Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training
Can't find what you are looking for?

Let us help.

Contact us
Resources
SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

CISO Network

Engage, challenge, and network with fellow CISOs in this exclusive community of security leaders

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations
Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk with an expert
Talk with an expert

Cybersecurity Webinars and Workshops

Unlock industry insights and hands-on learning with upcoming SANS webcasts and workshops. View archived webcasts here.

Filter by:
Showing 84 of 834

Active ICS Cyber Defense: Colonel Mustard...Candlestick... Kitchen

The presentation draws attention to practical threat detection and incident response from dissecting advanced ICS adversary threat capabilities, tactics techniques and procedures. Dean will illustrate why the cyber weapons and the techniques may be more important than adversary attribution for tactical ICS incident response.

WebinarCyber Defense
Webcast Abstract Image
  • 28 Jun 2022
  • 19:00 CEST
  • Dean Parsons
View details

SEC670: Red Team Ops – Windows Tool Development Preview

Join SEC670 course author Jonathan Reiter and SANS Principal Instructor Jorge Orchilles as they give a sneak peek at the latest SANS Red Team Ops course – Windows Tool Development. This is an advanced, 600-level course for the experienced Red Teamers. As Red Teaming evolves, you will realize that custom windows tool development is a requirement. Your generic and default payloads from most offensive tools will (and should) be caught by your security controls. Red Teams must build custom code to evade defenses and gain the objectives.

WebinarCyber Defense
Webcast Abstract Image
  • 29 Jun 2022
  • 15:30 UTC
  • Jonathan Reiter & Jorge Orchilles
View details

Ransomware Impact on Large Global Enterprises

Over the past few years, ransomware has become one of the defining cyber threats for organizations of all sizes. Organizations have changed their response processes, insurance policies, and staffing requirements based on this pervasive threat. Ransomware operators have made it clear that no industry or organization is safe, as they look to exploit any weakness in Internet-facing devices and services to get in and wreak havoc.

WebinarCloud Security
Webcast Abstract Image
  • 30 Jun 2022
  • 10:30 UTC
  • Matt Bromiley & Kevin Kennedy
View details

Querying with Kusto

If you have ever needed to analyze data in your Azure cloud environment, chances are you have run across the Kusto Query Language. Join me as we go over the basics of Kusto and the Kusto Query Language, discuss how it is leveraged in Azure, and learn how to get started if you are unfamiliar with the language and syntax.

WebinarCloud Security
Man presenting webcast
  • 12 Jul 2022
  • 18:00 UTC
  • David Hazar
View details

Demystifying SIEM, EDR, XDR & MDR

CISOs and security practitioners are now being bombarded by new acronyms such as XDR which seem to overlap with “older” acronyms like EDR, SIEM, and MDR.According to Gartner, XDR is mainly attractive to smaller security organizations that don’t currently have a SIEM, and it will likely not displace SIEM functionality in large and mature security operations. And according to Forrester, XDR is grounded in EDR and also on a collision course with SIEM and SOAR.

WebinarCloud Security
Two people presenting a webcast
  • 19 Jul 2022
  • 15:30 UTC
  • Dr. Anton Chuvakin
View details

Vulnerability Management - Finding Context

Do you ever run into problems with your vulnerability management program that you wished you had at your fingertips just one more little piece of information? To help conduct some prioritization, or to know who the business owner is, or to inform people this was an end of life system… All valuable and great to have readily available. But alas, we often are missing information, or it is not easy to access.

WebinarCyber Defense
Webcast Abstract Image
  • 20 Jul 2022
  • 15:00 UTC
  • Jonathan Risto
View details

Xâm phạm giả định (Assumed Breach) - Mô hình tiếp cận tốt hơn

Thay vì giả định rằng một vụ rò rỉ dữ liệu sẽ xảy ra, nhóm bảo mật nên dự đoán thời điểm xảy ra rò rỉ. Trong bước ngoặt mới về bài kiểm thử thâm nhập, chúng ta đặt kẻ tấn công (những chàng trai/cô gái tốt bụng) vào hệ thống với tư cách người dùng được ủy quyền. Mục tiêu của bài kiểm thử là để mô phỏng hệ thống khi bị xâm nhập hoặc một thành viên nội bộ xấu xa. Mục tiêu kiểm thử nên tập trung vào rủi ro kinh doanh và ảnh hưởng của vấn đề bảo mật, lỗ hổng bảo mật, cấu hình sai đến dữ liệu và quy trình quan trọng của tổ chức. Mục tiêu nên dựa trên hoạt động kinh doanh và rủi ro thực tế, không xoay quanh sự vượt trội về mặt kỹ thuật và quá trình truy cập ban đầu chậm chạp (và tốn kém).

WebinarCyber Defense
Man presenting webcast
  • 21 Jul 2022
  • 11:30 UTC
View details

Corellium for Mobile Device Security

When analyzing Android apps, we can choose to use either a real device or an emulator, however, for a very long time, the only option for iOS was a real device. Luckily, this has changed, and Corellium now offers iOS and Android virtualization which allows us to analyze applications from either OS on a virtualized device.

WebinarOffensive Operations
Man presenting webcast to laptop screen
  • 2 Aug 2022
  • 11:00 UTC
  • Jeroen Beckers
View details

SANS Workshop – Building an Azure Pentest Lab for Red Teams

In this SANS Workshop, you will learn how to use Infrastructure as Code and open-source tools to automatically create an Azure Active Directory security lab which can be used for your own security simulations and use cases. After automatically creating Azure AD users, Applications, and RBAC role assignments, participants will have hands-on exercises to perform reconnaissance and a specific attack pathway that abuses mis-configured roles and permissions.

WebinarCloud Security
Webcast Abstract Image
  • 11 Aug 2022
  • 11:00 UTC
  • Jason Ostrom & Aaron Cure
View details

SANS DFIR Summit 2022: Solutions Track - DFIR

Many of the aspects that make DFIR so exciting are also what makes this career field challenging: no two investigations or days in this field are ever the same. We strive to keep pace with changes in technology while attempting to get ahead of attackers who modify their methods to evade detection in this sea of interconnected digital devices.

WebinarDigital Forensics and Incident Response
Two people presenting a webcast
  • 15 Aug 2022
  • 10:45 UTC
  • Domenica Lee Crognale & Lodrina Cherne
View details

Common Persistence Strategies - Emulating, Preventing, and Detecting

In this follow-up webcast to Finding the Hidden Visitor - Persistence Mechanisms to Look Out For, we will do a review of the most commonly used persistence mechanisms and provide some examples on how they are used by attackers, as well as how they try to prevent detections by combining tactics.

WebinarCyber Defense
Man presenting webcast
  • 14 Sep 2022
  • 10:00 UTC
View details

Vulnerability Management - Is the Program Effective?

So you have a vulnerability management program. Great. Excellent. But are you able to let the management team know if it is being effective or not?

WebinarCyber Defense
Webcast Abstract Image
  • 14 Sep 2022
  • 15:00 UTC
  • Jonathan Risto
View details