to detect the adversarial activity- Perform the attack to generate the appropriate artifacts- Review the log event data- Create an automated process to quickly discover this activity- Test that the automated process is working effectively by “re-attacking” the Azure accountPrerequisites: An Azure account with administrator accessSystem Requirements: A modern web browser
WebinarCloud Security
- 16 May 2023
- 22:15 UTC
- Ryan Nicholson
The Five ICS Cybersecurity Critical Controls for APAC practitioners
In ICS (industrial control systems) or OT (operational technology) security, there is an endless list of ‘security’ issues that could be ‘remediated’. Many industrial organisations, much less IT/OT stakeholders don’t know where to start.
WebinarCyber Defense
- 17 May 2023
- 13:00 JST
- Peter Jackson
ICS 보안 담당자를 위한 다섯가지 보안 핵심기법
산업 제어 시스템(ICS) 및 운영기술(OT)관련 보안에서는 '해결'될 수 있는 끊임없는 '보안' 문제들이 산재해 있습니다만 담당자들은 보통 어디서 시작해야하는지가 가장 큰 고민입니다.
WebinarCyber Defense
- 17 May 2023
- 13:00 JST
- Peter Jackson